Well, you've been given ideas about how to go about things with openssl (the simplest way IMHO) and with gpg's symmetric encryption .... so I'll give a quick primer on using gpg with keys, as it was originally intended.
While I don't particularly think it's necessary to use different keys to encrypt your different files, it is possible, so I'll show one way.
Code:
USB="insert path to the drive you're using to store your keys here, e.g. /media/myusb"
for d in .gpg1 .gpg2 .gpg3; do
mkdir $USB/$d; chmod 700 $USB/$d
gpg --homedir $USB/$d --gen-key
echo 'default-recipient-self' >> $USB/$d/gpg.conf
done
So what this does is create 3 new directories in the "USB" directory you specify and then tells gpg to generate new public-private keypairs using each directory (in turn) as it's home directory (instead of the traditional ~/.gnupg). It also sets each directory's config file to use its first key as its default-recipient (so that you don't have to type in -r or --recipient).
Regarding --gen-key:
For key type, choose the first choice -- "RSA and RSA (default)".
For key size, you're welcome to jack it up to 4096, since I get the feeling you might be a bit paranoid.
Name, email, & comment are only important if you're going to be distributing the public half of this keypair to others, so they can encrypt things to you; for this explanation, it doesn't matter what you type.
Once that's done, you're ready to use them. But first, a note: when starting out with gpg, I found it was great to run it with -v or -vv (verbose) in order to get a better idea of what was happening, so I recommend adding that to your command-lines (or add 'verbose' to gpg.conf).
Code:
USB="whatever"
gpg --homedir $USB/.gpg1 --encrypt notebook1.img
gpg --homedir $USB/.gpg2 -e notebook2.img
gpg --homedir $USB/.gpg3 -e desktop2011.img
You end up with three files, encrypted with three different keys. In order to decrypt them, you'll need to use the same homedir setting (or you could import all the keys into one keyring).
Code:
gpg --homedir $USB/.gpg2 -d notebook2.img.gpg
Don't worry if you get mixed up about which keys you used for which files; it's simple enough to figure out, as long as you still have the keys. Obviously, if you only have 3, at most you have to give it 3 tries, but if you have more ...
Code:
gpg --homedir $USB/.gpg3 -d notebook2.img.gpg
gpg: encrypted with RSA key, ID B1CCA8F8
gpg: decryption failed: secret key not available
keyid=B1CCA8F8
for d in .gpg1 .gpg2 .gpg3; do
if gpg --homedir $USB/$d --list-keys | grep -q $keyid; then
echo "key $keyid is in $USB/$d"; break
fi
done
PS: If you give up your requirement of always storing keys on usb, the best gui gpg-key-management tool I've seen is a gnome-app called seahorse and it would be simple enough to use to create a few different keys. As a bonus, if you keep the keys on your computer instead of in a usb drive, you could install seahorse-plugins and use nautilus to encrypt/decrypt them via its right-click menu.