Introduction
Sensitive file protection is more crucial in the digital terrain of today than it was years ago. Encryption guarantees that only authorised users may access your data whether you are protecting personal or corporate records. Implementing the Pretty Good Privacy (PGP) encryption standard, GNU Privacy Guard (GPG) is one of the most potent tools available for file encryption. This post will lead you through how to efficiently use GPG to encrypt and decrypt Linux files.
GPG Encryption is what?
Free and open-source, GPG (GNU Privacy Guard) encryption program lets users sign, encrypt, and validate messages and data. Its very safe for both personal and professional use since it employs both symmetric and asymmetric encryption.
- Symmetric encryption locks and decodes data using a single key.
- Using a pair of keys—public and private—asymmetric encryption encrypts and decodes.
- Sensitive data, documents, and emails are all routinely sent using GPG.
Putting GPG on Linux
Make sure GPG is installed on your Linux machine before encrypting documents. GPG pre-installed is standard for most Linux distributions. Running will allow you to see whether it is installed.
gpg –version
Should GPG not already be installed, you may do so with:
Debian/Ubuntu:
sudo apt install gnupg && sudo apt update
CentOS/ RHEL:
sudo yum install gnupg
Arch Linux:
sudo pacman -S gnupg
File Encryption Using GPG: Methods
GPG encryption guarantees that only those with the proper decryption key may access the content of a file.
1. Symmetric encryption, or encrypting a file with a password
Run the following to encrypt a file using a password:
gpg –symmetric –cipher-algo AES256 file.txt
- The –symmetric flag indicates to GPG to employ symmetric encryption.
- Advanced Encryption Standard with a 256-bit key is AES256.
- To lock the file, you will be requested to enter a password.
- file.txt.gpg will be the encrypted file save under.
2. Public-Key Encrypting a File
Only a designated recipient—who possesses the private key—can decode the file using public-key encryption.
Step 1: Create a GPG Key Pair (should you not already)
gpg –full-generate-key
- Choose default option RSA encryption.
- Select a key size: strong encryption calls for 4096 bits.
- Either set an expiration date or keep it free from restrictions.
- Add your name and email address here.
- Give your key a strong passphrase.
Your present GPG keys can be listed with:
gpg –list-keys
Step 2: Export and public key sharing
gpg –export -a “recipient@example.com” > recipient_public_key.asc
Show the designated recipient this public key.
Step 3: Public key encrypting of a file
gpg –encrypt –recipient recipient@example.com file.txt
Only the receiver will be able to decode this encrypted file file.txt.gpg with their private key.
How to decode a file encrypted with GPG?
1. Deciphering a file encrypted in symmetric fashion
Should you encrypt a file using a password, decode it with:
gpg –decrypt file.txt.gpg > file.txt
You will be asked to input the password you used in encryption.
2. Public key decryption of an encrypted file
Should a file be encrypted using a public key, the recipient has to use their own key to decode it:
gpg –decrypt file.txt.gpg > file.txt
The passphrase for the private key will be prompted.
Guidelines for Making Use of GPG Encryption
- Make sure your private key is covered with a strong, distinctive passphrase.
- Keep your private key secret; never distribute it to anyone.
- Check validity of an encrypted file by verifying the sender’s GPG signature.
- Should a private key be compromised, promptly revoke it using Key Revocation.
gpg –gen-revoke keyID > revoke.asc
READ ABOUT–MyBatis TypeHandler Encryption: Secure Your Data Efficiently
Q&Rs
1. Apart from PGP, what distinguishes GPG?
Pretty Good Privacy (PGP) encryption standard is open-source implemented by GPG. While both provide digital signatures and encryption, GPG is free and extensively supported on Linux.
2. Can I encrypt several files concurrently?
Tar allows you to encrypt many files as well:
tar -czf – file1.txt file2.txt | gpg –symmetric –cipher-algo AES256 -o files.tar.gz.gpg
3. How can I distribute my public key among others?
Share your public key by email or a public key server:
gpg –export -a “Your_Email@example.com” > public-key.asc
4. Importance of trust in public keys?
Import the crucial key:
gpg –import public-key.asc
Sign it then to show trust:
gpg –sign-key keyID
5. How can I remove an unneeded GPG key?
Deleting a public key:
gpg –delete-key keyID
To erase a private key:
gpg –delete-secret-keys keyID
Conclusion
One of the best strategies for Linux file security and protection of private data is GPG encryption. GPG offers a strong answer for data security regardless of your inclination for public-key or password-based encryption. Following the advice in this book will help you to keep your data free from illegal access.
