Redhat:GPG2

Secure Files

While there is a larger amount a security around networks, files that are transmitted over them may need to be secure in themselves. This is achieved through encryption.

The standard encryption is Pretty Good Privacy (PGP) and its open source equivalent GNU Privacy Guard (GPG). Redhat provides GPG version 2 (GPG2) by standard with RHEL6.

GPG2 Commands

gpg	softlinked to gpg2
gpg2	GPG2 encryption and signing tool
gpg-agent	gpg2 key management
gpgconf	gpg2 component status
gpg-connect-agent	agent communication
gpg-error	interpret GPG error codes
gpg-error-config	build applications based on GPG error codes
gpgkey2ssh	conversion command for GPG2 keys for SSH
gpgparsemail	Under Development
gpgsplit	split GPG2 message into packets
gpgv	soft linked to gpgv2 command
gpgv2	Verify GPG signitures
gpg-zip	encrypt and sign files into an archive

GPG2 Key Generation

The gpg2 command can be used to create keys pairs used to encrypt and decrypt files.

gpg2 --gen-key

When the command is run it will promt you for a several options:

Encryption Scheme
Lifetime of the Keys
Number of Bits to Use
Passphrase
Name, Email and comment

Encryption Options

The keys can be created using four encryption schemes.

RSA / RSA
DSA / Elgamal
DSA (Sign Only)
RSA (Sign Only)

Use the GPG2 keys to encrypt a file

First you need to get and send the public key to the remote system in order to decrypt the file at the other end

gpg2 --export <user> > gpg.pub  # Export the public key for user to gpg.pub
scp gpg.pub <remote system>  # Send the file


#On the remote system
gpg2 --list-keys #list the current keys
gpg2 --import gpg.pub #import the new key
gpg2 --list-keys #verify the key has been imported

To Encrypt the file

gpg2 --out <output.file>  --recipient <user>  --encrypt <input.file> #encrypts input.file using the key belonging to user and outputs to output.file

Decrypt a File

gpg2 --out <output.file> --decrypt <input.file>