File Encryption Using GPG

We can encrypt files using the gpg command, allthough it is more commonly used during asymetric encryption (public and private key identities) we can use a simple passphrase instead (symmetric encryption).

Install GnuPG (GPG)

brew install gnupg

We can archive multiple files or an entire folder into a tarball for use with GPG

Create Compressed *.tar File

tar -czvf archive.tar.gz files/
# -c Create a new archive
# -z Compress the resulting archive with gzip
# -v Verbose output
# -f File

Encrypt and Decrypt Files Using Symmetric Key (Passphrase)

When encrypting and decrypting files, GPG will prompt the user for a password. See below for more secure password generation.

# Encrypt file (output archive.tar.gz.gpg)
gpg -c archive.tar.gz
# Defaults to AES256, use --cipher-algo before file to specify algorithm

# Decrypt *.gpg file and output contents to new file
gpg --output archive.tar.gz --decrypt archive.tar.gz.gpg

Extract *.tar File

tar -xvf archive.tar.gz
# -x Extract archive
# -v Verbose output
# -f File

Better Password Generation

We can use OpenSSL to generate random strings to be used for passwords.

openssl rand -base64 32 # Outputs 32 bytes of random data in base64 format
# Example output: Y+oQNmYi6gmQgkQvaeywzqFSjuRFRLVGQGdG/4g6pzE=