GPG (PGP) Command Line - Basic Tutorial

We live in a post-Snowden world. For many, that means assuming none of your digital assets are safe from surveillance.

There are ways, however, to use the internet and insane mathematics in your favor to ensure that no one can see whatever it is that you’re sending to someone else.

It’s called PGP, which stands for “pretty good privacy,” and it’s a way to encrypt your messages. Encryption, at its most basic form, is a way to cypher a message so that if anyone that sees the data in transit they have no way to know what the message says. OpenPGP is the most popular standard for digital encryption.

In fact, Edward Snowden first contacted journalist Laura Poitras to inform her of his trove of documents using PGP.

So let’s take a look at what PGP is and how easy it is to use.

So what is encryption?
Encryption is basically a way of jumbling digital data so that no one can see what it really says while it’s being sent. For the purposes of this explainer, we’re going to focus on what’s called “public key encryption”. This uses a multitude of cryptographic techniques to cipher every message using two factors that are constant to every person using PGP: a public key and a private key.

A public key is the information that is needed to encrypt a message. People wishing to receive encrypted messages make their public key readily available, as it’s the only way for sources to begin the process of sending secure messages.

How it works

There are gui apps to do this process simpler and easier, but here we are using the Command Line to achieve the same.

First, you’ll want to generate a key for yourself:

gpg --gen-key

You’ll be asked to enter a few details. Don’t forget these details.

To list your public keys:

gpg --list-keys

To list your private keys:

gpg --list-secret-keys

Now, let’s say your name is John Doe, and you want to send a message to Jane Doe. This is how you would do it (note that all names used must be the names you see when listing the keys).

First, export your public key:

gpg --export --armor [email protected] > publickey.asc

Example: gpg --export --armor [email protected] > mypublickey.asc

gpg --export --armor yourname > publickey.asc

Example: gpg --export --armor John Doe > mypublickey.asc

Send this file to Jane Doe. Get her to do the same.

To import someone else’s public key:

gpg --import publickey.asc

Now that you’ve imported Jane Doe’s key, let’s send her an encrypted message.
To encrypt a file to send to Jane Doe:

gpg --encrypt --recipient receiversname filename.txt

Example: gpg --encrypt --recipient Jane Doe secretmessage.txt
or, if the previous command doesn’t work:

gpg -e -u “sender’s name (you)” -r “name of the receiver’s key” filename.txt

Example: gpg -e -u “John Doe” -r “Jane Doe” secretmessage.txt
This will create a file called secretmessage.txt.pgp. Send this to Jane Doe.

Now Jane has received your file. This is how she decrypts it:

To decrypt to command line (meaning that you’ll only see the message in the command line, and it won’t be saved decrypted to your hard drive):

gpg --decrypt filename.txt.gpg

To decrypt to disk:

gpg filename.txt.gpg



Yay! This is what I was looking for! Sweet reference man! It’s nice to have all the information consolidated.


Nice work man! I think we need more cryptology and encryption tutorials like this.

EDIT: Thanks for the link. That video you really helps to better understand this whole process.

1 Like

Agreed. General security hygiene is very important.

1 Like