LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-15-2017, 01:57 AM   #1
lakshmi@Linux
LQ Newbie
 
Registered: Mar 2017
Location: Hyderabad
Posts: 16

Rep: Reputation: Disabled
Need simple process for File Encryption and decryption using gpg command in Linux


Hello Group members..
I am Very new to Linux, was working on Unix for simple scripting.
Now We have a task to migrate the server from Unix to Linux.

We found that the crypt/encrypt commands are not available in Linux and we need to use GPG command instead.
I found the content from various websites is some what confusing.
Could you please let me know the simple steps for crypting/decrypting a file using gpg command(including key generation). we need to SFTP the crypted file to other server and decrypt the same there. I have other server which is unix server where we can not find gpg command.
It will be helpful for me If some body can provide end to end steps for using gpg with sample piece of code.
Thank you in advance.

Reagrds
Lakshmi
 
Old 03-15-2017, 04:02 AM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,897
Blog Entries: 3

Rep: Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584
You won't be able to encrypt or decrypt over SFTP. You'll need a proper interactive session for that. But you can transfer encrypted files over SFTP and then use an interactive session to decrypt. For what it's worth, SFTP already uses strong encryption, so I'm not sure what you aim to achieve given the information provided so far.

What kind of encryption are you talking about? If you are using a symmetric cypher, then just use -c to encrypt and -d to decrypt.

Code:
man gpg
For example,

Code:
gpg -c < somefile.cleartext  > somefile.ciphertext
gpg -d < somefile.ciphertext > somefile.cleartext
If you are talking about public key encryption, then you'll need a viable keyring on both machines. If that is the case which guide are you following and where are you stuck?
 
1 members found this post helpful.
Old 03-15-2017, 04:37 AM   #3
lakshmi@Linux
LQ Newbie
 
Registered: Mar 2017
Location: Hyderabad
Posts: 16

Original Poster
Rep: Reputation: Disabled
Hi,
Thank you for the explanation.
In the existing Unix process , by using crypt command files are getting encrypted and then are getting transferred to other systems through SFTP.
No we need to implement the similar process in Linux, hence I am trying to use gpg for encryption. For now we can leave about SFTP. My main aim is to encrypt the file.

I have already tried the below command to crypt the file , but it is giving the below error, could you please help me out.

gpg -c test_gpg.txt

error is like this :

gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `test_gpg.txt' failed: Operation cancelled

Thanks & Regards
Lakshmi
 
Old 03-15-2017, 04:52 AM   #4
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,897
Blog Entries: 3

Rep: Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584
The gpg manual page could use a little rewriting but it works like this, if you are not running a graphical environment:

Code:
gpg --no-use-agent -c < test_gpg.txt > test_gpg.txt.encrypted
With gpg2, which you should be using soon instead, there is more difficulty since it always requires use of an agent.

Edit: remember the redirection both in and out of gpg for this type of action. Also, old gpg defaults to CAST5 for symmetric encryption:

Code:
gpg --no-use-agent --cipher-algo AES -c < test_gpg.txt > test_gpg.txt.encrypted

Last edited by Turbocapitalist; 03-15-2017 at 04:59 AM.
 
Old 03-16-2017, 01:51 AM   #5
lakshmi@Linux
LQ Newbie
 
Registered: Mar 2017
Location: Hyderabad
Posts: 16

Original Poster
Rep: Reputation: Disabled
Hi,
This is also failing with the below error:

gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect
gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `[stdin]' failed: Operation cancelled

But I am able to encrypt the file through the below command:

gpg --yes --batch --passphrase="mykey" -c test_gpg.txt

The output file is getting generated withe same name as of input file with the extension .gpg

when I tried with the below command then also the same thing is happening.

gpg --yes --batch --passphrase="mykey" -c test_gpg.txt>test_gpg_encrypted.txt.gpg

Redirection to output file is not happening, only an empty file is getting created with the file name specified and the encrypted file with the same name as input file with extension.

Can we get the encrypted/decrypted out put file with the required name (should not be similar to input file).

Please help.

Thanks & Regards
Lakshmi
 
Old 03-16-2017, 02:06 AM   #6
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,897
Blog Entries: 3

Rep: Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584
What version of gnupg are you using? That needs to be identified first.

Code:
gpg --version
 
Old 03-16-2017, 02:14 AM   #7
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,897
Blog Entries: 3

Rep: Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584
Also, are you going to do public key (asymmetric) encryption or regular symmetric encryption?

Here is an example of symmetric (AES) encryption using openssl instead:

Code:
openssl aes-256-cbc -in test.clear -out test.encrypted
openssl aes-256-cbc -d -in test.encrypted -out test2.clear
The ciphers are standard so you can use a variety of tools on the same files. So, which cipher are you planning on using?
 
Old 03-16-2017, 02:29 AM   #8
lakshmi@Linux
LQ Newbie
 
Registered: Mar 2017
Location: Hyderabad
Posts: 16

Original Poster
Rep: Reputation: Disabled
Hi,

Version of gpg is : gpg (GnuPG) 2.0.22
Planning for symmetric encryption only and as of now I am going with default Cypher, not giving any algo while crypting.
And I found that the default cypher algo is CAST5, am I correct?

cypher algos available are :

Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256

One more thing, I identified that while decrypting a file whihc is encrypted through gpg, it is expecting the .gpg extension only.

Thanks & Regards
Lakshmi
 
Old 03-16-2017, 02:40 AM   #9
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,897
Blog Entries: 3

Rep: Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584Reputation: 3584
Yes, the default cipher for GnuPG 2 is CAST5. As mentioned you can choose another cipher if you wish.

The file names should not matter if you are using redirects for input and output.

About GnuPG 2, there's the problem. gpg 2.x does not seem to run without a graphical environment, at least not as far as I have been able to determine. There are a lot of posts out on the web on the matter but they all come down to two options for attempted solutions, both of which have lots of complaints about not working. gpg 1.x still works on headless machines. One would almost suspect that gpg2 was made so very much harder to use on purpose to discourage its spread.

Therefore I would recommend posting your question about GnuPG 2.0.22 to the gnupg-users mailing list and see if you can get a solution from them. If you do find a way to do encryption using GnuPG 2.x on a headless machine please post your answer here as I think there are many that could benefit from it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Gpg decryption ZAMO Linux - General 6 07-22-2010 07:01 AM
Encryption and Decryption of file krounak Programming 2 06-24-2009 11:48 PM
Linux Encryption - Windows Decryption blizunt7 Linux - Security 4 09-20-2007 09:51 AM
secure mechanism for encryption/decryption on linux Synesthesia Linux - Security 10 09-04-2006 02:09 PM
Hardware real time encryption/decryption in Linux... Akonbobot Linux - Security 2 11-24-2004 01:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration