File Encryption and Decryption on Redhat Linux

bySolutions on your hand Monday, August 09, 2021


#yum install gnupg2

#gpg --version

#gpg --list-keys  //for checking previous gen keys

#gpg --list-secret-keys

----------------------

#gpg2 --gen-key  //this key by default for 2 years

//Prompt for ID, passwd,

pub   rsa2048 2021-06-30 [SC] [expires: 2023-06-30]

      EA9565DC174218A30B4714D23B0417C2F2333713

uid                      admin <admin@gmail.com>

sub   rsa2048 2021-06-30 [E] [expires: 2023-06-30]


pwd - *********

//here admin is the public key name 

//for make key with never expire to follow below

#gpg --full-generate-key

gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.


Please select what kind of key you want:

   (1) RSA and RSA (default)

   (2) DSA and Elgamal

   (3) DSA (sign only)

   (4) RSA (sign only)

  (14) Existing key from card

Your selection? 1

RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048) yes

RSA keysizes must be in the range 1024-4096

What keysize do you want? (2048) 2048

Requested keysize is 2048 bits

Please specify how long the key should be valid.

         0 = key does not expire

      <n>  = key expires in n days

      <n>w = key expires in n weeks

      <n>m = key expires in n months

      <n>y = key expires in n years

Key is valid for? (0) 0

Key does not expire at all

Is this correct? (y/N) y


GnuPG needs to construct a user ID to identify your key.


Real name: fulladmin

Email address: fulladmin@admin.com

Comment: boobi

You selected this USER-ID:

    "fulladmin (boobi) <fulladmin@admin.com>"


Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O


//it will as passpharse - *******


We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.


gpg: key 50B9F6A70A8AD6D2 marked as ultimately trusted

gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/9BB8A34719F2D4BC6D869A2650B9F6A70A8AD6D2.rev'

public and secret key created and signed.


pub   rsa2048 2021-07-06 [SC]

      9BB8A34719F2D4BC6D869A2650B9F6A70A8AD6D2

uid                      fulladmin (boobi) <fulladmin@admin.com>

sub   rsa2048 2021-07-06 [E]


-----------------------------------------------

//below is used to make gpg file (.o)


#gpg2 --output sample.tar.gz.o --encrypt sample.tar.gz


//or pass the user id along the command


# gpg2 --encrypt --armor --recipient admin 2021-06-28.log

//it will encrypt the file as "2021-06-28.log.asc"

# gpg2 --decrypt 2021-06-28.log.asc > output //it ask password and it works

-----------------------------------------

//for decrypt form another server, export key from source and import to destination server as well need to install the gnupg2

# gpg --export-secret-keys admin > admin.key


//target server

# gpg --import /home/boobi/admin.key 


# gpg2 --decrypt data/backups/data/server/log.asc > 2021-06-23.log


//it asks pwd now

//then we can view the log file

Tags

Post a Comment

0 Comments