{"id":2131,"date":"2013-06-27T11:56:42","date_gmt":"2013-06-27T03:56:42","guid":{"rendered":"http:\/\/rmohan.com\/?p=2131"},"modified":"2013-06-27T12:04:02","modified_gmt":"2013-06-27T04:04:02","slug":"gpg-file-encryption-command-line-in-linux","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=2131","title":{"rendered":"GPG file encryption command line in Linux"},"content":{"rendered":"

GPG file encryption using key pair
\nGPG basic file encryption doesn\u2019t required public\/private key. But to make a encrypted file more secure you can use RSA\/DSA algorithms. These algorithms generates public and private keys to encrypt file.<\/p>\n

There are three criteria to use GPG file encryption.<\/p>\n

1. Encrypt\/Decrypt file locally for same user account.
\n2. Encrypt file for other user.
\n3. Decrypt other users file.<\/p>\n

The very first step is to generate key pair using below command.<\/p>\n

# gpg –gen-key
\nOutput:<\/p>\n

gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.
\nThis program comes with ABSOLUTELY NO WARRANTY.
\nThis is free software, and you are welcome to redistribute it
\nunder certain conditions. See the file COPYING for details.<\/p>\n

Please select what kind of key you want:
\n(1) DSA and Elgamal (default)
\n(2) DSA (sign only)
\n(5) RSA (sign only)
\nYour selection?
\nDSA keypair will have 1024 bits.
\nELG-E keys may be between 1024 and 4096 bits long.
\nWhat keysize do you want? (2048)
\nRequested keysize is 2048 bits
\nPlease specify how long the key should be valid.
\n0 = key does not expire
\n= key expires in n days
\nw = key expires in n weeks
\nm = key expires in n months
\ny = key expires in n years
\nKey is valid for? (0)
\nKey does not expire at all
\nIs this correct? (y\/N) y<\/p>\n

You need a user ID to identify your key; the software constructs the user ID
\nfrom the Real Name, Comment and Email Address in this form:
\n“Heinrich Heine (Der Dichter) ”<\/p>\n

Real name: Mohan Ramadoss
\nEmail address: rmohan@rmohan.com
\nComment: System Admin
\nYou selected this USER-ID:
\n“Mohan Ramadoss (System Admin) ”<\/p>\n

Change (N)ame, (C)omment, (E)mail or (O)kay\/(Q)uit? o
\nYou need a Passphrase to protect your secret key.<\/p>\n

We need to generate a lot of random bytes. It is a good idea to perform
\nsome other action (type on the keyboard, move the mouse, utilize the
\ndisks) during the prime generation; this gives the random number
\ngenerator a better chance to gain enough entropy.
\n++++++++++++++++++++..+++++++++++++++.++++++++++++++++++++.+++++.+++++.+++++++++++++++++++++++++.+++++.++++++++++++++++++++++++++++++…+++++>+++++..+++++>+++++……………………………………………………..+++++<\/p>\n

Not enough random bytes available. Please do some other work to give
\nthe OS a chance to collect more entropy! (Need 284 more bytes)<\/p>\n

We need to generate a lot of random bytes. It is a good idea to perform
\nsome other action (type on the keyboard, move the mouse, utilize the
\ndisks) during the prime generation; this gives the random number
\ngenerator a better chance to gain enough entropy.
\n+++++..+++++.++++++++++..++++++++++.++++++++++..++++++++++..+++++++++++++++.+++++..+++++.++++++++++.+++++.++++++++++.++++++++++..++++++++++++++++++++++++++++++..+++++>++++++++++.>+++++>+++++.<+++++………………………………………………………………………………………….>+++++…………………+++++^^^
\ngpg: \/root\/.gnupg\/trustdb.gpg: trustdb created
\ngpg: key 2AE39E50 marked as ultimately trusted
\npublic and secret key created and signed.<\/p>\n

gpg: checking the trustdb
\ngpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
\ngpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
\npub 1024D\/2AE39E50 2013-03-14
\nKey fingerprint = 0D89 4697 E22A A6CC 3017 5EA1 0389 ED6D 2AE3 9E50
\nuid Mohan Ramadoss (System Admin)
\nsub 2048g\/9102AC9C 2013-03-14
\n1. Encrypt\/Decrypt file locally for same user account.<\/p>\n

Encrypt file for single user only. No one other can decrypt this file.<\/p>\n

# gpg –encrypt –recipient ‘Mohan Ramadoss’ rmohan.txt
\n\u2013recipient name should be same as used in key generation. Above command will automatically generate a encrypted file named rmohan.txt.gpg<\/p>\n

Decrypt your own file rmohan.txt.gpg<\/p>\n

# gpg –output rmohan2.txt –decrypt rmohan.txt.gpg
\n\u2013output or -o is used to specify output filename. Above command will prompt for passphrase used in key pair.<\/p>\n

2. Encrypt file for other user.<\/p>\n

Use #1 steps to generate encrypted file. Finally share your public key and encrypted file ( rmohan.txt.gpg ) with other users. To export your public key use following command.<\/p>\n

# gpg –armor –output pubkey.txt –export ‘Mohan Ramadoss’<\/p>\n

Check your public key. It should be like below<\/p>\n

# cat pubkey.txt
\n—–BEGIN PGP PUBLIC KEY BLOCK—–
\nVersion: GnuPG v1.4.5 (GNU\/Linux)<\/p>\n

mQGiBFFBPwsRBADWAxKxCxLsZ1ZJ512auBkEw51HlF5+k18Yp1giOqIYtbRUPVeq
\nY5o5knVKjlJDlVA0\/rGh18fbKgubjZl1PL1R+tT0bMIDIs5+hg+S60nSlxBGOhYz
\n8h+nuY4GbOMdG0V4DJwgpOg7Haywljs0epYPtcdroRIrLg8owjcpYtIm1wCgl75F
\nXP6XU\/CPJJoZp7DrC2Ukrg8EALra\/Rwk5MXi3G8rT3dq1rX0wMmFPh+A1osnYIlM
\nRaaNGi28MdTGv\/61pMz6ItPgBTglp6hzkRyixIuBXxqkwP8489o2MwzzwVbAUjUb
\ni8\/U4Y3eW1jii8WBZydUn+MaMx4sKSnYXjoIHvRsiDhnIWvVUdbaeet0wOdlLj\/X
\n+xl\/BACl0xykv21zpMUXnKIadM2DeD6esMHtijzJYBfg6tgQmwjbFMtLsiPk0GdG
\nRCYQ0vTiSn0m78dcqsQjvfTSzd0kFnOvSkC3kNf\/+cqY9ZHnin4J55LfI1m0yHhB
\nYbm2zutx9f6+RB7Ariuhok9BXPVd5cPf5lO6DxmIF2qAjk83nLQ8UmFodWwgS3Vt
\nYXIgKExpbnV4IFN5c3RlbSBBZG1pbikgPHJhaHVsLmt1bWFyMTA5OUBnbWFpbC5j
\nb20+iGAEExECACAFAlFBPwsCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAD
\nie1tKuOeUJUaAJ0TKvkx1qiJxlAssDkzC+1mElhBJQCgg6tm4u5NCUAbuFosG0Ix
\nY34YJ1C5Ag0EUUE\/EBAIAJfBCnfQI+\/Oy2dLt9RdfsarK0FcsFTFRdiAWEsBoI8l
\nwPDNamXAqAnGqdZwiVzx26SOmLbveooZmzYGZJV8ouXLSTidpNjoFWyO45XH4Ok8
\n3b+lJy\/JcOSRLBQWrAUaLs46KTWkd0AM+ilegfWrNkcjIbgr7WY64jk640NffRBO
\nbb\/fj+ILpM4keV+8EigC5xWerjC2YR8mnI6P8ylGzeuUitNHToBSf6m3RBEpQxvk
\nAcKat7BpqJ4cz1+4ACT8RxFL7dAAnnhpbjkM4VHqSjQuf483bVa7dVYZdOA\/Ys68
\n1h9LBBRDbpSl7UPy9s+BRpuTUq8lk69yn6tb63TWATcAAwUH\/i7wnh4Vx\/0HBYWo
\n8AjY3iqaIjTW63H70PXKwn7yxLJW2xqSQ2Sre9h9J\/arZUwerky3tS3xdcEEGTSP
\noXgeg2passygEAnlGUEws2BZ+3XVbSVhh+vMmqOMwz1J1GUKTOWH5vVCsfYdMmb\/
\n4GnxV2iAKeskPRwZFHujaHA0tvlGtRXjFXqxiBuSZjgv0W93sbZQamArCYaJtwT0
\n2ZgrrUAVEs8JMTbSfrQEmXpfhk2mFcrf2ocAC6LwxMYZESDW6YhlY+1utEqpN6al
\nMefh1g42JK2g4OV42iP7op0JeQp6emJFywumlTrnihycRXEElxur+23NSLQpeNaw
\nM6gUQPeISQQYEQIACQUCUUE\/EAIbDAAKCRADie1tKuOeUB+VAJ9e8PprKcX3qvnW
\nrU8MhhXMB\/G0PQCfehvC8uWR\/TLtHyu5pjzCEtcsX\/E=
\n=k3yQ
\n—–END PGP PUBLIC KEY BLOCK—–
\n3. Decrypt other users file.<\/p>\n

To decrypt other users file, It required public key of that user. Import that public key to your account using below command. For example other users public file is otherpub.txt<\/p>\n

# gpg –import otherpub.txt
\nMake sure that file has been imported successfully using below command.<\/p>\n

# gpg –list-keys
\nAbove command will show all public key in your account. Make sure the other users public key also exist there.<\/p>\n

Now you can decrypt the other users file using below command<\/p>\n

# gpg –output otheruserfile.txt otheruserfile.txt.gpg
\nGPG file encryption command line in Linux<\/p>\n

AS we know, now a days it\u2019s not safe to send and receive data over internet. There are many option available to secure your data while traveling over internet. GnuPG also provides you to encrypt your data on key basis. GPG is an encryption and signing tool for UNIX\/LINUX like OS.<\/p>\n

GnuPG provides many methods for file encryption and decryption.<\/p>\n

Method (A): Use Basic GPG encryption<\/p>\n

Step 1: First create a file to encrypt using GPG.<\/p>\n

# echo “Enter file content here” > secureit.txt
\nStep 2: Encypt above created file using gpg.<\/p>\n

# gpg -c secureit.txt
\nAbove command will create a encrypted file named secureit.txt.gpg. Original file will remain same.<\/p>\n

# ls -l
\ntotal 8
\n-rw-r–r– 1 root root 24 Mar 9 21:36 secureit.txt
\n-rw-r–r– 1 root root 74 Mar 9 21:36 secureit.txt.gpg
\nStep 3: Finally how to decrypt file again.<\/p>\n

# gpg -o secureit-new.txt -d secureit.txt.gpg
\ngpg: CAST5 encrypted data
\nEnter passphrase:
\nYou will get a new decypted file named secureit-new.txt.<\/p>\n

# ls -l secureit-new.txt
\n-rw-r–r– 1 root root 24 Mar 9 21:56 secureit-new.txt
\nThanks for using this article.<\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

GPG file encryption using key pair GPG basic file encryption doesn\u2019t required public\/private key. But to make a encrypted file more secure you can use RSA\/DSA algorithms. These algorithms generates public and private keys to encrypt file.<\/p>\n

There are three criteria to use GPG file encryption.<\/p>\n

1. Encrypt\/Decrypt file locally for same user account. 2. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2131"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2131"}],"version-history":[{"count":4,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2131\/revisions"}],"predecessor-version":[{"id":2135,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2131\/revisions\/2135"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}