Tuesday, April 21, 2020

Encrypting Files Using GnuPG

This post shows how to use GnuPG to encrypt and decrypt files on a Linux environment.

1. If you haven't created your GnuPG key pair yet, you can use the following commands to create them and view their details.

Create a pair of GnuPG keys using the following command.

gpg --gen-key

The keys and their relevant information are stored in .gnupg directory under your home directory. You can view the public keys in your keyring using the following command.

gpg --list-key

You can view the private keys using the following command.

gpg --list-secret-keys

2. Encrypting a file called "private-file.txt" can be done as follows. We can either specify a new name for the encrypted file or GnuPG will automatically name the new file by appending .gpg extension to the name of the plaintext file.

gpg --encrypt --recipient your.email@gdomain.com private-file.txt

gpg --output encrypted.gpg --encrypt --recipient your.email@gdomain.com private-file.txt

3. Decrypting a file called "private-file.txt.gpg" can be done as follows. Similar to the previous case, we can either specify a name for the decrypted file or leave it to the default.

gpg --output private-file.txt --decrypt private-file.txt.gpg

gpg --decrypt encrypted.gpg > private-file.txt

4. Encrypting all the files in a directory can be done as follows.

gpg --encrypt-files --recipient your.email@gdomain.com /path/to/the/directory/*

5. Decrypting all the .gpg files in a particular directory can be done as follows.

gpg --decrypt-files /path/to/the/directory/*.gpg

Resources: 

1. https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/

2. https://www.gnupg.org/gph/en/manual.pdf

~*************~

Friday, April 17, 2020

Sending Secure Emails with OpenPGP

Use of encryption in our electronic communication is essential to protect our security and privacy. Here's how we can use OpenPGP standard to send and receive emails securly. While there are many software tools to get this done, I prefer this way.

1. Create a pair of GNU Pritty Good Privacy (PGP) keys using the following command.

gpg --gen-key

The keys and their relevant information are stored in .gnupg directory under your home directory. You can view the public keys in your keyring using the following command.

gpg --list-key

You can view the private keys using the following command.

gpg --list-secret-keys

2. Log-in to your email account from Thunderbird email client. Thunderbird is available by default in most Linux systems including Ubuntu Linux.

3. Install the Enigmail plug-in in Thunderbird. Since we have already created the GPG keys, Enigmail will automatically detect them and start using them. If we didn't have created the keys already, Enigmail facilitates creating them as well.

4. From the menu bar of Thunderbird, select the Enigmail item and then Key Management option, which will display your key. Right-click on your key and select the option "Upload Public Keys to Kerservers". This will post your public key to a public key server.

5. Now, we are good to go with sending and receiving encrypted emails. When you compose an email with Thunderbird, there is a padlock button that stands for encryption of the email. When you enable it and then hit send button, Enigmail will prompt you if the public key of the recipient is not available locally. In that case, it will also facilitate to obtain the required keys from keyservers as well.

References:

1. https://emailselfdefense.fsf.org/en/

2. https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/

~***********~

Tuesday, March 31, 2020

Setting up Hibernation on Ubuntu 18.04 LTS

The ability to hibernate the computer when we are done for the day and get back to where we left next time was a useful feature we had in Ubuntu sometime back by default. However, unfortunately, recent Ubuntu versions does not offer this feature off-the-shelf. Recently, I wanted to get this feature into my laptop running Ubuntu 18.04 version and following are the steps I followed.

1. Creating a swap file

My laptop has 8GB of RAM. Therefore, we need to have a swap space of at least the same size of RAM. Since I didn't want to allocate a partition partition, I created a swap file as follows. 

sudo fallocate -l 8G /swapfile2
sudo chmod 600 /swapfile2
sudo mkswap /swapfile2
sudo swapon /swapfile2


Append the following line to /etc/fstab file in your system.

/swapfile2 none swap sw 0 0

2. Enabling hibernation

Check the UUID of the device where swapfile is located using the following command. The UUID is a very long number that you can see in the output.

sudo findmnt -no SOURCE,UUID -T /swapfile2

Install the following tool.

sudo apt install uswsusp

Run the following command. When prompted, go ahead without a valid swap space by giving 'yes' as the response and then select the device partition where the swap file exists (don't select the swap file itself).

sudo dpkg-reconfigure -pmedium uswsusp

I'm not sure whether I ran the following command next. Probably I did.

sudo update-initramfs -u

3. Enabling the resume from hibernation at next boot

We need to update the /etc/default/grub file as follows.

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=UUID=<swap uuid>"

The following is how mine looks like after the modification.

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash resume=UUID=cda0136e-ffd9-4a0c-8657-a6511517aa71"

4. Testing hibernation

Run the following command to hibernate your computer. When you turn the computer on next time, it should resume the execution from where you left it when you run the following command.

sudo pm-hibernate

References:

1. https://askubuntu.com/questions/6769/hibernate-and-resume-from-a-swap-file

2. https://askubuntu.com/questions/548015/ubuntu-14-04-sudo-pm-hibernate-doesnt-work

~******************~