How to Use GPG to Encrypt and Decrypt Files?

Source: Internet
Author: User
Keywords gpg encrypt file gpg file encryption gpg decrypt file
Goal: Use GPG to encrypt files
Release: applicable to any release
Requirements: Linux with GPG installed or root permission to install it.
Difficulty: easy
Convention:
#-You need to use root privileges to execute the specified commands, you can directly use the root user to execute, or you can use the sudo command
$-Normal users can be used to execute specified commands
Simple Application Server
USD1.00 New User Coupon
* Only 3,000 coupons available.
* Each new user can only get one coupon(except users from distributors).
* The coupon is valid for 30 days from the date of receipt.

Introduction
Encryption is very important. It is essential for protecting sensitive information. Your private files should be encrypted, and GPG provides a good solution.

Install GPG
GPG is widely used. You can find it in the repositories of almost every release. If you haven't installed it yet, let's install it now.

Debian/Ubuntu
$ sudo apt install gnupg
Fedora
# dnf install gnupg2
Arch
# pacman -S gnupg
Gentoo
# emerge --ask app-crypt/gnupg
Create key
You need a key pair to encrypt and decrypt files. If you have already generated a key pair for SSH, you can use it directly. If not, GPG includes tools to generate key pairs.
$ gpg --full-generate-key
GPG has a command line program that can help you generate keys step by step. It also has a much simpler tool, but this tool cannot let you set the key type, key length and expiration time, so this tool is not recommended.

GPG will first ask you the type of key. If nothing special, just choose the default value.

The next step is to set the key length. 4096 is a good choice.

After that, you can set an expiration date. Set it to 0 if you want the key to never expire.

Then, enter your name.

Finally, enter the email address.

You can add a comment if you need it.

After all this is done, GPG will let you verify the information.

GPG will also ask you if you need to set a password for the key. This step is optional, but will increase the degree of protection. If you need to set a password, GPG will collect your operating information to increase the robustness of the key. After all this is done, GPG will display the key related information.

The basic method of encryption
Now that you have your own key, encrypting files is very simple. Use the following command to create a blank text file in the /tmp directory.
$ touch /tmp/test.txt
Then use GPG to encrypt it. Here the -e flag tells GPG that you want to encrypt the file, and the -r flag specifies the recipient.
$ gpg -e -r "Your Name" /tmp/test.txt

GPG needs to know the recipient and sender of this file. Since this file is for you, there is no need to specify the sender, and the receiver is yourself.

The basic method of decryption
After you receive the encrypted file, you need to decrypt it. You do not need to specify the key for decryption. This information is encoded in the file. GPG will try to decrypt with the key in it.
$ gpg -d /tmp/test.txt.gpg

Send File
Suppose you need to send files to others. You need to have the public key of the recipient. How to obtain the key is up to you. You can ask them to send you the public key directly, or you can get it through a key server.

After receiving the other party's public key, import the public key into GPG.

$ gpg --import yourfriends.key

These public keys are the same as the keys you created, with their own name and email address information. Remember, in order for others to decrypt your files, others also need your public key. So export the public key and send it out.

gpg --export -a "Your Name"> your.key

Now you can start encrypting the file to be sent. It is similar to the previous steps, except you need to designate yourself as the sender.

$ gpg -e -u "Your Name" -r "Their Name" /tmp/test.txt

Conclusion
That's all. GPG also has some advanced options, but you won't use these advanced options 99% of the time. GPG is so easy to use. You can also use the created key pair to send and receive encrypted emails. The steps are similar to those demonstrated above, but most email clients will automatically do this for you if they have the key.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.