GnuPG Essentials

GnuPG (GNU Privacy Guard) is a cryptographic tool for encrypting files and managing digital signatures on GNU/Linux systems.

Generate GPG keys

gpg --gen-key

Follow the prompts to create your key pair. Use a strong passphrase.

Import public keys

gpg --import <keyfile>.key

Verify key fingerprints

Always verify imported keys to prevent attacks:

gpg --fingerprint <email_id>

Compare this fingerprint with the key owner through a secure channel.

Encrypt files

Encrypt a file for someone else:

gpg --encrypt --armor -r <recipient_email> demo.txt

The --armor flag creates ASCII output instead of binary format.

For multiple recipients:

gpg --encrypt --armor -r alice@example.com -r bob@example.com file.txt

Decrypt files

gpg --decrypt encrypted_file.asc > output.txt

Digital signatures

Sign a file:

gpg --detach-sign document.pdf

Verify signatures:

gpg --verify document.pdf.sig document.pdf

Key management

List keys:

gpg --list-keys
gpg --list-secret-keys

Export your public key:

gpg --armor --export your_email@domain.com > public_key.asc

Git integration

Sign your commits:

git config --global user.signingkey <KEY_ID>
git config --global commit.gpgsign true

Configuration

Create ~/.gnupg/gpg.conf:

cipher-algo AES256
digest-algo SHA512
keyid-format 0xlong
with-fingerprint

GnuPG is essential for securing files and verifying authenticity in academic and development workflows.