GNU Privacy Guard or better known as GPG is public key cryptography implementation and it is free software replacement for the Symantec’s PGP cryptographic.
In this post I will show you how to generate new GPG key pairs and encrypt or/and signature files.
Generate new GPG key pair
At beginning we have to generate public and private key pair using
gpg --gen-key. This introductions follow way how I did my GPG keys, but if you would like to know more about every step I recommend go to look at https://fedoraproject.org/wiki/Creating_GPG_Keys.
Select 1 (default) and press Enter.
Default 2048 bits long key enough for me, so I press Enter.
I use default value 0 (key does not expire).
If you also choose no expire, then press y and Enter.
Give your real name, email address and comment section is optional, I left it empty. And when your identify information is inputted, press O.
Now new key pair located in
List of keys
When we are created one key in keyring, we can list all our keys to terminal.
Pub section tell us my master key User ID, which are in my option AAAAXXXX.
We are generate new key pair and we are looking for how it looks like from terminal. Now we will encrypt one file.
First write some text file which we would like to encrypt later.
Okay, now we have a file, and we are wrote some message from there. Next I would like to encrypt and signature that file by my GPG private key. When I encrypt file, I have to specify which is my master key’s User ID. Command
gpg --list-keys show all my keys and I selected my key.
Encrypted file is named by hello.gpg which are binary format encrypted file. There is only one way to open this file, and it is decrypt file by your private key. Next we decrypt this file.
Print tells that I am signature file by myself, and at the end of print is my encrypted message.
Simple passphrase protected file
If you would like to protect some file in simple, you can also use symmetric protection which are protected via passphrase.
Write some file and encrypt it.
Now you have to give some passphrase, and then file hello.gpg is the same file but encrypted. In default gpg use CAST5 cipher algorithm for encrypt symmetric files. You can decrypt hello.gpg by command