GPG is a great tool for encrypting files and handling the keys to do so. The following commands are incredibly useful if you want to work with gpg from the command-line
Install gnupg, nautilus integration (seahorse), and restart nautilus
sudo apt install -y gnupg
Install kleopatra
apt install -y kleopatra
Configuration files can include sensitive information such as passwords, contact information, or other personal information you don’t wish to share, even though you may wish to store it in the cloud for easy retrieval. In that case it’s a good idea to encrypt those files with a personal key. Here is how you load your previously generated key so you can unencrypt them.
gpg --import "my/remote/filesystem/keys/file.asc"
Run the generation script
gpg --expert --full-gen-key
or use the quick version:
gpg --quick-generate-key "test2 <test@test>" "default" "default" "never"
gpg --export-secret-keys <filename>.gpg
adding –armor ensures the key is saved in ASCII format:
gpg --armor --export-secret-keys <filename>.gpg
gpg --list-keys
gpg --list-secret-keys
prints out ids
gpg --delete-secret-keys KEYIDFROMABOVE
gpg --delete-keys KEYIDFROMABOVE
gpg --output /my/path/to/output_file.ext --decrypt /my/encrypted/source/file.gpg
gpg –encrypt –passphrase-file </path/to/passphrase> –sign -r <who_to_sign_for> </path/to/file/to/encrypt>
gpg --export-secret-keys --armor user-id > privkey.asc
gpg --list-keys
#or
gpg -K
copy the <KEY_ID>
gpg --edit-key <KEY_ID>
an interface will open:
gpg> trust
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
q to exitgpg –edit-key
gpg> passwd
enter the password
save
q to exit
gpg --encrypt --passphrase-file </path/to/passphrase> --sign -r <who_to_sign_for> </path/to/file/to/encrypt>