Search This Blog

Tuesday, November 13, 2018

How to Encrypt Files on Linux Using GPG

GNU Privacy Guard (GPG) is a tool primarily designed for encrypting and signing data using public keycryptography. It does however also contain the ability to encrypt data using just a user supplied password and it supports a variety of cryptographic algorithms.

sudo apt-get install gnupg

To encrypt a file, in this case “big.txt“, using gpg , enter the following command:

gpg -c test.txt

You will be prompted to enter a password (twice). A new file is created during the encryption process called “test.txt.gpg“. The original file will also remain, so you will need to delete it if you only intend to keep an encrypted copy. If you compare the file sizes of the original file and the encrypted file, you will see that the encrypted file is smaller. This is because gpg compresses the file during encryption. If the file is already compressed, then the encrypted file might actually end up being slightly larger.

To decyrpt the file use:

gpg test.txt.gpg

By default, files encrypted with gpg will use the “cast5” encryption algorithm which is approved by the Canadian government’s national cryptologic agency. However the gpg utility also supports a number of different built-in encryption algorithms including Triple DES (3DES), which is used by the electronic payment industry; Advanced Encryption Standard (AES), an encryption technique approved by the U.S. National Institute of Standards and Technology (NIST); and Camellia, a cipher jointly developed by Mitsubishi and NTT which is approved by the EU and Japan.
To see a list of the algorithms available type:

$ gpg -version
gpg: sion: skipped: public key not found
gpg: [stdin]: encryption failed: public key not found
ruz@ubuntu:/tmp$ gpg --version
gpg (GnuPG) 1.4.16
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

The list of available algorithms is shown in the “Supported algorithms” section of the output under the “Cipher” tag. To use a different algorithm add the “-crypto-algo” parameter followed by the algorithm you want to use, e.g. “-crypto-algo=3DES
The full command then becomes:

gpg -c -crypto-algo=3DES big.txt