Security is an important part of today’s IT operations. There are a lot of tools that provide some part of the security operations. GNU Privacy Guard or simply GPG is one of them. It provides encryption, decryption, digital signatures, and signing.

Install GPG To Ubuntu, Debian, Mint and Kali

For deb or apt based distributions we can install GPG with the following command for gnupg package.

$ sudo apt install gnupg

Install GPG To CentOS, Fedora, RHEL

For rpm or yum based distributions we can install GPG with the following command.

$ sudo yum install gnupg

Create Private and Public Keys

Now we will start with creating Private and Public Keys. As we know Public Cryptography provides two keys where the private key is a secret key which should be protected accordingly. The public key is as its name suggests open to everyone we want to collaborate with. So we need these keys. we can create them with the --gen-key option like below.

$ gpg --gen-key

This command will ask us some questions like below.

Real name: İsmail Baydan 
Email address: ibaydan@poftut.com

List GPG Keys

We can list-keys created and saved in the current system with the --fingerprint option. We should provide some search terms to this option like the email address or individual name etc. In this example, we will search with the email address ibaydan.

$ gpg --fingerprint ibaydan

Register To GPG Keyserver

In Public Key Cryptography key distribution is important. We need to provide our Public Key to the others in an open and trusted way. So Keyservers are designed to hold public keys or individuals and corporate. There are different Keyserver’s but pgp.mit.edu is the most popular one. We will use --keyserver option to specify the key server and --send-keys to provide a fingerprint of the key we want to register.

$ gpg --keyserver gpg.mit.edu --send-keys 003D114F

Export Public Key In ASCII Format

In some cases, we may want to print the key in a more readable format like ASCII. This will be useful if we want to distribute our public key with email or similar ways. We will use --armor option with output which gets the file name we want to save and --export the key search term.

$ gpg --armor --output pubkey.txt --export 'ibaydan'

Encrypt A File with GPG

We will use our Private Key in order to encrypt given data like a text file. We will use --encrypt with --receipent which will set private key and the last one the file we want to encrypt. We can also use --output option to specify the file name of the encrypted file.

$ gpg --encrypt --recipient 'ibaydan' --output ServerPass.txt.enc  ServerPass.txt

Keep in mind that encrypted file size will be bigger than original file size.

LEARN MORE How To Use GPG To Create, List Keys and Sign Files?

Decrypt A File with GPG

Now if we received a file that is encrypted by our Public Keys we need to decrypt it with our Private Key. We will use --decrypt option. We can also optionally specify the output file with --output option like below.

$ gpg --output foo.txt --decrypt ServerPass.txt.enc

List Installed GPG Keys

We can list existing keys with the --list-keys option. This will provide information like path, public key algorithm, user id, etc.

$ gpg --list-keys

Delete GPG Key

As we see in the previous example the Keys are stored in a database format named kbx . If we need to remove keys we should use --delete-key with the related term like email.

$ gpg --delete-key ibaydan

Delete Key with Secret Keys

While deleting keys if there is related secret we should provide --delete-secret-keys option too. If not we will get error like below.

gpg: there is a secret key for public key "ibaydan"!

$ gpg  --delete-secret-keys 'ibaydan@poftut.com'

How To Install and Use GPG Encryption In Linux In Order To Encrypt and Decrypt Files and Folder?