DEV Community

Cover image for 22.Linux GPG Encryption
Thu Kha Kyawe
Thu Kha Kyawe

Posted on

22.Linux GPG Encryption

#aws #linuxlevel2

Lab Information

We have confidential data that needs to be transferred to a remote location, so we need to encrypt that data.We also need to decrypt data we received from a remote location in order to understand its content.

On storage server in Stratos Datacenter we have private and public keys stored at /home/*_key.asc. Use these keys to perform the following actions.

  • Encrypt /home/encrypt_me.txt to /home/encrypted_me.asc.

  • Decrypt /home/decrypt_me.asc to /home/decrypted_me.txt. (Passphrase for decryption and encryption is kodekloud).

  • The user ID you can use is kodekloud@kodekloud.com.

Lab Solutions

🧭 Part 1: Lab Step-by-Step Guidelines

1️⃣ Login to Storage Server

ssh natasha@ststor01
# Password: Bl@kW
sudo -i
Enter fullscreen mode Exit fullscreen mode

2️⃣ Import GPG keys

gpg --import /home/*_key.asc
# Password: kodekloud
Enter fullscreen mode Exit fullscreen mode

3️⃣ Verify keys (optional but good practice)

gpg --list-keys
sudo chmod 777 /home
Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ You should see:

kodekloud@kodekloud.com

4️⃣ Encrypt the file

gpg --output /home/encrypted_me.asc \
    --encrypt \
    --recipient kodekloud@kodekloud.com \
    /home/encrypt_me.txt
Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ Enter passphrase when asked:

kodekloud

5️⃣ Decrypt the file

gpg --output /home/decrypted_me.txt \
    --decrypt /home/decrypt_me.asc
Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ Enter passphrase:

kodekloud

6️⃣ Verify output

cat /home/decrypted_me.txt
Enter fullscreen mode Exit fullscreen mode

🧠 Part 2: Simple Step-by-Step Explanation (Beginner Friendly)

What this lab is about

You are working with:

Encryption β†’ hide data
Decryption β†’ read data

Step 1: Import keys

gpg --import

πŸ‘‰ This loads:

Public key β†’ used to encrypt
Private key β†’ used to decrypt

Step 2: Encryption

gpg --encrypt

πŸ‘‰ What happens:

Plain file β†’ converted into unreadable encrypted file

Only the person with the private key can open it.

Step 3: Decryption

gpg --decrypt

πŸ‘‰ What happens:

Encrypted file β†’ converted back to readable content
Why passphrase is needed
Passphrase = protects the private key

Even if someone has the key file, they still need:

kodekloud
How keys work (simple idea)
Public key β†’ lock πŸ”’
Private key β†’ unlock πŸ”‘

Final flow
encrypt_me.txt β†’ encrypted_me.asc β†’ (secure transfer)
decrypt_me.asc β†’ decrypted_me.txt β†’ readable

⚑ Key Takeaway
Encryption protects data during transfer
Decryption allows authorized access

Resources & Next Steps
πŸ“¦ Full Code Repository: KodeKloud Learning Labs
πŸ“– More Deep Dives: Whispering Cloud Insights - Read other technical articles
πŸ’¬ Join Discussion: DEV Community - Share your thoughts and questions
πŸ’Ό Let's Connect: LinkedIn - I'd love to connect with you
Credits
β€’ All labs are from: KodeKloud
β€’ I sincerely appreciate your provision of these valuable resources.

Top comments (0)