EasyGPG 4.49.2 (2021-09-14)

If the domain name in the address bar is anything other than
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/, or,
you have an insecure connection to this site through a portal, and the portal probably added JavaScript scripts. If you can not use Tor, I2P, or ZeroNet, you would do better to use

EasyGPG is an easy-to-use GUI for GPG (GNU Privacy Guard) that uses Zenity and Xclip.

EasyGPG is released under the GNU General Public License, version 3.0. Feel free to hack away at it. See the notice at the bottom of this page.

Here’s the help page for EasyGPG. This is written to be understood even by those who barely understand what encryption is.

Here’s a page with more technical details about EasyGPG.

EasyGPG will do something useful with any file or folder you drop onto its Desktop file. All files created by GPG are handled as you would hope except for detached signatures. EasyGPG properly handles all keys and messages appearing in text, even if there are several.

Installing EasyGPG for the First Time

When you click on the following link, you will be prompted either to save the file or open it with the appropriate software. If you save it, find where you saved it, and then double-click it.

In either case, extract the contents of the file, which will be a folder called EasyGPG-Installer. Open this folder, and double-click Install EasyGPG. The installer will download the latest version of EasyGPG, and then prompt for a location in which to save your new EasyGPG folder. By default, the new EasyGPG folder will be named easygpg, but you can use any name you like. When installation is complete, some windows will pop up. Read these, and you are on your way to using EasyGPG.


Updating EasyGPG

Versions Earlier than 3.0

Follow the instructions above, but select your already-existing EasyGPG folder. If you do this correctly, you will be asked whether or not you want to replace the existing EasyGPG. Click “Replace” to replace your old version of EasyGPG with the latest version.

In the EasyGPG-Actions folder, double-click EasyGPG Help to read about this new version.

Versions 3.0 or Later

If your present version is 3.0 or later, but earlier than 4.0, select “Check for a new version of EasyGPG” in the main menu. Otherwise, double-click Check for a new version of EasyGPG in the EasyGPG-Actions folder.

If the version you just updated to is not EasyGPG 4.49.2, update again.

You may have to refresh the folder to make the icons appear correctly after updating.

Documents of Interest to the Sort of People Who Use EasyGPG

Here’s an annotated list of documents I’ve collected over the years. This list will continue to grow as I add more files I already have to the list and collect and add new files as well.


screencast videos of EasyGPG
the EasyGPG installer
my public key as a text file
command-line help
easygpg.sh as a signed tar archive in text form
the easygpg folder as a signed tar archive in text form
past versions of EasyGPG and the EasyGPG installer



When using software, the greatest threat to privacy and security is the Internet. EasyGPG will not attempt to communicate with the Internet unless you tell it to read text from the Internet or check for a new version. I will make no attempt to discover who is using my software, where, when, or for what purpose.

This Website

If you are viewing this page on http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/ or http://easygpg2.i2p/, your request has been logged in a request log. All the entries in this log are erased once every 24 hours, and this log is not backed up.

Each log entry includes only the following information: the local date and time, the “Host” header sent with the request (one of the two domains above), the request type (GET or HEAD — all other requests return an error), the document or directory requested, the HTTP status code (200, etc.), and the number of bytes returned to the requester.

Clearnet sites typically log the IP address of the requester, but, with .onion sites this is always, and with .i2p sites it is an I2P base-32 address. Neither of these identifies the requester, and, in any case, I do not log addresses.

If you are viewing this page on, there is no request log anywhere that I am aware of or have possession of or control over.

Clearnet sites often have request logs that include the “Useragent” and “Referer” headers sent with the request (if any). Such information might be of interest to “authorities.”

No “authorities” have ever communicated with me about the EasyGPG sites — not the three mentioned above, and not the EasyGPG items on Codeberg or the Internet Archive, either.

Of course my request log is not shared with anyone else, and it is on a machine that no one else is allowed to log onto.

The only purpose of having a request log at all is to identify possible abuse: DoS attacks, etc. I have seen no such abuse so far, but I have seen much probing. Most of this probing generates 404 errors.

Many requests are received for files and folders that would be present if I used WordPress, which I do not. There are also many requests for server-status, which might exist if I used certain web server software. I create my site with asciidoc and some shell scripts I have written.

My web pages contain no scripts, although ZeroNet uses scripts to implement the ZeroNet interface.

Here are the response headers returned by EasyGPG’s .onion and .i2p sites. Of course, the dates and times will depend on when the request is made, and the content length will depend on the file requested. Some of these headers, if your browser follows the standards, will help protect your privacy.

HTTP/1.1 200 OK
Date: Sat, 29 May 2021 19:06:27 GMT
X-Frame-Options: SAMEORIGIN
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), interest-cohort=()
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; media-src 'self'; img-src 'self'; style-src 'unsafe-inline'
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 9412
Content-Type: text/html
Last-Modified: Mon, 17 May 2021 18:56:38 GMT

Copyright Notice

EasyGPG 4.49.2
Copyright (C) 2015 - 2021 the author indicated below
The author of EasyGPG made an OpenPGP, RSA key pair.
The fingerprint of this key pair is
easygpg.sh contains the public key of this key pair,
as well as 3 PGP messages signed with it.

EasyGPG is distributed under the terms of the GNU General
Public License, version 3 (https://www.gnu.org/licenses/gpl.html).
EasyGPG is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY--without even the implied warranty of
GNU General Public License for more details.

Last updated 2021-09-14 17:29:34 UTC