HowTo

Newest Downloads

Mar.08

  [zenoss@zenoss2 ~]$ python Zenoss_Template_Manager.py -husage: Examples: python Zenoss_Templa...

Feb.01

python queryns.py -husage: queryns.py [options] arg --username=username --password=password --net...

How to Encrypt file using GPG
Linux HowTo's - Advance Linux HowTo's
Written by Allen Sanabria   
Sunday, 10 February 2008 00:23
Tags:

Have you ever wanted to keep a certain file from nosy Sys Admins??? Well in this quick HOWTO I will show you how using GPG.


Section-1 "BASIC ENCRYPTION"

    1. With GPG you can encrypt and decrypt files with a password. GPG is an encryption and signing tool for Linux/UNIX like operating system such as OpenBSD/Solaris/Fedora.

    • In this first example I will show you the basics on how to encrypt a file. But before we do that lets create a file called encrypt_example.
      echo "I'm Encrypted"" >encrypt_example      .
    • To encrypt single file, use the GPG command as follows:
      gpg -c encrypt_example. This will create a encrypt_example.gpg file.
    • The -c option will Encrypt with symmetric cipher
    • You can now delete the original file if you like or send it to your home pc or whatever your heart desires :p.

    Caution if you ever forget your passphrase, you cannot recover the data as it uses a very strong encryption.



    Section-2 "Advanced Encryption"

    2. In Section-1 you saw how to create a basic encryption for a file, now we will see how to do it with a few other options.
    • The first step is to make sure you generate a gpg key. You can do so by doing this:
      gpg --gen-key. This will generate your public and private keys and sign them for you.
    • When you run that command, you will have a few questions you will need to answer.
      asanabria@ubuntu-dynasty:~$ gpg --gen-key
      gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc.
      This program comes with ABSOLUTELY NO WARRANTY.
      This is free software, and you are welcome to redistribute it
      under certain conditions. See the file COPYING for details.

      Please select what kind of key you want:
         (1) DSA and Elgamal (default)
         (2) DSA (sign only)
         (5) RSA (sign only)
      Your selection? 1
      DSA keypair will have 1024 bits.
      ELG-E keys may be between 1024 and 4096 bits long.
      What keysize do you want? (2048) 
      Requested keysize is 2048 bits
      Please specify how long the key should be valid.
               0 = key does not expire
              = key expires in n days
            w = key expires in n weeks
            m = key expires in n months
            y = key expires in n years
      Key is valid for? (0) 
      Key does not expire at all
      Is this correct? (y/N) Y

      You need a user ID to identify your key; the software constructs the user ID
      from the Real Name, Comment and Email Address in this form:
          "Heinrich Heine (Der Dichter) "

      Real name: example
      Email address: example@linuxdynasty.org
      Comment: example
      You selected this USER-ID:
          "example (example) "

      Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
      You need a Passphrase to protect your secret key.
    • Now that you have your keys, we can get into the new options. Lets encrypt encrypt_example with this:
      gpg -sec encrypt_example.
    • The -s option means to sign the file with your key, the -e option is to encrypt the file with a password, the -c option means to encrypt with a symmetric cipher using a passphrase.
    asanabria@ubuntu-dynasty:~$ gpg -sce encrypt_example
                       
    You need a passphrase to unlock the secret key for
    user: "example (example) "
    1024-bit DSA key, ID 846FA1E8, created 2007-08-31

    You did not specify a user ID. (you may use "-r")

    Current recipients:

    Enter the user ID.  End with an empty line: example

    Current recipients:
    2048g/0DFEBEF0 2007-08-31 "example (example) "

    Enter the user ID.  End with an empty line:



    Section-3 "Decryption"


    Quick GotchaIf you encrypt using the -s (The signature Option) you will have to use the password you created when you generate the public and private keys and not the password you used with the -c option (Unless they are both the same password).

    3. Now if you want to decrypt file, you will have to use the -d option
    • Example gpg -d encrypt_example.gpg.
      asanabria@ubuntu-dynasty:~$gpg -d encrypt_example.gpg 
      gpg: CAST5 encrypted data
      gpg: encrypted with 1 passphrase
      I"m Encrypted!!!
    • Now if you want to decrypt the file and send it to a new file name instead of standard output.
      You can do this gpg -o decrypt_example -d encrypt_example.gpg. 
      asanabria@ubuntu-dynasty:~$ gpg -o decrypt_example -d encrypt_example.gpg 
      gpg: CAST5 encrypted data
      gpg: encrypted with 1 passphrase
      gpg: WARNING: message was not integrity protected
        
      asanabria@ubuntu-dynasty:~$ cat decrypt_example 
      I'm Encrypted!!

Remember if file extension is .asc, it is a ASCII encrypted file and if file extension is .gpg, it is a binary encrypted file.


Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Mixx! Free and Open Source Software News Google! Live! Facebook! StumbleUpon! Yahoo! Free Joomla PHP extensions, software, information and tutorials.
Tags:
Comments
Search RSS
Only registered users can write comments!

3.22 Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

< Prev
Last Updated on Wednesday, 14 May 2008 11:57