Do you feel lost when others talk about encryption? In this post we will get you started with GPG encryption and encrypt/decrypt our deepest secrets. We will install the gpg commandline tool to do so.
For me the easiest way to install gpg was to use homebrew.
brew install gpg
For me this was not enough and gave some complications further or. So you can install the fix right away or try without.
brew cask install gpg-suite
Gpg should now be installed and can be used from the command line. You also need a public, private key pair to encrypt and decrypt messages.
Follow the creation steps (defaults are fine) and enter a passphrase that you can use to access your private key. Both public and private keys are stored in your keychain at ~/.gnupg/pubring.kbx.
To encypt a file you only need the public key. You could import a public key of someone and encypt a message only the person with the corresponding private key could decrypt. For now we will use our own public key. You can list all public keys on your keychain.
This will expose some information off the public key with the key’s fingerprint as the most important property.
We can use this fingerprint to choose with which public key we want to encrypt if we have multiple on our keychain. Let’s encrypt a file named secret.txt with the text “deepest secret” inside.
gpg -r 5C66CD573B5D044B6527DA84FD59B789EAA0677B -e secret.txt
This produces a file named secret.txt.gpg with the encrypted message. Only the one with the private key corresponding to the public key 5C66CD573B5D044B6527DA84FD59B789EAA0677B can decrypt this file now. Fortunately that is use.
gpg -d secret.txt.gpg
Note that we don’t have to specify with which private key we want to decrypt, the corresponding one is found on our keychain.
Our passphrase will be requested for we are going to use the private key. When everything is in order our deepest secret will be decrypted.
Hopefully you can now encrypt and decrypt your secrets with GPG encryption. Happy crypting!