Source: mightypile https://askubuntu.com/a/829835
I do this with asymmetric key encryption. That means I have a public key (that I can share with anyone I'd like to send me encrypted packages) which allows me to encrypt the package. I also have a private key (that I do not share) which allows me to decrypt the package.
My commands to encrypt the current working directory: the -e to encrypt, the -r to specify a "recipient" or key to use, the -o to specify the output file.
$ tar -cvz . | gpg -e -r ABCD1234 -o backup.tgz.gpg
And to decrypt to the current working directory: