At work today I had a request from a vendor to supply a GPG public key to encrypt some data and I thought I will write an article on how to use GPG. Now that I got a little bit of information about it out of the way let's go.
GPG should be installed by default in most Linux systems. But if it isn't I will use the following command in a Debian/Ubuntu based system to install the program.
sudo apt install gpg
Creating a key
Once the program is installed I will generate a new key pair. To do that I will use
gpg --generate-key. During the generation process I was prompted for a Real Name and an Email address. After I entered the required information the program will ask if I want to change any information or okay to proceed. Once I said it's okay to proceed I will be prompted to enter a password for the private key.
Now that I have generated a key pair I will use the private key to sign, encrypt or decrypt files. I will show the process of encrypting a text file, decrypting a file and exporting the public key using the gpg command.
Encrypting files with your key
I created a text file called file.txt that has a simple string of text inside of it. I want to encrypt this file and send it over to my friend. In order to do that I am going to use this command
gpg --encrypt file.txt. I will be prompted for a user id and this is where I would enter the email address that I entered when I created the key in the first step.
In the last line of the photo that there is now an additional file with the .gpg extension. That file is the encrypted file that I will send to my friend. The public key that I will export in the section below will be sent to my friend. That key will allow them to encrypt a response to me.
Exporting the public key
Now I need to export the public key for my friend to use. To get the key exported I will use
gpg --output test.asc --armor --export email@example.com. The
--output flag is what the public key will be called, the
--export flag is telling the program what key to export and the
--armor creates and ASCII armored output.
Importing your public key your file
When my friend receives the public key, they will have to import the public key into their keystore. To do that they need to use the type
gpg --import test.asc. The public key that I gave them can only encrypt the data and they don't have the ability to decrypt the file.
Decrypting the message
Once the key has been generated and I received their response I can decrypt the file by using this
gpg --decrypt file.txt.gpg > file.txt.
You can see in the picture above that the file was decrypted and I used the
cat command to view the contents of the text file that I just decrypted.
I hope that I helped explain the process of using gpg to help secure the transmission of your data. If you have any suggestions please email me and let me know.