🔐 Getting Started with GPG: Encrypt and Decrypt Files Using GPG Keys

What is GPG?

GPG (GNU Privacy Guard) is a free and open-source tool that implements the OpenPGP standard for encrypting and signing data. It’s commonly used to:

Encrypt files or messages so only specific people can read them.
Sign files or messages to verify authenticity.

GPG uses asymmetric encryption — meaning it relies on two keys:

A public key: shared with others to encrypt files for you.
A private key: kept secret to decrypt files encrypted for you.

🛠️ Installing GPG

Check if GPG is already installed:

gpg --version

If not, install it:

Ubuntu/Debian: bashCopyEditsudo apt install gnupg
Fedora: bashCopyEditsudo dnf install gnupg
macOS: bashCopyEditbrew install gnupg

🔑 Step 1: Generate a GPG Key Pair

This creates both your public and private keys:

gpg --full-generate-key

Choose RSA and RSA (default).
Key size: 4096 recommended.
Expiration: optional.
Enter your name and email.
Set a passphrase (very important for security).

List your keys afterward:

gpg --list-keys

📤 Step 2: Share Your Public Key

Others need your public key to encrypt files for you:

gpg --armor --export you@example.com > public_key.asc

This creates a shareable file: public_key.asc.

📥 Step 3: Import Someone Else’s Public Key

If someone sends you their public key:

gpg --import their_public_key.asc

Now you can encrypt files for them.

🔒 Step 4: Encrypt a File Using GPG

Encrypt a file for a specific recipient using their public key:

gpg --encrypt --recipient someone@example.com file.txt

Creates file.txt.gpg, which only they can decrypt.

To create a text-based encrypted file:

gpg --armor --encrypt --recipient someone@example.com file.txt

Creates file.txt.asc.

🔓 Step 5: Decrypt a GPG-Encrypted File

To decrypt a file sent to you:

gpg --output file.txt --decrypt file.txt.gpg

GPG will use your private key (and prompt for the passphrase if needed).

🔐 Bonus: Encrypt a File with a Password (Symmetric Encryption)

Useful for self-use or simple password-based sharing.

Encrypt:

gpg --symmetric file.txt

You’ll be prompted to set a password. Creates file.txt.gpg.

Decrypt:

gpg --output file.txt --decrypt file.txt.gpg

🧹 Step 6: Cleanup (Optional Key Management)

Delete a public key:

bgpg --delete-key someone@example.com

Delete a private key:

gpg --delete-secret-key someone@example.com

✅ Summary: GPG Command Cheat Sheet

Action	Command
Generate keys	`gpg --full-generate-key`
List keys	`gpg --list-keys`
Export public key	`gpg --armor --export you@example.com > pubkey.asc`
Import key	`gpg --import pubkey.asc`
Encrypt file (public key)	`gpg --encrypt --recipient user@example.com file.txt`
Encrypt file (password)	`gpg --symmetric file.txt`
Decrypt file	`gpg --output out.txt --decrypt file.gpg`
Delete key	`gpg --delete-key user@example.com`

🧠 Final Thoughts

GPG gives you military-grade encryption for files and communication — all for free and fully open-source. It’s a must-have for anyone serious about privacy and secure file sharing.

Now, here’s a sample shell script you can use to automate GPG key creation and file encryption/decryption:

#!/bin/bash

# gpg_tool.sh: GPG key generation, encryption, decryption helper

generate_keys() {
    echo "Generating GPG key..."
    gpg --full-generate-key
}

list_keys() {
    gpg --list-keys
}

export_pubkey() {
    email="$1"
    gpg --armor --export "$email" > "${email}_pubkey.asc"
    echo "Exported public key to ${email}_pubkey.asc"
}

import_key() {
    file="$1"
    gpg --import "$file"
    echo "Imported key from $file"
}

encrypt_file() {
    recipient="$1"
    file="$2"
    gpg --encrypt --recipient "$recipient" "$file"
    echo "Encrypted $file -> ${file}.gpg"
}

decrypt_file() {
    infile="$1"
    outfile="$2"
    gpg --output "$outfile" --decrypt "$infile"
    echo "Decrypted $infile -> $outfile"
}

encrypt_symmetric() {
    file="$1"
    gpg --symmetric "$file"
    echo "Symmetrically encrypted $file -> ${file}.gpg"
}

case "$1" in
    gen) generate_keys ;;
    list) list_keys ;;
    export) export_pubkey "$2" ;;
    import) import_key "$2" ;;
    enc) encrypt_file "$2" "$3" ;;
    dec) decrypt_file "$2" "$3" ;;
    sym) encrypt_symmetric "$2" ;;
    *)
        echo "Usage:"
        echo "  $0 gen                          - Generate GPG keys"
        echo "  $0 list                         - List keys"
        echo "  $0 export you@example.com       - Export public key"
        echo "  $0 import pubkey.asc            - Import public key"
        echo "  $0 enc user@example.com file.txt - Encrypt file"
        echo "  $0 dec file.txt.gpg output.txt  - Decrypt file"
        echo "  $0 sym file.txt                 - Symmetric encryption"
        ;;
esac

Alok Yadav

My Blog Site