Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




19.4. Encrypt and decrypt

After installing, importing, signing and configuring everything in the way that we want, we can start on encrypting and decrypting our work. To encrypt and sign data for the user RedHat that we have added on our keyring above, use the following command:
          [root@deep] /# gpg -sear RedHat <file>

Example 19-3. Encrypting

          [root@deep] /# gpg -sear RedHat message-to-RedHat.txt

          You need a passphrase to unlock the secret key for
          user: "Gerhard Mourani (Open Network Architecture) <[email protected]>"
          1024-bit DSA key, ID BBB4BA9B, created 1999-10-26
          Enter passphrase:
Of the arguments passed,

The s is for signing

To avoid the risk that somebody else claims to be you, it is very useful to sign everything you encrypt,

  • e for encrypting,

  • a to create ASCII armored output .asc ready for sending by mail,

  • r to encrypt the user id name

  • <file> is the message you want to encrypt.

To decrypt data, use the following command:
          [root@deep] /# gpg -d <file>

Example 19-4. Decrypting

          [root@deep] /# gpg -d message-to-Gerhard.asc

          You need a passphrase to unlock the secret key for
          user: "Gerhard Mourani (Open Network Architecture) <[email protected]>"
          2048-bit ELG-E key, ID 71D4CC44, created 1999-10-26 (main key ID BBB4BA9B)
          Enter passphrase:

  • -d is for decrypting

  • <file> is the message you want to decrypt.

It is important that the public key of the sender of the message we want to decrypt be in our public keyring database. or of course nothing will work.

19.4.1. Exporting your public key

You can spread your wings by exporting and distributing your public key to the world. This can be done by publishing it on your homepage, through an available key server on the Internet, or any other available method. GnuPG has some useful options to help you publish your public keys. To extract your public key in ASCII armored output, use the following command:
          [root@deep] /# gpg --export --armor > Public-key.asc

  • --export is for extracting your Public-key from your pubring encrypted file,

  • --armor is to create ASCII armored output that you can mail, publish or put it on a web page

  • > Public-key.asc is to put the result in a file that you've named Public-key.asc.

You need to Check the signature, once you have extracted your public key and exported it, everyone who knows or gets your public key should be able to check whether encrypted data from you is also really signed by you. To check the signature of encrypted data, use the following command:
          [root@deep] /# gpg --verify <Data>
The --verify option will check the signature where <Data> is the encrypted data/file you want to verify.

Some possible uses of GnuPG software

  1. Send encrypted mail massage.

  2. Encrypt backup files before transmission over the network.

  3. Encrypt individual sensitive files i.e. a file that handle all your passwords.

  Published under the terms of the Open Publication License Design by Interspire