Posted on January 30, 2017 at 10:58 am
First you need to generate a GPG private/public key-pair:
Here is an example output of the command:
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 0 Key does not expire at all Is this correct? (y/N) y You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <email@example.com>" Real name: File Encryption Key Email address: firstname.lastname@example.org Comment: File Encryption Key You selected this USER-ID: "File Encryption Key (File Encryption Key) <email@example.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o You need a Passphrase to protect your secret key.
You’ll be asked for a passphrase to protect your key. Use a strong password and make sure to keep it very private. It is not used to encrypt files, just to decrypt files.
You should read also: GnuGPG Not enough random bytes available.
If all went well, you should see something like this:
We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: key FE53C811 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u pub *****/******** 2017-01-30 Key fingerprint = **** **** **** **** **** **** **** **** **** **** uid File Encryption Key (File Encryption Key) sub *****/******** 2017-01-30
Export public key
The public key is used only to encrypt files.
To export the public key for importing it on another server type:
gpg --armor --output file-enc-pub-key.dat --export 'File Encryption Key'
The “File Encryption Key” is the name entered during the key generation.
Export private key
The private key is used to decrypt files encrypted with the public key.
To backup\export the private key type:
gpg --armor --output file-enc-priv-key.asc --export-secret-keys 'File Encryption Key'
Keep the private key in a secure server used only to decrypt files.
Encrypt a file
To encrypt a file you can use:
gpg --encrypt --recipient 'File Encryption Key' largefile.tar.gz
To encrypt a file without keyboard interaction use:
gpg --trust-model always --encrypt --recipient 'File Encryption Key' largefile.tar.gz
It will generate the encrypted file:
Decrypt an encrypted file
You can decrypt it with this command:
gpg --output largefile.tar.gz --decrypt largefile.tar.gz.gpg
You will be asked for your passphrase.
Decrypt multiple encrypted files
You can decrypt multiple files like this:
gpg --decrypt-files *.gpg
Updated on January 9, 2021 at 1:38 pm
- Set OpenVPN to Listed on a Specific IP Address
- Bash Trim Leading and Trailing Whitespace from a String
- Bash Get Name of Ethernet Network Interface
- VPN Providers with Dedicated Static IP Address
- OpenVPN Iptables Rules
- WireGuard VPN Iptables Rules
- How to Install WireGuard VPN in Debian 10 Buster
- Bash: No space left on device (inodes issue)
- Add Desktop shortcut for all Windows PC users
- How to pass custom command-lien parameters in InnoSetup
- Programmatically create desktop icon with InnoSetup
- GeneratePress - a Lightweight WordPress Theme 2021
- InnoSetup disable DesktopIcon via command-line
- Use cURL to authenticate with JWT Bearer tokens
- Detect VMWare Virtual Machine
- Detect Microsoft Virtual PC Virtual Machine