Encrypt your Files with GPG: A Concise Guide to Getting Started
I’ll start by saying this publication will focus on the practical implementation of the encryption technology GPG and how it can be used entirely from the command line on UNIX systems. This isn’t an in-depth technical document explaining hash algorithms and the like. My ambition with this publication is to show those who know nothing about GPG to use it to:
- generate a key-value pair using bash
- list keys in the key ring
- export your public key so a friend can send a coded message
- import your friend’s public key
- encrypt a a plain text file
without using overly technical concepts and terminology. The focus is for the reader to attain proficiency using the bash GPG commands to perform the above mentioned functions.
Background
Encryption is nothing more than taking data and using complex mathematical algorithms to make the data appear indecipherable. One of the most famous historical examples of encryption machines is the German Enigma machine of World War 2.
GNU Privacy Guard (also known as GPG or GnuPG) is a hybrid-encryption application, and like Symantec’s PGP, is compliant with RFC 4880, which is the IETF standards track specification of OpenPGP.
Low Down on Hybrid-Encryption
This is how the process occurs on a very high level. If this tickles your fancy and you want to know how the algorithms really work in a computer science context, I suggest you ask Google about things like “mathematical encryption algorithms”.
The core concept of this hybrid-encryption system is that a user has two keys: a public key and a private key. These “keys” are northing more than alpha-nuermic strings generated by some hashing function.
Lets say there’s a woman from Manhattan who has some unknown reason to send an encrypted message to her friend in Los Angeles, Bob. Alice and Bob both have a personal key pair — a key pair consists of a public key and private key.
One day while Alice is painting in a room thick with incense, she gets a call from Bob, who is sitting in LA traffic and frantically explaining that he needs to send her a message, and that it must be coded.
So Alice electronically sends Bob her public key. It its absolutely crucial that your public key is only given to other cryptos; protect your private key with your life if needed.
Bob then uses Alice’s public key to take his message.txt file and encrypt it, outputting a message.txt.asc file. This message.txt.asc file now appears to everyone attempting to read it as incomprehensible nonsense with no discernable pattern. This is essentially what is happening under the hood with iMessages.
There is a problem. The message is now coded and Bob wants to send it back to Alice but how can she read the gibberish? This is where the private-key really illustrates the need to keep the private-key entirely secret from anyone and everyone.
Alice uses her private-key (remember she created a key pair consisting of a public AND private key) to decode the message and now she can read Bob’s message.
Start Encrypting Messages
I am going to show you how this works in a process orientated finite series of steps. The basic steps are as follows:
- Install GnupG with home brew.
2. Generate gpg key-pair.
3. Export your public key to your friend as a text file
4. Import your friend’s public key so you can send her messages
5. Use the public key you imported to encode your message
6. Send coded message back to friend.
# install home GPG with home-brew
brew install gnupgbrew install gnupg# generate the public-key/private-key pair
gpg --gen-key# export key associated with specic email/ID to file
gpg --export --armor youremail@example.com > mypubkey.asc# import friend's public key
gpg --import theirpubkey.asc# show all keys in your key ring
gpg --list-keys# show all your private keys
gpg --list-secret-keys# encrypt a file with the recipent's public key you imported
gpg --encrypt --recipient glenn filename.txt
# render the file in clear text to the terminal
gpg --decrypt filename.txt.gpg# render the file in clear text to a new file
gpg filename.txt.gpg
Learn by Doing
That should be enough to get you encrypting and decrypting messages with GPG. You can start practicing by sending me an encrypted message. Feel free to contact me for my public key.
