Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I encrypt plaintext with GnuPG?

I've been working a great deal with GnuPG lately and have come to depend on its ability to encrypt files, etc.

However, I am currently working on a couple of projects that involve communication (i.e. chat,email, etc) where I'd like to use existing keys to encrypt/decrypt text itself as opposed to a "container" such as a file or disk image.

I suppose I could encrypt the container, convert the stream to base64 (or something appropriate) then mark the text as such, but I would guess there is a more straightforward solution. I'm sure there is something simple I'm missing, but, well, I'm missing it.

Any ideas?

like image 401
humble_coder Avatar asked Mar 31 '11 18:03

humble_coder


People also ask

How do I encrypt using GnuPG?

To encrypt a document the option --encrypt is used. You must have the public keys of the intended recipients. The software expects the name of the document to encrypt as input or, if omitted, on standard input. The encrypted result is placed on standard output or as specified using the option --output.

What encryption does GnuPG use?

GnuPG also supports symmetric encryption algorithms. By default, GnuPG uses the AES symmetrical algorithm since version 2.1, CAST5 was used in earlier versions. GnuPG does not use patented or otherwise restricted software or algorithms.

How do I send encrypted messages using GPG keys?

Encrypt a filegpg and only the holder of the key behind [email protected] will be able to decrypt the message. ⚠️ You need to make sure that the public key you use for [email protected] actually belongs to the person you want to communicate with. This can be done in person, e.g. at a key signing party.


1 Answers

What about:

$ echo "hello" | gpg --symmetric --armor --passphrase "asdf" -----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.11 (Darwin)  jA0EAwMCWfhRZo0AiwVgyRw5Q26Tf+i6OCiQOVoUNJZEfz5ekBJw6BdVpE88 =ecV3 -----END PGP MESSAGE----- 

If this is what you're looking for, you'll want to setup gpg-agent to handle the passphrase… Passing it in from the command line like that is fairly insecure (as any program on the machine could steal it).

And if by “existing keys” you mean “existing pub/priv key pairs”, then:

$ echo "hello" | gpg --encrypt --armor -r B230230D -----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.11 (Darwin)  hQIMA+Cu7Ed7iNErAQ/8CTkEOOGVub1wEt4+5qnB9gNbVF7TNjWMjw/znKAjFg1j f0s5xuUoPamvtLXKbs0J6OdpwTZfOkK/MIXxjsz1P4cC01CmoSsdzIkhbqccX7GP VWRM9P0TxI9005JaxMh9rsoxVP2k/RtK3z2f3didl2SMS45TfhV8MJss5HqeQlVC KHiCWfbHB7ww68ZIVs/AAx0zVPVld1BwHJcRvFIohBu9GUTrDMYxpOsKNZDVWXb0 154KrNFgnjgueGmh25HYdfJ+gs0Fclsq5XATo2H7gfGnq+DALeWy20ig4o9VOAcj /KU2HRA/XD13MHRZiyJVTszF1VfvsdANnemI75O+f7z34+P0lQiCCV/Z7xqrd384 9V7Uby8n+9PppD+mpt8wiCjQUfAXmHBptoNw8OwuWUGnw7svCu7wqzgjBTyAxvwL 325/o9O2TTYZvOlpoxGayG3JbKzpHlQDv7RKIwC8W1nr/0q96Hxh+RpZfk0zwGyP wZOx27AyhLAOJtq6Tfg/ef+Ln6d5BaDWmvF9sC/wKXnjN60X6DSLlMDDIYO01whe JroyE+R1KMYB7r5y7VUGCoyPcrJj3yQTkYVWuvHSsy3sn7N+iWd/29V/ipFeT5Tb SKRV/Dj/ypJn07jnsLb2ixqr+UTaARP8el7UTJtYCzxs14xdw4uRvkezKZR08C/S QQFpMeFcVmxGCQVr5llp24bDjtiIT06VbXqZBiQ+kX9JHUDwYEs1qi+seNAlCG4C 4INLNud/n85iPWrSropiYPPY =SGgD -----END PGP MESSAGE----- 

In both cases, the message is decrypted using:

$ cat encrypted_message | gpg gpg: CAST5 encrypted data Enter passphrase: asdf gpg: encrypted with 1 passphrase hello 
like image 99
David Wolever Avatar answered Oct 02 '22 16:10

David Wolever