We all have some secrets which we don’t want to share with anyone, such as personal documents and photos. How to protect those from others when multiple users accessing the same system.
In Linux few applications are there to do this job ,we recently wrote about Cryptkeeper is one of the application to Encrypt & Decrypt folder in Linux. Today we are going to show you about GnuPG. GnuPG is another great application to Encrypt & Decrypt files from command line in Linux.
What’s GnuPG ?
GnuPG stands for GNU Privacy Guard, also known as GPG. GnuPG is a Free & open source utility based on OpenPGP standard which used to Encrypt & Decrypt files from command line in Linux. It allows user to encrypt and sign the data for secure electronic communication to protect documents over the internet.
Suggested Read : Cryptkeeper – An Easy Way To Encrypt And Decrypt Folder or Directory In Linux
Suggested Read : SiriKali – GUI Front End To Manage ecryptfs, cryfs, gocryptfs, securefs, and encfs Encrypted Folders
GnuPG features a versatile key management system as well as access modules for all kinds of public key directories. So, we can easily integration with other applications. Version 2 of GnuPG also provides support for S/MIME and Secure Shell (ssh).
How to install GnuPG ?
Most of the major Linux distributions by default have the GnuPG package, so simple use the Package Manager to install it. GnuPG package comes with two commands, so you can use either gpg
or gpg2
command.
[Install GnuPG on Debian/Ubuntu/Mint] $ sudo apt-get install gnupg [Install GnuPG on RHEL/CentOS] $ sudo yum install gnupg [Install GnuPG on Fedora] $ sudo dnf install gnupg [Install GnuPG on openSUSE] $ sudo zypper install gpg2 [Install GnuPG on Mageia] $ sudo urpmi gnupg [Install GnuPG on Arch Linux based system] $ sudo pacman -S gnupg
How to Encrypt a file
Add -c
switch with gpg command followed by filename to encrypt it. c
uses symmetric cipher encryption. When you run first time, it will create the necessary folders on your /home
directory, see the list of directories created by GnuPG.
# gpg -c magi.txt gpg: directory '/home/magi/.gnupg' created gpg: new configuration file '/home/magi/.gnupg/dirmngr.conf' created gpg: new configuration file '/home/magi/.gnupg/gpg.conf' created gpg: keybox '/home/magi/.gnupg/pubring.kbx' created Enter passphrase:[YOUR PASSWORD] Repeat passphrase:[YOUR PASSWORD]
Enter your password (passphrase) twice then click OK to encrypt the file. Replace magi.txt
with your own filename. The magi.txt
file has been encrypted with .gpg
extension. See the output below.
# ls -lh -rw-rw-r-- 1 magi magi 28 Jan 21 07:57 magi.txt -rw-rw-r-- 1 magi magi 105 Jan 21 07:59 magi.txt.gpg
Make a note, if you missed/forget the password you can’t retrieve the documents because it uses very strong encryption. Even, you can’t view the file content post the encryption.
How to Decrypt a file ?
Use gpg command followed by filename to decrypt it, additionally we can add -d or --decrypt
switch too.
# gpg magi.txt.gpg or # gpg -d magi.txt.gpg or # gpg --decrypt magi.txt.gpg gpg: AES encrypted data gpg: encrypted with 1 passphrase File 'magi.txt' exists. Overwrite? (y/n) y
It will prompt the window for password. Enter you password then hit ok to decrypt the file.
Press n
to write the output in different filename.
gpg: AES encrypted data gpg: encrypted with 1 passphrase File 'magi.txt' exists. Overwrite? (y/n) n Enter new filename: magi1.txt
Decrypt and write output to new File
If you want to write the output to new file while decrypting, just add -o
switch followed by the new file name.
# gpg -o 2g.txt magi.txt.gpg gpg: AES encrypted data gpg: encrypted with 1 passphrase
To read more about GnuPG
If you want to know more option which is available for GnuPG, simply navigate to man page.
# gpg --help or # man gpg