GPG command line encryption
Hello,
I would appreciate it if someone would clarify gpg encryption. essentially I run the command Code:
gpg --output myFile.gpg --encrypt --recipient MyReciever myInput.txt Code:
It is not certain that the key belongs to the person named in the user id. If you really know what you are doing, you may answer the next question with yes if it matters i am running linux debian 4.9.168... |
Are you encrypting files to keep yourself or are you emailing them to someone? I only encrypted files to keep for myself so I can't speak as to how to use gpg with email.
|
I have received a public key i am encrytping the file so i can send to someone else.
|
I've never done this but is the public key imported into your configuration so gpg knows it exists? Guessing "MyReciever" is an alias or just placeholder for the recipient's email address so you don't post it publicly here?
Sorry for the vague answers but as I mentioned, I have never used gpg to send an encrypted file. I am quite familiar with PKI though, just not that implementation. |
yes, I imported into my keyring.
as a side note the entire encryption process works fine. i can encrypt a message without issue. i am trying to do it in a script which is why i am trying to avoid the |
Code:
It is not certain that the key belongs to the person named in the user id. If you really know what you are doing, you may answer the next question with yes This is what key-signing is about. What you do normally in this case is a Code:
:~$ gpg -kv [userid or key-id] Next, you sign the key with your own to certify the validity of the key. You created a new connection in the web of trust and GnuPG will no longer ask for confirmations. Even other people, who trust *your* key already, can now trust the other user's key. See also: Key-signing party. See also: TOFU See also: Self-signing a key comp.security.pgp FAQ - Very old and outdated, but still conveys the basics. |
thanks for the clarification
is there a way to avoid signing the key and still generating a valid encrypted file? basically, if i didn't care and just wanted to encrypt the file since i have the public key of the receiver? |
Quote:
Quote:
If you know that the key is authentic, GnuPG lets you set a trust-level for the key. ALL is in the manuals. The manuals to GnuPG are among the best ever written for any software. See here: https://www.gnupg.org/gph/en/manual/x334.html |
Thanks, Michael for the reply. You lead me down the right path.
I used the information you provided along with this (https://ianatkinson.net/computing/gnupg.htm) website to avoid having to sign the key. Also, made me aware of other ways also such as this https://blog.tersmitten.nl/how-to-ul...ractively.html. |
What I usually do is use --lsign-key, which is basically saying I trust the key for my own use, but I'm not prepared to vouch for it to others.
|
Another solution would be to use yes and the pipe the command into it, such:
Code:
yes | gpg --output myFile.gpg --encrypt --recipient MyReciever myInput.txt |
Quote:
Naa... I think it is funny. |
All times are GMT -5. The time now is 10:13 AM. |