Getting started with GPG (GnuPG)
GnuPG, also known as GPG, can be used to encrypt files for confidentiality or sign files for integrity and authenticity. This article explores the minimum commands needed to encrypt a file or check a signature.
What is GnuPG and where is it used?
GnuPG, is a tool that is compliant with the OpenPGP Internet standard described in RFC4880 and which is used for secure communication and data storage. It has a robust key management system and integrates easily with other applications. In addition to encrypting and signing data, it provides support for S/MIME and Secure Shell (ssh).
Package repositories are mirrored around the world. Digital signatures are used to ensure that you get an exact copy from the original packager and not a malicious version from a compromised site. OpenPGP programs such as GPG are used to sign and verify those packages.
Local disk encryption protects data at rest for your powered-off laptop. However, to make sure that only the intended recipient can open a file you send by email or drop into a shared folder, you need to encrypt that individual file. The TLS certificates used with email or web-based drop boxes only protect the transfer on the wire. OpenPGP products can encrypt a file with a shared symmetric key or with asymmetric key pairs.
How do I install GnuPG?
Most Linux distributions already have GnuPG installed, and the current version will likely use GnuPG 2.0 by default.
$ yum list gnupg* Installed Packages gnupg2.x86_64 2.2.18-2.fc31 @updates gnupg2-smime.x86_64 2.2.18-2.fc31 @updates Available Packages gnupg-pkcs11-scd.x86_64 0.9.2-1.fc31 updates gnupg1.x86_64 1.4.23-9.fc31 fedora
The installed binary is likely named
gpg, but because of the recent version changes, you may want to check that as well.
$ ls -l $(which gpg gpg2 gpg1) /usr/bin/which: no gpg1 in ... -rwxr-xr-x. 1 root root 1085608 Dec 6 04:02 /usr/bin/gpg lrwxrwxrwx. 1 root root 3 Dec 6 04:02 /usr/bin/gpg2 -> gpg
Early adopters of version 2.0 needed to use a
gpg2 binary. Now that version 1.0 is considered obsolete, users of that older version may need to use a binary called
gpg1. On my current Fedora and RHEL 8 systems,
gpg2 is a symbolic link to
gpg, which is the main binary.
The first time you run any
gpg command, a configuration directory and keyring will be created in your home directory. For example, if you run
gpg --list-keys to display keys you may see the following message:
$ gpg --list-keys gpg: directory '/home/bestuser/.gnupg' created gpg: keybox '/home/bestuser/.gnupg/pubring.kbx' created gpg: /home/bestuser/.gnupg/trustdb.gpg: trustdb created
Encrypt and decrypt a file with a shared secret
Simply having GnuPG installed is enough to encrypt or decrypt a file with a shared secret. To specify symmetric encryption, use the
--symmetric option and pass the file you wish to encrypt. You are prompted to enter and reenter a passphrase for the encrypted file.
$ gpg -c sample1.txt
The default is to create the encrypted file with a
gpg extension added to the original filename.
$ file foo* sample1.txt: ASCII text sample1.txt.gpg: GPG symmetrically encrypted data (AES cipher)
You can use the
--output option to specify a specific output filename.
To decrypt the file, use the
$ gpg -d sample1.txt.gpg gpg: AES encrypted data gpg: encrypted with 1 passphrase Demo for GnuPG bestuser
The default is to display the contents to standard out and leave the decrypted file in place. Use the
--output option to specify an output file, especially when the contents are a data file. Additionally, GnuPG tries to use its cached passwords to decrypt before prompting for the shared secret. The cache is based on a message-specific salt value, but you can use the
--no-symkey-cache option to have
gpg skip the cache.
This encrypted file can now be sent to a remote location. Determining how to share the passphrase to decrypt it is a separate issue.
Working with public keys
Because sharing secrets can be insecure and simply does not scale well, files for a specific recipient are often encrypted with the recipient's public key. Only the holder of the private key can then decrypt the file. To send a file encrypted with a recipient's public key, you must first import that public key. Public keys are also used to verify signatures.
Import a public key
If the recipient has provided the key in an email or on their website, you can download the file and use the
--import option. For example, if you are reporting a security vulnerability or working on a CVE with a company, their security team probably has a key posted on their contact page.
$ gpg --import dce3823597f5eac4.txt gpg: key DCE3823597F5EAC4: public key "Red Hat, Inc. (Product Security) <email@example.com>" imported gpg: Total number processed: 1 gpg: imported: 1
I can list the fingerprint of the key and compare it to the web site to see if I already have the correct key.
$ gpg --fingerprint /home/bestuser/.gnupg/pubring.kbx --------------------------------- pub rsa4096 2017-10-31 [SC] 77E7 9ABE 9367 3533 ED09 EBE2 DCE3 8235 97F5 EAC4 uid [ unknown] Red Hat, Inc. (Product Security) <firstname.lastname@example.org> sub rsa4096 2017-11-01 [E]
Encrypt a file with a recipient's public key
--encrypt option to encrypt a file. If you do not specify the recipient on the command line with the
--recipient option, you are prompted to specify the user ID. The email address is often the easiest way to specify the user ID.
$ gpg -e -r email@example.com sample2.txt
You are shown the key ID and fingerprint, and you may be asked to confirm the usage of the key if the
gpg utility cannot verify any signatures on the key.
Like with symmetric encryption, the output file has a
$ file bar* sample2.txt: ASCII text sample2.txt.gpg: PGP RSA encrypted session key - keyid: 504F91B8 12E07832 RSA (Encrypt or Sign) 4096b .
Check a signature
Sometimes it is not the confidentiality of the message or file that is an issue, but rather the authenticity. An email or a package file can be digitally signed with a private key and later verified with the public key. Fedora provides CHECKSUM files to verify downloads and signs those files with the Fedora GPG key, as documented on their security page.
After importing the GPG key, I can check the signature of the CHECKSUM file using the
$ gpg -v Fedora-Workstation-31-1.9-x86_64-CHECKSUM gpg: Signature made Fri 25 Oct 2019 09:09:48 AM EDT gpg: using RSA key 50CB390B3C3359C4 gpg: Good signature from "Fedora (31) <firstname.lastname@example.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7D22 D586 7F2A 4236 474B F7B8 50CB 390B 3C33 59C4
The message indicates a "Good signature" but warns that
gpg cannot validate the key used for the signature. If I trust the fingerprint provided and the source of the key, then I can trust the file contents are what Fedora released, even if I obtained the CHECKSUM file from an unknown mirror site.
In this article, we started using GnuPG to encrypt or verify a file. In a future article, I will walk through creating a key that others can use to send you confidential files.
[ Check out the IT security and compliance checklist. ]