Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Uncategorized»File Encryption using GPG Key Pair in Linux

    File Encryption using GPG Key Pair in Linux

    RahulBy RahulApril 17, 20134 Mins Read

    GPG basic file encryption doesn’t required public/private key. But to make a encrypted file more secure you can use RSA/DSA algorithms. These algorithms generates public and private keys to encrypt file.

    This article will help you to do following three tasks for File Encryption using GPG Key Pair in Linux.

    • Create key pair
    • Encrypt/Decrypt file locally for same user account.
    • Encrypt file for other user.
    • Decrypt other users file.

    Step 1: Create GPG Key Pair

    The very first step is to generate key pair. Use the following command to generate gpg key pair.

    # gpg --gen-key
    

    Output:

    gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.
    This program comes with ABSOLUTELY NO WARRANTY.
    This is free software, and you are welcome to redistribute it
    under certain conditions. See the file COPYING for details.
    
    Please select what kind of key you want:
       (1) DSA and Elgamal (default)
       (2) DSA (sign only)
       (5) RSA (sign only)
    Your selection?
    DSA keypair will have 1024 bits.
    ELG-E keys may be between 1024 and 4096 bits long.
    What keysize do you want? (2048)
    Requested keysize is 2048 bits
    Please specify how long the key should be valid.
             0 = key does not expire
            = key expires in n days
          w = key expires in n weeks
          m = key expires in n months
          y = key expires in n years
    Key is valid for? (0)
    Key does not expire at all
    Is this correct? (y/N) y
    
    You need a user ID to identify your key; the software constructs the user ID
    from the Real Name, Comment and Email Address in this form:
        "Heinrich Heine (Der Dichter) "
    
    Real name: Rahul Kumar
    Email address: [email protected]
    Comment: Linux System Admin
    You selected this USER-ID:
        "Rahul Kumar (Linux System Admin) "
    
    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
    You need a Passphrase to protect your secret key.
    
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    ++++++++++++++++++++..+++++++++++++++.++++++++++++++++++++.+++++.+++++.+++++++++++++++++++++++++.+++++.++++++++++++++++++++++++++++++...+++++>+++++..+++++>+++++..............................................................+++++
    
    Not enough random bytes available.  Please do some other work to give
    the OS a chance to collect more entropy! (Need 284 more bytes)
    
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    +++++..+++++.++++++++++..++++++++++.++++++++++..++++++++++..+++++++++++++++.+++++..+++++.++++++++++.+++++.++++++++++.++++++++++..++++++++++++++++++++++++++++++..+++++>++++++++++.>+++++>+++++.<+++++.......................................................................................................>+++++.....................+++++^^^
    gpg: /root/.gnupg/trustdb.gpg: trustdb created
    gpg: key 2AE39E50 marked as ultimately trusted
    public and secret key created and signed.
    
    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
    pub   1024D/2AE39E50 2013-03-14
          Key fingerprint = 0D89 4697 E22A A6CC 3017  5EA1 0389 ED6D 2AE3 9E50
    uid                  Rahul Kumar (Linux System Admin) 
    sub   2048g/9102AC9C 2013-03-14
    

    Step 2: Encrypt/Decrypt File Current User

    Encrypt file for single user only. No one other can decrypt this file.

    # gpg --encrypt --recipient 'Rahul Kumar' tecadmin.txt
    

    –recipient name should be same as used in key generation. Above command will automatically generate a encrypted file named tecadmin.txt.gpg

    Decrypt your own file tecadmin.txt.gpg

    # gpg --output tecadmin2.txt --decrypt tecadmin.txt.gpg
    

    –output or -o is used to specify output file name. Above command will prompt for passphrase used in key pair.

    Step 3: Encrypt File for Other User

    Use #1 steps to generate encrypted file. Finally share your public key and encrypted file ( tecadmin.txt.gpg ) with other users. To export your public key use following command.

    # gpg --armor --output pubkey.txt --export 'Rahul Kumar'
    

    Check your public key. It should be like below

    # cat pubkey.txt
    
    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: GnuPG v1.4.5 (GNU/Linux)
    
    mQGiBFFBPwsRBADWAxKxCxLsZ1ZJ512auBkEw51HlF5+k18Yp1giOqIYtbRUPVeq
    Y5o5knVKjlJDlVA0/rGh18fbKgubjZl1PL1R+tT0bMIDIs5+hg+S60nSlxBGOhYz
    8h+nuY4GbOMdG0V4DJwgpOg7Haywljs0epYPtcdroRIrLg8owjcpYtIm1wCgl75F
    XP6XU/CPJJoZp7DrC2Ukrg8EALra/Rwk5MXi3G8rT3dq1rX0wMmFPh+A1osnYIlM
    RaaNGi28MdTGv/61pMz6ItPgBTglp6hzkRyixIuBXxqkwP8489o2MwzzwVbAUjUb
    i8/U4Y3eW1jii8WBZydUn+MaMx4sKSnYXjoIHvRsiDhnIWvVUdbaeet0wOdlLj/X
    +xl/BACl0xykv21zpMUXnKIadM2DeD6esMHtijzJYBfg6tgQmwjbFMtLsiPk0GdG
    RCYQ0vTiSn0m78dcqsQjvfTSzd0kFnOvSkC3kNf/+cqY9ZHnin4J55LfI1m0yHhB
    Ybm2zutx9f6+RB7Ariuhok9BXPVd5cPf5lO6DxmIF2qAjk83nLQ8UmFodWwgS3Vt
    YXIgKExpbnV4IFN5c3RlbSBBZG1pbikgPHJhaHVsLmt1bWFyMTA5OUBnbWFpbC5j
    b20+iGAEExECACAFAlFBPwsCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAD
    ie1tKuOeUJUaAJ0TKvkx1qiJxlAssDkzC+1mElhBJQCgg6tm4u5NCUAbuFosG0Ix
    Y34YJ1C5Ag0EUUE/EBAIAJfBCnfQI+/Oy2dLt9RdfsarK0FcsFTFRdiAWEsBoI8l
    wPDNamXAqAnGqdZwiVzx26SOmLbveooZmzYGZJV8ouXLSTidpNjoFWyO45XH4Ok8
    3b+lJy/JcOSRLBQWrAUaLs46KTWkd0AM+ilegfWrNkcjIbgr7WY64jk640NffRBO
    bb/fj+ILpM4keV+8EigC5xWerjC2YR8mnI6P8ylGzeuUitNHToBSf6m3RBEpQxvk
    AcKat7BpqJ4cz1+4ACT8RxFL7dAAnnhpbjkM4VHqSjQuf483bVa7dVYZdOA/Ys68
    1h9LBBRDbpSl7UPy9s+BRpuTUq8lk69yn6tb63TWATcAAwUH/i7wnh4Vx/0HBYWo
    8AjY3iqaIjTW63H70PXKwn7yxLJW2xqSQ2Sre9h9J/arZUwerky3tS3xdcEEGTSP
    oXgeg2passygEAnlGUEws2BZ+3XVbSVhh+vMmqOMwz1J1GUKTOWH5vVCsfYdMmb/
    4GnxV2iAKeskPRwZFHujaHA0tvlGtRXjFXqxiBuSZjgv0W93sbZQamArCYaJtwT0
    2ZgrrUAVEs8JMTbSfrQEmXpfhk2mFcrf2ocAC6LwxMYZESDW6YhlY+1utEqpN6al
    Mefh1g42JK2g4OV42iP7op0JeQp6emJFywumlTrnihycRXEElxur+23NSLQpeNaw
    M6gUQPeISQQYEQIACQUCUUE/EAIbDAAKCRADie1tKuOeUB+VAJ9e8PprKcX3qvnW
    rU8MhhXMB/G0PQCfehvC8uWR/TLtHyu5pjzCEtcsX/E=
    =k3yQ
    -----END PGP PUBLIC KEY BLOCK-----
    

    Step 4: Decrypt Other Users File.

    To decrypt other users file, It required public key of that user. Import that public key to your account using below command. For example other users public file is otherpub.txt

    # gpg --import otherpub.txt
    

    Make sure that file has been imported successfully using below command.

    # gpg --list-keys
    

    Above command will show all public key in your account. Make sure the other users public key also exist there.

    Now you can decrypt the other users file using below command

    # gpg --output otheruserfile.txt otheruserfile.txt.gpg
    

    Thank You for reading this article. Read our next article to File Encryption using GPG Command Line.

    encrypt file using gpg File Encryption using GPG Key Pair GnuPG GPG gpg encryption GPG Key Pair How to use GnuPG How to use GPG Secure file using GPG
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleLinux tar Command with Useful Practical Examples
    Next Article MySQL Database Backup RPM

    Related Posts

    How to Solve an Expired Key (EXPKEYSIG) with Apt

    Updated:March 1, 20191 Min Read

    Most Effective Industry Specific Plug-ins for WordPress

    Updated:August 15, 20163 Mins Read

    How to Install Komodo Edit on Ubuntu 14.10, 14.04 LTS and 12.04 LTS via PPA

    1 Min Read

    Setup Database Mirroring in SQL Server 2012 with Certificates

    3 Mins Read

    How to Install XCache for PHP on CentOS,RHEL and Fedora

    2 Mins Read

    Setup Varnish on CentOS/RHEL 5/6 with Apache

    2 Mins Read

    Leave A Reply Cancel Reply

    Recent Posts
    • What is the /etc/nsswitch.conf file in Linux
    • How to Install Ionic Framework on Ubuntu 22.04
    • What is the /etc/hosts file in Linux
    • How to Install Angular CLI on Ubuntu 22.04
    • How to Install Composer on Ubuntu 22.04
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.