Tuesday, April 21, 2020

Encrypting Files Using GnuPG

This post shows how to use GnuPG to encrypt and decrypt files on a Linux environment.

1. If you haven't created your GnuPG key pair yet, you can use the following commands to create them and view their details.

Create a pair of GnuPG keys using the following command.

gpg --gen-key

The keys and their relevant information are stored in .gnupg directory under your home directory. You can view the public keys in your keyring using the following command.

gpg --list-key

You can view the private keys using the following command.

gpg --list-secret-keys

2. Encrypting a file called "private-file.txt" can be done as follows. We can either specify a new name for the encrypted file or GnuPG will automatically name the new file by appending .gpg extension to the name of the plaintext file.

gpg --encrypt --recipient your.email@gdomain.com private-file.txt

gpg --output encrypted.gpg --encrypt --recipient your.email@gdomain.com private-file.txt

3. Decrypting a file called "private-file.txt.gpg" can be done as follows. Similar to the previous case, we can either specify a name for the decrypted file or leave it to the default.

gpg --output private-file.txt --decrypt private-file.txt.gpg

gpg --decrypt encrypted.gpg > private-file.txt

4. Encrypting all the files in a directory can be done as follows.

gpg --encrypt-files --recipient your.email@gdomain.com /path/to/the/directory/*

5. Decrypting all the .gpg files in a particular directory can be done as follows.

gpg --decrypt-files /path/to/the/directory/*.gpg

Resources: 

1. https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/

2. https://www.gnupg.org/gph/en/manual.pdf

~*************~

Friday, April 17, 2020

Sending Secure Emails with OpenPGP

Use of encryption in our electronic communication is essential to protect our security and privacy. Here's how we can use OpenPGP standard to send and receive emails securly. While there are many software tools to get this done, I prefer this way.

1. Create a pair of GNU Pritty Good Privacy (PGP) keys using the following command.

gpg --gen-key

The keys and their relevant information are stored in .gnupg directory under your home directory. You can view the public keys in your keyring using the following command.

gpg --list-key

You can view the private keys using the following command.

gpg --list-secret-keys

2. Log-in to your email account from Thunderbird email client. Thunderbird is available by default in most Linux systems including Ubuntu Linux.

3. Install the Enigmail plug-in in Thunderbird. Since we have already created the GPG keys, Enigmail will automatically detect them and start using them. If we didn't have created the keys already, Enigmail facilitates creating them as well.

4. From the menu bar of Thunderbird, select the Enigmail item and then Key Management option, which will display your key. Right-click on your key and select the option "Upload Public Keys to Kerservers". This will post your public key to a public key server.

5. Now, we are good to go with sending and receiving encrypted emails. When you compose an email with Thunderbird, there is a padlock button that stands for encryption of the email. When you enable it and then hit send button, Enigmail will prompt you if the public key of the recipient is not available locally. In that case, it will also facilitate to obtain the required keys from keyservers as well.

References:

1. https://emailselfdefense.fsf.org/en/

2. https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/

~***********~