- Let's make sure we use the most recent version of gpg
$▶ gpg --version
gpg (GnuPG) 2.2.12
libgcrypt 1.8.4
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ...
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
- We have this secret file,
test.txt, with a secret message. We want to encrypt this file.
$▶ echo 'hello world' > test.txt
$▶ cat test.txt
hello world
- We will encrypt this file with AES256 and a passphase. When asked for a passphase, enter a long enough one, and verify it again.
$▶ gpg --cipher-algo AES256 -c test.txt
-
A new file,
test.txt.gpg, is created. We can now remove the originaltest.txtfile. -
Note that
gpg-agentcaches this passphase. We should clear the passphase from cache.
$▶ echo RELOADAGENT | gpg-connect-agent
OK
- We can decrypt the file using the same passphase.
$▶ gpg test.txt.gpg
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: AES256 encrypted data
tgpg: encrypted with 1 passphrase
- After decrypting, we can clear the passphase from cache again.
$▶ echo RELOADAGENT | gpg-connect-agent
OK