In this tutorial we show you how to sign and encrypt files with GPG on Linux systems digitally.
Step 1: Install GPG
To install GPG, in this case Ubuntu 17, we must execute the following line:
sudo apt install gnupg
Step 2: Generate GPG keys
Next, we will generate a gpg key that will be used for the signature of the files, in this case the process must be executed by the user who has to sign the documents, we execute the following:
There we must enter the name and email address, finally enter and confirm the password:
In some cases, the following will be requested:
- The type of key you want (Press Enter to accept the default RSA).
- The desired key size (We select the maximum key size, which is 4096).
- The time that the key must be valid.
Step 3: Sign Files with GPG
For this process we will go to the directory where the file is to be signed, in our case it is the desk whereby we enter the following:
There we execute the following line to sign the file:
gpg -sign Solvetic.docx
Automatically a pop-up window will be displayed where we will enter the password.
This password will be what we indicated in the process of creating the keys, in case of having several GPG keys in the system we can indicate to which email is associated with the following syntax:
gpg --sign --default-key email@domain Solvetic.docx
In case of not knowing in detail what keys we have, we can execute the following command:
Once the passphrase has been entered for the indicated key, the file will be signed and a new file with the extension .gpg will be generated, in this case Solvetic.docx.gpg. With that signed file, it will be possible to verify the signature with the following command:
gpg --verify Solvetic.docx.gpg
We can see that the signature assigned to the file is correct. Finally the recipient can decrypt the file by executing the following command:
gpg --output Solvetic.docx --decrypt Solvetic.docx.gpg
We can check how simple it is to add one more level of protection to the files that are sent in Linux.