GnuPG or GPG implements the PGP standard into the software we can use to apply PGP standardized encryption. In this article, we’ll describe how to use GPG to encrypt documents and files. GPG can be used to encrypt documents using a key or password. We’ll cover both scenarios.
Prerequirement: Make sure to have the GPG installed on your machine.
GPG using keys
When using keys for encryption we need to have the public key of the recipient first. To understand what the public key is, make sure to sync up with our article on this topic. Below is the step by step on how to use gpg to encrypt documents using the key:
For the sake of the example, we’ll create a txt file with content “This is the plaintext file.”.
$ cat /tmp/testfile.txt
This is the plaintext file.
Now, we take the public key of the recipient so we can encrypt the file we’ll be sending them:
$ gpg --output /tmp/encryptedfile.gpg --encrypt --recipient [email protected] /tmp/testfile.txt
/tmp/encryptedfile.gpg
is the file we are creating by encrypting the /tmp/testfile.txt
.
When opened, the file /tmp/encryptedfile.gpg
will have the following content:
$ cat /tmp/encryptedfile.gpg
?
c?ܠ??9͐??????I??ΫN??&
?my?x????h?4h|?̒?t?nt?z?E?oI??$??پ?????\??v????????ZDZʙ???\??H\?QW?o?^ІA??H}????O?<|(K9;?b?<???? AMte??.?W?g??????\䩫?ʄ?}:!V??X7-??q?h)?7??G???ŗ?@Fj?S?Go?????x????l?(?j[֏sx?)???M??J}3qn????X???ՄZ??g??\?7{?P????G???\??#q???W6?????إ??Ѕ?b
49c??1??m??T#???]H?5BJ?df?@KV?? ?@??ʺ????V?m????k?
??ے?iq;??F ????:sw?6?HҘ?Q?_?U?w?#??y??[*O/.??S??P??<n?BJ%G?(J?+??6????t?????@|oS?
>?:?'?b,????w ?V[
?;???'7??
Now, we delete the original file and send the /tmp/encryptedfile.gpg
to the recipient. The recipient will use the following command to decrypt this message using their own private key:
$ gpg --output decryptedfile.txt --decrypt encryptedfile.gpg
Let’s check out if the decryptedfile.txt
got the original content:
$ cat decryptedfile.txt
This is the plaintext file.
Voila!
GPG using the password
To encrypt the document using password we need to replace the flag --recipient
with --symmetric
. GPG will now use the symmetric encryption algorithm to encrypt the file:
$ gpg --output encryptedbypassword.gpg --symmetric plaintextfile.txt
Let’s check out the contents of the encryptedbypassword.gpg
:
$ cat encryptedbypassword.gpg
?.?FȆ????]??u???qBɄV?kxvhA????L???8??O???X
?t?tIJڒc;Z??x??W?8Z<??ſ??I?֍??-Ur ?ú
Now, the sender sends the encryptedbypassword.gpg
to the recipient and the password for decryption. The recipient can now decrypt the file like this:
$ gpg --decrypt --output received.txt encryptedbypassword.gpg
Opening the received.txt
we can see the original content:
$ cat open.txt
This is the plaintext file.
Related articles:
How Asymmetric Encryption Works
How Symmetric Encryption Works