Thursday, September 10, 2020

Using PGP (Pretty Good Privacy) on Ubuntu 20.04

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. [Wikipedia] 

 GnuPG or GNU Privacy Guard (GPG) is the GNU implementation of the PGP. To install on Ubuntu 20.04 (if it is still not installed by default), issue the following command: 

 # apt-get install gnupgp 

To determine if the program is installed: 

 # which gpg 

The display should display the directory where the gpg binary is located. 

To generate the keys:

 $ gpg --generate-key

Then, fill-out the prompts.  The keys will be installed in your home directory under the hidden folder ".gnupg".


Using GPG

The following assumes that you have generated your private and public key pairs needed for encryption and decryption.  If you have not, you can always generated them later on using a GUI program mentioned below.

a)  Using GPG to sign your file

To sign your file, issue the command: 

$ gpg  --output Myfile.docx.sig --detach-sig Myfile.docx

This will prompt you for the password of your private key and create a signature file "Myfile.docx.sig" for the document file "Myfile.docx".

To verify if the "Myfile.docx" has not been altered in any way, issue the command:

$ gpg --verify Myfile.docx.sig Myfile.docx

If the file has not been altered, it will display a similar text as follows:

gpg: Signature made Friday, 11 September, 2020 11:29:56 AM PST
gpg: using RSA key 24A7CC8FD2D0D2E189D90E15079F79242255ECA9
gpg: Good signature from "Clement L. Rasul <clemrasul@gmail.com>" [ultimate]

When it says "Good signature ...", it means the "Myfile.docx" has not been altered in any way.  If the file is altered, it will display a text similar to this:

gpg: Signature made Friday, 11 September, 2020 11:29:56 AM PST
gpg: using RSA key 24A7CC8FD2D0D2E189D90E15079F79242255ECA9
gpg: BAD signature from "Clement L. Rasul <clemrasul@gmail.com>" [ultimate]


b) Using GPG to Encypt and Decrypt your file

To encrypt your file, issue the command:

$ gpg --output Myfile.docx.gpg --encrypt --recipient Myfile.docx

This will encrypt and create the encrypted file "Myfile.docx.gpg".  This file is slightly larger than "Myfile.doc".

To decrypt your file, issue the command:

$ gpg --output Myfile.docx --decrypt Myfile.docx.gpg


c)  View your keys

On Ubuntu 20.04, your password and keys can be viewed on "Passwords and Keys".










Public keys sent to and accepted by you, gets displayed here.  This is just a viewer to the file stored in a hidden sub-directory .gnupg in your home directory.  On mine, it is in /home/clemrasul.


d)  Installing a GUI interface integrated with the Nautilus file manager

Issue, the command:

# apt-get install seahorse-nautilus

This will install the seahorse addin to your Nautilus file manager and will add Encrypt, Sign and Decrypt items using the right-click.


e)  Installing a GPG GUI on Ubuntu 20.04

A good overall GUI manager for Ubuntu 20.04 is Kleopatra.  It is part of the KDE desktop application set but will run on GNOME as fine.  To install, issue the command:

# apt-get install kleopatra
# apt-get install scdaemon




Note:  Kleopatra is also available on Windows and is the preferred application for GPG on Windows.  It is available on "GPG for Windows" website (http://www.gpg4win.org).


No comments: