gpg
From Initq
gpg is used for decrypting and encrypting files. gpg is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard. gpg features complete key management and all bells and whistles you can expect from a decent OpenPGP implementation.
Contents |
Create a Key
gpg --gen-keygenerally you can select defaults.
Export a public key
gpg --export -a "User Name" > public.key
Export a private key
gpg --export-secret-key -a "User Name" > private.key
Import a public key
gpg --import public.keyImport a private key
gpg --allow-secret-key-import --import private.key
Delete a public key
gpg --delete-key "User Name"
Delete a private key
gpg --delete-secret-key "User Name"
List public keys
gpg --list-keysList private keys
gpg --list-secret-keysFingerprint
gpg --fingerprint > fingrprint
Encrypt a file
gpg -e -u "Sender User Name" -r "Receiver User Name" somefile /usr/bin/gpg --armor --batch --no-tty --yes -u "DaimlerChrysler" -r "qais chaudry" --output ~/uploads/APPTR_EXP.txt.asc --encrypt --armor ~/uploads/APPTR_EXP.txt.asc.out
If you use someone elses public key to encrypt and get a message "There is no assurance this key belongs to the named user" then do the following:
chrysler@chrysler:~/uploads$ gpg --sign-key "DamnC" pub 1024D/C06857E3 created: 2007-04-11 expires: never usage: SCA trust: unknown validity: unknown sub 1024g/629DC88D created: 2007-04-11 expires: never usage: E [ unknown] (1). DamnC SSAP <ssap-app@damnc.com> pub 1024D/C06857E3 created: 2007-04-11 expires: never usage: SCA trust: unknown validity: unknown Primary key fingerprint: 7108 BA57 EE2D 3154 AF6C 1DFD 8D5B 1910 C068 57E3 DamnC SSAP <ssap-app@damnc.com> Are you sure that you want to sign this key with your key "qais chaudry (App Corp) <qchaudry@app.com>" (F54AE530) Really sign? (y/N) y You need a passphrase to unlock the secret key for user: "qais chaudry (App Corp) <qchaudry@app.com>" 1024-bit DSA key, ID E54AE534, created 2010-05-18
Decrypt a file
gpg -d mydata.gpg
gpg with cron
If you want to put your gpg scripts in a cron job then you have to use it in the following way.
/usr/bin/gpg --batch --no-tty --yes --output $input_path/confirmdata.csv \ --logger-file /home/app/damnc/payment_confirm/log/decrypt.log \ --passphrase dom --decrypt $input_path/payment_confirm.pgp
Make sure that the last flag used is the --decrypt flag.
Flags
- --batch
- --no-tty
- --yes
- --output $input_path/confirmdata.csv
- --logger-file decrypt.log
- --passphrase dominion1
- --decrypt $input_path/payment_confirm.pgp
