Do you feel lost when others talk about encryption? In this post we will get you started with GPG encryption and encrypt/decrypt our deepest secrets. We will install the gpg commandline tool to do so.

GNU Privacy Guard (GPG) is an implementation of the OpenPGP standard. Documentation of the gpg commandline tool can be found here.


For me the easiest way to install gpg was to use homebrew.

brew install gpg

For me this was not enough and gave some complications further or. So you can install the fix right away or try without.

brew cask install gpg-suite

Gpg should now be installed and can be used from the command line. You also need a public, private key pair to encrypt and decrypt messages.

gpg --full-generate-key

Follow the creation steps (defaults are fine) and enter a passphrase that you can use to access your private key. Both public and private keys are stored in your keychain at ~/.gnupg/pubring.kbx.


To encypt a file you only need the public key. You could import a public key of someone and encypt a message only the person with the corresponding private key could decrypt. For now we will use our own public key. You can list all public keys on your keychain.

gpg --list-keys

This will expose some information off the public key with the key’s fingerprint as the most important property.

key overview output - GPG ENCRYPTION

We can use this fingerprint to choose with which public key we want to encrypt if we have multiple on our keychain. Let’s encrypt a file named secret.txt with the text “deepest secret” inside.

gpg -r 5C66CD573B5D044B6527DA84FD59B789EAA0677B -e secret.txt

This produces a file named secret.txt.gpg with the encrypted message. Only the one with the private key corresponding to the public key 5C66CD573B5D044B6527DA84FD59B789EAA0677B can decrypt this file now. Fortunately that is use.

gpg -d secret.txt.gpg

Note that we don’t have to specify with which private key we want to decrypt, the corresponding one is found on our keychain.

gpg decrypt output - GPG ENCRYPTION

Our passphrase will be requested for we are going to use the private key. When everything is in order our deepest secret will be decrypted.

passphrase modal pgp - GPG ENCRYPTION

Hopefully you can now encrypt and decrypt your secrets with GPG encryption. Happy crypting!