GnuPG – An Easy Way To Encrypt/Decrypt Files From Command Line in Linux
We all have some secrets which we can’t share with anyone. In the similar kind of way, we all have some personal documents which we don’t want to show to anyone. How can protect those from others when multiple users accessing the same system.
In Linux few applications are doing this job such a nice way and we recently wrote about Cryptkeeper is one of the application to Encrypt & Decrypt folder in Linux. Today we are going to show you about GnuPG. GnuPG is another great application to Encrypt & Decrypt files from command line in Linux.
GnuPG stands for GNU Privacy Guard, also known as GPG. GnuPG is a Free & open source utility based on OpenPGP standard which used to Encrypt & Decrypt files from command line in Linux. It allows user to encrypt and sign the data for secure electronic communication to protect documents over the internet.
GnuPG features a versatile key management system as well as access modules for all kinds of public key directories. So, we can easily integration with other applications. Version 2 of GnuPG also provides support for S/MIME and Secure Shell (ssh).
How to Install GnuPG
Most of the major Linux distributions by default have the GnuPG package, so simple use the Package Manager to install it. GnuPG package comes with two commands, so you can use either
[Install GnuPG on Debian/Ubuntu/Mint] $ sudo apt-get install gnupg [Install GnuPG on RHEL/CentOS] $ sudo yum install gnupg [Install GnuPG on Fedora] $ sudo dnf install gnupg [Install GnuPG on openSUSE] $ sudo zypper install gpg2 [Install GnuPG on Mageia] $ sudo urpmi gnupg [Install GnuPG on Arch Linux based system] $ sudo pacman -S gnupg
How to Encrypt a File
-c switch with gpg command followed by filename to encrypt it.
c uses symmetric cipher encryption. When you run first time, it will create the necessary folders on your
/home directory, see the list of directories created by GnuPG.
# gpg -c magi.txt gpg: directory '/home/magi/.gnupg' created gpg: new configuration file '/home/magi/.gnupg/dirmngr.conf' created gpg: new configuration file '/home/magi/.gnupg/gpg.conf' created gpg: keybox '/home/magi/.gnupg/pubring.kbx' created Enter passphrase:[YOUR PASSWORD] Repeat passphrase:[YOUR PASSWORD]
Enter your password (passphrase) twice then click OK to encrypt the file. Replace
magi.txt with your own filename. The
magi.txt file has been encrypted with
.gpg extension. See the output below.
# ls -lh -rw-rw-r-- 1 magi magi 28 Jan 21 07:57 magi.txt -rw-rw-r-- 1 magi magi 105 Jan 21 07:59 magi.txt.gpg
Make a note, if you missed/forget the password you can’t retrieve the documents because it uses very strong encryption. Even, you can’t view the file content post the encryption.
How to Decrypt a File
Use gpg command followed by filename to decrypt it, additionally we can add
-d or --decrypt switch too.
# gpg magi.txt.gpg or # gpg -d magi.txt.gpg or # gpg --decrypt magi.txt.gpg gpg: AES encrypted data gpg: encrypted with 1 passphrase File 'magi.txt' exists. Overwrite? (y/n) y
It will prompt the window for password. Enter you password then hit ok to decrypt the file.
n to write the output in different filename.
gpg: AES encrypted data gpg: encrypted with 1 passphrase File 'magi.txt' exists. Overwrite? (y/n) n Enter new filename: magi1.txt
Decrypt and write output to new File
If you want to write the output to new file while decrypting, just add
-o switch followed by the new file name.
# gpg -o 2g.txt magi.txt.gpg gpg: AES encrypted data gpg: encrypted with 1 passphrase
Read more about GnuPG
If you want to know more option which is available for GnuPG, simply navigate to man page.
# gpg --help or # man gpg