How to use the GPG to encrypt documents | GnuPG

GnuPG or GPG implements the PGP standard into the software we can use to apply PGP standardized encryption. In this article, we’ll describe how to use GPG to encrypt documents and files. GPG can be used to encrypt documents using a key or password. We’ll cover both scenarios.

Prerequirement: Make sure to have the GPG installed on your machine.

GPG using keys

When using keys for encryption we need to have the public key of the recipient first. To understand what the public key is, make sure to sync up with our article on this topic. Below is the step by step on how to use gpg to encrypt documents using the key:

For the sake of the example, we’ll create a txt file with content “This is the plaintext file.”.

$ cat /tmp/testfile.txt 
This is the plaintext file.

Now, we take the public key of the recipient so we can encrypt the file we’ll be sending them:

$ gpg --output /tmp/encryptedfile.gpg --encrypt --recipient [email protected] /tmp/testfile.txt

/tmp/encryptedfile.gpg is the file we are creating by encrypting the /tmp/testfile.txt.

When opened, the file /tmp/encryptedfile.gpg will have the following content:

$ cat /tmp/encryptedfile.gpg 
?
c?ܠ??9͐??????I??ΫN??&
                    ?my?x????h?4h|?̒?t?nt?z?E?oI??$??پ?????\??v????????ZDZʙ???\??H\?QW?o?^ІA??H}????O?<|(K9;?b?<???? AMte??.?W?g??????\䩫?ʄ?}:!V??X7-??q?h)?7??G???ŗ?@Fj?S?Go?????x????l?(?j[֏sx?)???M??J}3qn????X???ՄZ??g??\?7{?P????G???\??#q???W6?????إ??Ѕ?b
                                                                        49c??1??m??T#???]H?5BJ?df?@KV?? ?@??ʺ????V?m????k?
??ے?iq;??F ????:sw?6?HҘ?Q?_?U?w?#??y??[*O/.??S??P??<n?BJ%G?(J?+??6????t?????@|oS?
                                                                                 >?:?'?b,????w	?V[
           ?;???'7??

Now, we delete the original file and send the /tmp/encryptedfile.gpg to the recipient. The recipient will use the following command to decrypt this message using their own private key:

$ gpg --output decryptedfile.txt --decrypt encryptedfile.gpg

Let’s check out if the decryptedfile.txt got the original content:

$ cat decryptedfile.txt 
This is the plaintext file.

Voila!

GPG using the password

To encrypt the document using password we need to replace the flag --recipient with --symmetric. GPG will now use the symmetric encryption algorithm to encrypt the file:

$ gpg --output encryptedbypassword.gpg --symmetric plaintextfile.txt

Let’s check out the contents of the encryptedbypassword.gpg:

$ cat encryptedbypassword.gpg 
?.?FȆ????]??u???qBɄV?kxvhA????L???8??O???X
                                          ?t?tIJڒc;Z??x??W?8Z<??ſ??I?֍??-Ur	?ú

Now, the sender sends the encryptedbypassword.gpg to the recipient and the password for decryption. The recipient can now decrypt the file like this:

$ gpg --decrypt --output received.txt encryptedbypassword.gpg

Opening the received.txt we can see the original content:

$ cat open.txt 
This is the plaintext file.

Ivan Dabić

A man with a beard and glasses, wearing an orange hoodie and a black cap with a Hard Rock Cafe logo, stands with his arms crossed against a plain white background.

Ivan Dabić

Co-founder and CEO of BlueGrid.io, with a background in cloud infrastructure, distributed systems, monitoring, and security operations. He works closely with engineering teams to build and operate reliable systems while documenting both technical and organizational aspects of modern engineering work.

Ivan is a metalhead, and big fan of cyberpunk move genre. If you are his secret Santa go with Star Wars Lego box!

More from Ivan Dabić
Share this post

Share this link via

Or copy link