Encrypting and decrypting files with a password

The OpenPGP tool gpg, which is part of GnuPG, is great for encryption and decryption of files. You can use it with a key or simply a passphrase. Here I will show you how do encrypt and decrypt with a passphrase.

Encrypt files interactively

Encrypt foo.tar.gz:

gpg -c foo.tar.gz

gpg will ask you for a passphrase. -c encrypts with a symmetric cipher; CAST5 (CAST128) is the default cipher. This generates foo.tar.gz.gpg in the same directory.

You can specify a filename for the encrypted file:

gpg -c -o bar.gpg foo.tar.gz

Encrypt files non-interactively

To encrypt non-interactively, for example in a shell script or crontab, you can specify the passphrase on the command line:

gpg --passphrase supersecret -c foo.tar.gz

Decrypt files interactively

To decrypt a file:

gpg foo.tar.gz.gpg

You can specify a filename for the decrypted file:

gpg -o filename foo.tar.gz.gpg

Decrypt files non-interactively

To decrypt non-interactively, for example in a shell script or crontab, you can specify the passphrase on the command line:

gpg --passphrase supersecret foo.tar.gz.gpg

Using a different cipher

To use a cipher other than the default one (CAST5), use the option --cipher-algo name. Run gpg --version to get the list of supported ciphers. My gpg says:

Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, 
        CAMELLIA192, CAMELLIA256

2010-09-12 · encryption · gpg