DEV Community

Cover image for 22.Linux GPG Encryption
Thu Kha Kyawe
Thu Kha Kyawe

Posted on

22.Linux GPG Encryption

#aws #linuxlevel2

Lab Information

We have confidential data that needs to be transferred to a remote location, so we need to encrypt that data.We also need to decrypt data we received from a remote location in order to understand its content.

On storage server in Stratos Datacenter we have private and public keys stored at /home/*_key.asc. Use these keys to perform the following actions.

  • Encrypt /home/encrypt_me.txt to /home/encrypted_me.asc.

  • Decrypt /home/decrypt_me.asc to /home/decrypted_me.txt. (Passphrase for decryption and encryption is kodekloud).

  • The user ID you can use is kodekloud@kodekloud.com.

Lab Solutions

🧭 Part 1: Lab Step-by-Step Guidelines

1️⃣ Login to Storage Server

ssh natasha@ststor01
# Password: Bl@kW
sudo -i
Enter fullscreen mode Exit fullscreen mode

2️⃣ Import GPG keys

gpg --import /home/*_key.asc
# Password: kodekloud
Enter fullscreen mode Exit fullscreen mode

3️⃣ Verify keys (optional but good practice)

gpg --list-keys
sudo chmod 777 /home
Enter fullscreen mode Exit fullscreen mode

👉 You should see:

kodekloud@kodekloud.com

4️⃣ Encrypt the file

gpg --output /home/encrypted_me.asc \
    --encrypt \
    --recipient kodekloud@kodekloud.com \
    /home/encrypt_me.txt
Enter fullscreen mode Exit fullscreen mode

👉 Enter passphrase when asked:

kodekloud

5️⃣ Decrypt the file

gpg --output /home/decrypted_me.txt \
    --decrypt /home/decrypt_me.asc
Enter fullscreen mode Exit fullscreen mode

👉 Enter passphrase:

kodekloud

6️⃣ Verify output

cat /home/decrypted_me.txt
Enter fullscreen mode Exit fullscreen mode

🧠 Part 2: Simple Step-by-Step Explanation (Beginner Friendly)

What this lab is about

You are working with:

Encryption → hide data
Decryption → read data

Step 1: Import keys

gpg --import

👉 This loads:

Public key → used to encrypt
Private key → used to decrypt

Step 2: Encryption

gpg --encrypt

👉 What happens:

Plain file → converted into unreadable encrypted file

Only the person with the private key can open it.

Step 3: Decryption

gpg --decrypt

👉 What happens:

Encrypted file → converted back to readable content
Why passphrase is needed
Passphrase = protects the private key

Even if someone has the key file, they still need:

kodekloud
How keys work (simple idea)
Public key → lock 🔒
Private key → unlock 🔑

Final flow
encrypt_me.txt → encrypted_me.asc → (secure transfer)
decrypt_me.asc → decrypted_me.txt → readable

⚡ Key Takeaway
Encryption protects data during transfer
Decryption allows authorized access

Resources & Next Steps
📦 Full Code Repository: KodeKloud Learning Labs
📖 More Deep Dives: Whispering Cloud Insights - Read other technical articles
💬 Join Discussion: DEV Community - Share your thoughts and questions
💼 Let's Connect: LinkedIn - I'd love to connect with you
Credits
• All labs are from: KodeKloud
• I sincerely appreciate your provision of these valuable resources.

Top comments (0)