Asymmetric Encryption for confidential, trusted data exchange over any transport
Check if GnuPG (gpg
) is installed. In a Terminal:
# Check if gpg installed
$ which gpg [0]
/usr/local/bin/gpg
$ gpg --version
gpg (GnuPG) 2.3.3
[...]
macOS with Homebrew:
brew install gnupg
macOS with MacPorts
sudo port install gnupg2
Ubuntu:
apt install gnupg
Fedora:
dnf install gnupg
CentOS:
yum install gnupg
Or download binaries directly from gnupg.org
Below outlines the following steps:
- Set required parameters - your Name, Email Address and a strong Passphrase
- Generate a new public/private GPG KeyPair using
gpg
(requires Name, Email address and Passphrase) - Export the public key to a text file using
gpg
- Copy the public key content to the clipboard
- Example Public Key Content
- Example Encrypted File Content
- Decrypt an Encrypted File using
gpg
- Show the content of the Encrypted File
NOTE: All commands below expect a POSIX-like shell, such as
zsh
,bash
or equivilent available on macOS or Linux.
# Optional, specify a working directory
mkdir $HOME/temp-gpg
cd $HOME/temp-gpg
# GPG Uses your Name and Email address to identify your private/public key
export MY_EMAIL="My Full Name <my.email.address@example.com>"
# GPG Uses a secret passphrase/password to encrypt your private key.
# DO NOT LOSE THIS. DO NOT SHARE. THIS IS A SECRET. PLEASE CHANGE THIS.
export MY_SECRET_PASSPHRASE="enter a nice long secret passphrase here"
# Generate a new GnuPG KeyPair using your name and secret
echo "$MY_SECRET_PASSPHRASE" | gpg --batch --pinentry loopback --passphrase-fd /dev/stdin --quick-gen-key "$MY_EMAIL"
# Export your _public_ key to "$MY_EMAIL.pub.txt"
gpg --armor --output "$MY_EMAIL.pub.txt" --export "=$MY_EMAIL"
# Copy to Clipboard on macOS with "pbcopy"
cat "$MY_EMAIL.pub.txt" | pbcopy
# ... or print to your terminal and copy output
cat "$MY_EMAIL.pub.txt"
# Email me the text file exactly as shown, best sent as an attachment
# It will look like this:
# $MY_EMAIL.pub.txt
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYbPD7xYJKwYBBAHaRw8BAQdAlLgOG54l6Z2J3bbhb6vCZtQT9pG+4+g3JMfU
DAfMakW0K015IEZ1bGwgTmFtZSA8bXkuZW1haWwuYWRkcmVzc0BleGFtcGxlLmNv
bT6IlAQTFgoAPBYhBM68kyAvcwIRjCK8dhj5kwIg+0HUBQJhs8PvAhsDBQsJCAcC
AyICAQYVCgkICwIEFgIDAQIeBwIXgAAKCRAY+ZMCIPtB1O2LAQAAbfONw2mYStWs
dwhvuksCi1dyaWryeI39C0+00jNZ6gEA2xxZm9agVTFIycx0ewfOW4z5/aj6baik
8Mnf+YHHmA24OARhs8PvEgorBgEEAZdVAQUBAQdACQeTs1lMUrsN9PWaWXUDH8Xo
6XcjCwuGD+/3sn4dKXwDAQgHiHgEGBYKACAWIQTOvJMgL3MCEYwivHYY+ZMCIPtB
1AUCYbPD7wIbDAAKCRAY+ZMCIPtB1BPjAQCSo5vLECdPqsnkfybWcO72F8/nlM7U
Od8PW4zdhXleCwD7BFUuc839cCgoooE/QP9OYd9hJq7IlRrZrZRKylj8gAA=
=LkKt
-----END PGP PUBLIC KEY BLOCK-----
Place the encrypted file encrypted_file.enc.txt
in the same working directory as the commands above.
NOTE: You will need your secret passphrase (
$MY_SECRET_PASSPHRASE
)
# I will encrypt the file content and email it back to you. It will look like this:
# encrypted_file.enc.txt
-----BEGIN PGP MESSAGE-----
hF4DKggLBzrRrpoSAQdAmpjKZvVJadH1B/UynjDo04wytQfd0MD0tGsp9AAypUUw
17WW5BaHyfORFpf7yyHUFSX5ClH0k+PjfxYh9upp8LbDTmxWt8PYZLhZmICCbXtd
1KgBCQIQJTFg56lmGU0SPLKKgSLH8GlaV45Nev2CuHZq39O7qeqkfkPmDDEWOk4I
QkVwC0eZTGALtV98AOQ1Dn5y3Jo8Q2LUuTcH8RVbg+OIpt72pHxObcPPa3SeGE+0
6aVLCcDOQuwRSCM8RTJGLua/5zwv/Vy2eH1mFSwCtbAW6GjLQx2jTyMFAbiusPDV
YnjSyEHfwuwWBlizfvOa7muWUJgPqsRgspM=
=Pgc3
-----END PGP MESSAGE-----
# Decrypt the message and write it to "decrypted-message.txt"
ENCRYPTED_FILE="encrypted_file.enc.txt"
DECRYPTED_FILE="decrypted_file.txt"
echo "$MY_SECRET_PASSPHRASE" | gpg --batch --pinentry loopback --passphrase-fd /dev/stdin --armor --output "$DECRYPTED_FILE" --decrypt "$ENCRYPTED_FILE"
# View the decrypted file contents:
cat "$DECRYPTED_FILE"