Encrypt a File on Linux or FreeBSD with GnuPG

Written by Mark Sanborn: Apr 22, 2008

If you ever wanted to quickly encrypt a file in Linux or FreeBSD without complicated keyrings and key files this is the post for you. In this guide we will use gnupg to quickly encrypt any file in Linux or FreeBSD. We will keep it simple and easy and leave out public/private key ring authentication and stick with simple password phrase encryption. Unlike password protection in zip files and other weak security implementation, PGP or GnuPG is a very secure way of encrypting files. It is pretty easy to set up so lets get going.

Linux

Start by installing gnupg For Debian and Ubuntu systems use:

# apt-get install gnupg

Installing GnuPG on FreeBSD

To install GnuPG with FreeBSD’s ports package management system use:

`# cd /usr/ports/security/gnupg

make install clean`

You also need to install pinentry. This is the program gnupg uses to create password phrases.

`# cd /usr/local/ports/security/pinentry

make install clean`

If you don’t install this you will get an error when you run gnupg like this:

gpg-agent[13068]: can’t connect server:ERR 67109133 can’t exec /usr/local/bin/pinentry’: No such file or directory’ gpg-agent[13068]: can’t connect to the PIN entry module: IPC connect call failed gpg-agent[13068]: command get_passphrase failed: No pinentry gpg: problem with the agent: No pinentry

I am not sure why FreeBSD doesn’t mark this as a dependency.

Encrypting the File

To encrypt the file all you have to do is:

gpg -c someFile.txt

To decrypt you can use:

gpg someFile.gpg

You will probably want to destroy the original unencrypted file. You can Securely Wipe a File with DD. By wiping the file with DD the original file will not be easily retrievable on your hard drive. This step is usually necessary because simply deleting doesn’t actually destroy the file.

Need to print shipping labels on your site?

Checkout my product RocketShipIt for simple easy-to-use developer tools for UPS™ FedEx™ USPS™ and more.

Share: