Getting started with GPG(GnuPG)

#encryption #privacy #security #signature

GNU Privacy Guard (GPG or GnuPG) can be used to encrypt files for confidentiality and also sign files for authenticity.

What is a GPG or GnuPG?

GnuPG, is a tool that is made in accordance with the OpenPGP Internet standard . It is used primarily for secure communication and data storage. It is a tool that adds encryption and signs data.

Package repositories are downloaded round the world. Digital signatures are used to ensure that you get an exact copy from the original packager and not a malicious version from a compromised site.
OpenPGP programs such as GPG are used to sign and verify those packages ensuring the authenticity of the source.

There is local disk encryption which protects data at rest. However, if you wish that only the intended recipient can open a file you send by email or drop into a shared folder, you need to encrypt that individual file.
OpenPGP products like GPG can encrypt a file with a shared symmetric key or with asymmetric key pairs.

Using GnuPG

GnuPG comes installed with most Linux distributions.
To check your current version

$ yum list gnupg*

The first time you run any gpg command, a configuration directory and keyring will be created in your home directory. For example, if you run

gpg --list-keys

to display keys you may see the following message:

$ gpg --list-keys
gpg: directory '/home/bestuser/.gnupg' created
gpg: keybox '/home/bestuser/.gnupg/pubring.kbx' created
gpg: /home/bestuser/.gnupg/trustdb.gpg: trustdb created

Encrypting a file with a shared secret

You're all good to encrypt a file if the GnuPG is installed. For symmetric encryption, use the -c or --symmetric option and pass the file you want to encrypt. Here I'm encrypting example.txt.