Multimusen.dk

600+ Multimedia tutorials

GPG – encrypt and decrypt text files

Written by

Per Thykjaer Jensen

in

How can I send GPG-encrypted files from one computer to another? In theory this should be simple. In practise most tutorials miss a step or two. Here is a guide with the steps I used.

Both the sender and the receiver must have gpg installed on their systems. Now the steps are:

  • The Sender will ask for the Receiver’s public key.
  • The Receiver will either mail the public key or use an online keyring. The last method is used in this tutorial.
  • If a public keyring is used the Sender can fetch the public key on the keyservers website.
  • Now the Sender will be able to import the public key and then encrypt the relevant text files for the particular public key.
  • The files are distributed to the Receiver.
  • At last the Receiver will decrypt the files. Here GPG will decrypt by the secret key – if the public key is present in the files .

So only the owner of the secret key is able to decrypt these files.

What the “Receiver” should do

Create and send a public key

GPG-files are exchanged by keys. You’ll need the public key from the person you want to send to. When you have the key you can encrypt the file for a person with the particular key. You can save the keys on keyservers, e.g. https://keyserver.ubuntu.com/

Create the key pair

The person who will receive the encrypted files will have to send a public key to the person who will send the files.

Use this command, and follow the steps in the prompts. You’ll have to give your email, and a description of the key. And a password – and: don’t forget the password!

gpg --full-generate-key

Now you can export your keys. Keep the private key somewhere secure. Send the public key to the receiver or upload it to an online service, see below.

List keys

With the list key option you can see and copy the public key id. The command below will list all your keys:

gpg --list-keys

Send the public key to a keyserver

Now you can send the public key (not the private!) to a keyserver:

gpg --keyserver hkps://keyserver.ubuntu.com --send-key KEY-ID

On this website you can check if your key is uploaded:

https://keyserver.ubuntu.com/

Steps for the “Sender”

First the sender must get the public key from the keyserver. On Ubuntu’s keyserver you can search for the Receiver’s email. When it’s found you can download the key as a gpg file from the keyserver:

https://keyserver.ubuntu.com

Search for a key

The public keyfile can be downloaded when you click on the public key-id. Now import the public key to your keyring:

gpg --import key.asc

Now you can encrypt the file for the Receiver:

gpg --encrypt --armour MYFILE.TXT

The Sender will be asked to give the Receiver’s user id – it is the email address.

If you’re told that the person’s id is not confirmed, just select use it anyway (y).

Now the file is encrypted and will be saved as:

MYFILE.TXT.asc

Give this file to the Receiver – you can mail it or hand it over otherwise.

Final Step: The Receiver will decrypt the file

So now the Receiver got the MYFILE.TXT.asc file. Now it can be decrypted:

gpg --output DECRYPTED.txt --decrypt MYFILE.TXT.asc

In the directory the Receiver will see MYFILE.TXT, and now it’s possible to either edit or see the contents of the file:

cat DECRYPTED.txt

How to save your keys

Since you need both the secret key and the public key it’s a good idea to save them somewhere safe.

You can create them like this:

gpg --output public-MyPC.pgp --armor --export yourName@domain.org
gpg --output private-MyPC.pgp --armor --export-secret-key yourName@domain.org

Two keyfiles will be created. Save them somewhere as safe.

When you want to use the encrypted files you can just import either the secret or the public keys.

gpg --import YOURKEYFILE

Then you can use the files.

Quick and Dirty Method

If you are the owner of both computers and just want to use your encrypted files on another system. copy the files to another PC. In order to use them with gpg – just import the secret key.

If gpg gives you an error like “the key has expired” you can edit the file, so that’s it’s valid forever and you trust it 100%.

gpg --edit-key YOURKEY.asc

A prompt will open. Use “expire” and let i live forever. Use “trust” and select level 5, which is ultimate. That is: if you trust yourself …

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More posts

Enable Notifications OK No thanks

We use cookies - more information

Multimusen.dk will set a few cookies from Doubleclick, Google and the Social Media plugins they ay set some cookies. Some of my pages use APIs - such as YouTube, LinkedIn, Google Fonts, Google Maps, Mapbox, Spotify, Jetpack, Twitter, Facebook &c.. Such plugins may set the odd cookie.

Close