GPG Command Linux: Examples To Encrypt And Decrypt File In Linux

June 12, 2011 | By
| Reply More

GPG Encryption

GPG is an encryption and a signing tool for Linux/Unix-like operating system. Using GPG, you can encrypt and decrypt files with a password. Basically GPG uses a pair of keys such as public key and private key. Data encrypted with one key can only be decrypted with the other. You can use GPG to provide digital encryption and signing services using the OpenPGP standard.

GPG may run as stand alone without any commands, in which case it will perform a reasonable action depending on the type of file it is given as input.

Possible inputs are as follows:

1. Encrypted message is decrypted.
2. Signature is verified.
3. File containing keys is listed.

Use GPG command as shown in below example to encrypt single file.

#gpg -c sample

Above command will create a encrypted sample.gpg file. The -c option will encrypt with symmetric cipher. Make sure to remember your passphrase, if you forget it then you cannot recover the data as it uses a very strong encryption.

Let us now see few examples of encryption and decryption with gpg command.

1. Key Generation.

#gpg --gen-key
gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)

 Select default (1) and press enter.
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

 Use the default here and press enter.

Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years

 Use the default option
Key does not expire at all
Is this correct? (y/N)

 Enter "y" and press enter.
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name:

 Type a name here. For example I used here "sam". Remember the name you use.

Then enter your email address and comment.
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

 Press O and then Enter.
Enter passphrase:

Enter here unique passphrase. This is like a password.

2. Encryption of file.

Syntax for encryption is:

#gpg -e -r

Let us now encrypt a file named test.txt with above generated key “sam”.

#gpg -e -r sam /home/tor/test.txt

The above command will generate test.txt.gpg file.

3.Decryption of File.

Syntax for decryption is:

#gpg --output --decrypt

#gpg --output test.txt --decrypt /home/sam/test.txt.gpg

If you only have the password you can decrypt using --symmetric,

# gpg --output --symmetric .gpg

You will be asked to enter the passphrase twice.

You can also decrypt a file using –d option.

#gpg -d sample.gpg

If you want to decrypt the file and send output to a new file name instead of standard output, you can do this as follows:

#gpg -o sample -d sample.gpg

Filed Under : SECURITY

Tagged With : ,

Free Linux Ebook to Download

Leave a Reply

Commenting Policy:
Promotion of your products ? Comment gets deleted.
All comments are subject to moderation.