Main Menu

search

You are here

Home

GnuPG File Encryption

[last updated: 2023-08-16]
Linux home page
GPG - docs, usage, options
GPG - generate public & private keys
GPG - sharing public keys
GPG - encrypting and decrypting messages
GPG single (symmetric) passwords
GPG password management
GPG rough notes to be extracted/understood/incorporated...
GPG - revocation certificate
-----

  • Linux has a program to encrypt files, called GnuPG (GPG), that is modeled after PGP.
    It is bundled with most recent distributions.
      General usage format:
      $ gpg [ options ]
      To see if gpg is installed on your system, and the version,
      $ gpg --version
  • At the current time (July 2023 - GPG version 2.2.27), it appears to nominally use 128-bit encryption, but can be set to do 256-bit.
    -----

  • Private/Public key-pair encryption:
    • This is the method to use if you want to share encrypted files with another person.
        Files will be encrypted such that only the intended recipient can decrypt them.

    • The central concept is that of a "key," or more precisely, a key-pair, ie. two (paired/attached/associated) keys, one public, one private.
      The gpg program generates both keys for you.
      Only you see your private key. Your communication partner, as a minimum, must see your public key.
    • Each key is a string of binary digits, of variable length, typically a couple of thousand bits long.
      For easier management, you can convert your keys to ascii format, which reduces their size and makes them more human-readable.
    • Both the sender and recipient generate both a public and a private key.
      You share your public keys with each other, but keep your private keys private to the individual, whether sender or recipient.
      You use your private key and their public key to encrypt or decrypt files that you send or receive from them.

    • Generate public and private keys:
      including creating a Fingerprint and a Revocation Certificate:
      ----------------------------------------

    • Sharing public keys:
      Now that you've generated your public and private keys, here's how to use them:
        Private keys are functionally ignored. That is, they are embedded/saved in your gpg program,
        and you need do nothing explicit to use them.
          See the exception ... if you're using a different computer than the one used to generate the keys...

        Public keys however must be shared between message sender and recipient.

        • The sender must have the recipient's public key in order to encrypt a file for only them to receive.
        • The recipient must have the public key of the sender in order to decrypt their message.

      ----------------------------------------

    • Encrypting and Decrypting Messages:

    ----------------------------------------

  • Single password encryption:
    You might use this method if you just want to protect your files on your computer
    from being read by anyone who might get access to them,
    but you are not interested in sending the encrypted files to someone else.
    ----------------------------------------

  • Links:
    (link to:) howtogeek tutorial
    (link to:) gpg4Windows

.

.

.

eof

Powered by Drupal