Example: Using GnuPG to Encrypt Files with a PGP Key
Last Updated: 2021-03-02
This topic provides an example of how to use Gnu Privacy Guard (GnuPG) on various operating systems to import a public PGP key and encrypt zipped CSV import files.
About this task
The end result is a PGP-encrypted ZIP file (.zip.pgp) that is ready to be uploaded to the IBM sFTP server.
To do this task, you need the following from the Welcome email: public PGP key (in an .asc file).
- Go to the GnuPG website to download the software: https://gnupg.org/download/index.html.
- Scroll to GnuPG Binary Releases.
- For the Windows OS, select the Download Sig link either for Simple Installer for the Current GnuPG or Simple Installer for GnuPG 1.4.
- Select Run and follow the steps to install the software.
- Open a command prompt (Windows > Run > cmd > OK or Enter key).
- Enter command
cd\and press the Enter key to move to the root directory (for example, enter: C:\).
- Change the directory where GNUPG is installed by entering a command like
cd Program Files (x86)\gnupg\bin\. - Enter
gpg --list-keysto initialize and create trustdb (trust database) before first time use.
STEP 2 - FINISH INSTALL FOR OPERATING SYSTEM
The following shows what you enter in a Command Prompt window for each operating system. This assumes you already went to the GnuPG website and downloaded/installed the software.
In all the operating systems, to check if your software installed correctly, enter gpg --help in the command line.
- Install HomeBrew by entering the following in the command line:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
- Install GnuPG by entering the following in the command line:
brew install gnupg
- You may be asked to enter
Xcodein the command line if you never installed it.
Debian OS (Linux) - Install GnuPG by entering the following in the command line:
apt install gnupg
Ubuntu OS (Linux) - Install GnuPG by entering the following in the command line:
apt-get install gnupg
yum install gnupg
STEP 3 - IMPORT PUBLIC PGP KEY AND ENCRYPT ZIP FILE
The following procedure shows you how to do this.
Procedure
Import the Public PGP Key
- Download the public PGP key (provided in Welcome email, in an .asc file) to your machine. An .asc file is used by PGP encryption.
- Open a command prompt and enter the
path to the .asc fileso that you can import the key. Note: This is a one time task.Format:
gpg --import <complete_path_to_.asc_file>Example:
gpg --import pub.asc
- If you enter
gpg --list-keysin the command prompt, all available public keys on this particular machine display, including the public key you imported.
Encrypt the File
- Enter
gpg --edit-key "tsdemo1"to open the public key for editing. This step ensures you are ready for encrypting files using this key. Then enter the following, one at a time in the prompt:- trust
- 5
- y
- quit
- Navigate to the path where the ZIP file you intend to encrypt is located.
- Enter the following in the command prompt to identify the key (tsdemo1 in this example), and the ZIP file name.
-uindicates you are using a key, and-eindicates a ZIP file name follows.Format:
gpg -u "<key_uid>" -e <zip_file_to_be_encrypted>Example:
gpg -u "tsdemo1" -e testfile.zip
- Enter the following in the command prompt to identify the key (tsdemo1 in this example), and the path to the ZIP file.
Format:
gpg --encrypt --recipient “<key_uid>” “<complete_path _to_zip_file>”Example:
gpg --encrypt --recipient “tsdemo1” “C:\Testing\testfile.zip"
- Rename the file name suffix from .gpg to .pgp. You now have a PGP-encrypted ZIP file, ready for upload to the IBM sFTP server.