Hello Group members..
I am Very new to Linux, was working on Unix for simple scripting.
Now We have a task to migrate the server from Unix to Linux.

We found that the crypt/encrypt commands are not available in Linux and we need to use GPG command instead.
I found the content from various websites is some what confusing.
Could you please let me know the simple steps for crypting/decrypting a file using gpg command(including key generation). we need to SFTP the crypted file to other server and decrypt the same there. I have other server which is unix server where we can not find gpg command.
It will be helpful for me If some body can provide end to end steps for using gpg with sample piece of code.
Thank you in advance.

Reagrds
Lakshmi

You won't be able to encrypt or decrypt over SFTP. You'll need a proper interactive session for that. But you can transfer encrypted files over SFTP and then use an interactive session to decrypt. For what it's worth, SFTP already uses strong encryption, so I'm not sure what you aim to achieve given the information provided so far.

What kind of encryption are you talking about? If you are using a symmetric cypher, then just use -c to encrypt and -d to decrypt.

For example,

If you are talking about public key encryption, then you'll need a viable keyring on both machines. If that is the case which guide are you following and where are you stuck?

1 members found this post helpful.

Hi,
Thank you for the explanation.
In the existing Unix process , by using crypt command files are getting encrypted and then are getting transferred to other systems through SFTP.
No we need to implement the similar process in Linux, hence I am trying to use gpg for encryption. For now we can leave about SFTP. My main aim is to encrypt the file.

I have already tried the below command to crypt the file , but it is giving the below error, could you please help me out.

gpg -c test_gpg.txt

error is like this :

gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `test_gpg.txt' failed: Operation cancelled

Thanks & Regards
Lakshmi

The gpg manual page could use a little rewriting but it works like this, if you are not running a graphical environment:

With gpg2, which you should be using soon instead, there is more difficulty since it always requires use of an agent.

Edit: remember the redirection both in and out of gpg for this type of action. Also, old gpg defaults to CAST5 for symmetric encryption:

Hi,
This is also failing with the below error:

gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect
gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `[stdin]' failed: Operation cancelled

But I am able to encrypt the file through the below command:

gpg --yes --batch --passphrase="mykey" -c test_gpg.txt

The output file is getting generated withe same name as of input file with the extension .gpg

when I tried with the below command then also the same thing is happening.

gpg --yes --batch --passphrase="mykey" -c test_gpg.txt>test_gpg_encrypted.txt.gpg

Redirection to output file is not happening, only an empty file is getting created with the file name specified and the encrypted file with the same name as input file with extension.

Can we get the encrypted/decrypted out put file with the required name (should not be similar to input file).

Please help.

Thanks & Regards
Lakshmi

What version of gnupg are you using? That needs to be identified first.

Also, are you going to do public key (asymmetric) encryption or regular symmetric encryption?

Here is an example of symmetric (AES) encryption using openssl instead:

The ciphers are standard so you can use a variety of tools on the same files. So, which cipher are you planning on using?

Hi,

Version of gpg is : gpg (GnuPG) 2.0.22
Planning for symmetric encryption only and as of now I am going with default Cypher, not giving any algo while crypting.
And I found that the default cypher algo is CAST5, am I correct?

cypher algos available are :

Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256

One more thing, I identified that while decrypting a file whihc is encrypted through gpg, it is expecting the .gpg extension only.

Thanks & Regards
Lakshmi

Yes, the default cipher for GnuPG 2 is CAST5. As mentioned you can choose another cipher if you wish.

The file names should not matter if you are using redirects for input and output.

About GnuPG 2, there's the problem. gpg 2.x does not seem to run without a graphical environment, at least not as far as I have been able to determine. There are a lot of posts out on the web on the matter but they all come down to two options for attempted solutions, both of which have lots of complaints about not working. gpg 1.x still works on headless machines. One would almost suspect that gpg2 was made so very much harder to use on purpose to discourage its spread.

Therefore I would recommend posting your question about GnuPG 2.0.22 to the gnupg-users mailing list and see if you can get a solution from them. If you do find a way to do encryption using GnuPG 2.x on a headless machine please post your answer here as I think there are many that could benefit from it.