In the previous article, I told you about signing files.
Maybe have you checked the mini-book signatures. I hope so. It is one of the most useful things you can do with gpg. A lot of webmasters place signed files to download on their websites (softwares or code mostly).
You can read also the first serie or the second one :
- Part 8 : Sign files
- Part 9 : Encrypt files
- Part 10 : GPG Conf'
- Part 11 : Some details about keys and maths
- Part 12 : Export and import public and private keys
- Part 13 : Various security aspects
- Part 14 : Publish a signing policy
- Part 15 : Using gpg in command line
- Part 16 : Going to a gpg signing party
I am now going to tell you about encrypting files. The aim is to protect your data from theft.
Those data can be text (your thoughts …), figures (spreadsheets, numerical values of business…), video or audio data…
Gpg does not care: it will encrypt the whole, without taking care of content or container.
Encrypt a file
Encrypt a file is actually way easier than signing it, because there is only one thing to do: encrypting. I guess you begin to ask yourself:
What is that ? Encrypting ? I want to know !
Please feel fine, you will know about it soon.
So if you want to protect your data from theft, you have to encrypt it with the public key of the person who should read it.
I just explained mail
When you encrypt a mail in PGP/Mime format, you do that: you encrypt the text, then the result (an unreadable text file) is included as a file in your mail. It goes very well along with signature.
When you encrypt a mail in PGP/inline format, you encrypt the text, then the result (the same unreadable text) is copied in your mail in place of the original.
But I just want my data to be safe…
Yes, precisely ! So you have to encrypt them with the public key of the only person who could read it: yourself !
This is actually one of the only time you use your public key.
The process is the same as signing, but instead of using the Sign option in your keys manager, you will use Encrypt.
And the same for opening: use your keys manager, and tell it where to place the extracted file.