- 64
- 4
you will learn how to encrypt a file using a public key and decrypt it using a private key from the command line.
Run the following command to create a test user account that will act as the file sender.
Since we're using a test account as the file sender, it doesn't need its own GPG key; we simply need to import the recipient's public key.
In Part 2, we uploaded the public key to the keyserver using the following command:
Now you can simply run the following command to import the public key.
The user ID is your GPG email address.
Since we're using the test account as the file sender, it doesn't need its own GPG key, we just need to import the recipient's public key.
Now you can simply run the following command to import the public key.
The user ID is your GPG email address.
As you can see, one entry with my email address was found on the keyserver, so enter the number 1 to import this key.
Then check the fingerprint of this key:
In the real world, you would also run the following command to sign the recipient's public key.
However, we're testing this, so you don't need to do this right now.
Then run the following command to encrypt a file for a single recipient. --armor means the file will be encrypted in ASCII format instead of creating a binary file.
Note the warning "There's no assurance this key belongs to the named user."
This is because we didn't sign the recipient's public key in the previous step. Press y and Enter.
This will create a file with the .asc extension, which is an encrypted file, also known as ciphertext.
If you imported multiple public keys from multiple people, you can use the following syntax to encrypt the file for multiple recipients.
Then enter the following command to decrypt it.
It will ask you to enter a passphrase to unlock the private key.
Afterwards, the decrypted content will be saved as decrypted.txt.
You can now check the contents of the decrypted.txt file.
Conclusion:
This file is encrypted with GPG
How GPG encryption works
If you need to send an encrypted file to a recipient using GPG, follow these steps.- Import the recipient's public key into your keychain.
- Encrypt the file using the recipient's public key.
- Send the encrypted file to the recipient.
- The recipient decrypts the file using his private key.
Step 1: Create a second user account
We'll need another user account for testing.Run the following command to create a test user account that will act as the file sender.
Step 2: Import the public key
Switch to the test user account. (Please do not omit the dash symbol.)Since we're using a test account as the file sender, it doesn't need its own GPG key; we simply need to import the recipient's public key.
In Part 2, we uploaded the public key to the keyserver using the following command:
Now you can simply run the following command to import the public key.
The user ID is your GPG email address.
Since we're using the test account as the file sender, it doesn't need its own GPG key, we just need to import the recipient's public key.
Now you can simply run the following command to import the public key.
The user ID is your GPG email address.
As you can see, one entry with my email address was found on the keyserver, so enter the number 1 to import this key.
Then check the fingerprint of this key:
In the real world, you would also run the following command to sign the recipient's public key.
However, we're testing this, so you don't need to do this right now.
Step 3: Encrypt the file using the public key
Using a test account, run the following command to create a sample file.Then run the following command to encrypt a file for a single recipient. --armor means the file will be encrypted in ASCII format instead of creating a binary file.
Note the warning "There's no assurance this key belongs to the named user."
This is because we didn't sign the recipient's public key in the previous step. Press y and Enter.
This will create a file with the .asc extension, which is an encrypted file, also known as ciphertext.
If you imported multiple public keys from multiple people, you can use the following syntax to encrypt the file for multiple recipients.
Step 4: Decrypt the file using the private key
Now go back to the original account and copy the test-file.txt.asc file.Then enter the following command to decrypt it.
It will ask you to enter a passphrase to unlock the private key.
Afterwards, the decrypted content will be saved as decrypted.txt.
You can now check the contents of the decrypted.txt file.
Conclusion:
This file is encrypted with GPG