Encrypting Files with GPG Don't put anything here Don't put anything here Don't put anything here Page Content Page Name (for URL) Page Title Breadcrumb Text As several of us at SIMS I have interview files that need to be handled securely. In order to have a secure backup I decided to put all the files on a remote computer. Despite the fact that I trust the people who manage it, however, I thought it would be good practice to encrypt the files. I looked for a number of simple cross-platform solutions and ended up settling on [GPG](http://www.gnupg.org/) (a GNU version of PGP). It wasn't exactly what I wanted, since I was just looking for a simple symmetric cypher (i.e. a program that requires the same password for encrypting and decrypting), but everything I found seemed either not cross-platform enough or too much of a hassle. So, I settled on GPG, which is public-key / private-key system, which means you use one key to encrypt and another key (+ a password) to decrypt. It's more of a hassle than a simple symmetric cypher but it's more secure (since I don't need to keep my password in my head) and it allows anyone to encrypt files that only I can decrypt. Remembering the strange things that Joe and I had to do to share interview files during our last project, I figured maybe this feature is actually worthwhile. Here is what it takes to use GPG for basic file encryption. First install GPG or use a computer that has it installed (at SIMS "irony" has GPG on it). Then generate a key pair: gpg --gen-key After you are done, export the secret and public keys: gpg --export-secret-key -a my@email.edu > private-gpg-key.asc gpg --export -a my@email.edu > yuri-public-gpg.asc Keep it the secret key somewhere safe, and give the public key to anyone who needs to send you encrypted stuff. In my case, I put the public key on my website. I then went to the other computer (where I copied my interview files) and imported the key there: wget http://www.freewisdom.org/gpg/yuri-public-gpg-key.asc gpg --import yuri-public-gpg-key.asc (You can use scp or other things instead of wget.) Note that with this setup I can now encrypt any files on the remote computer, but they can't be _decrypted_ there. Then I encrypt the files. Note that when you encrypt them you need to specify a recipient, who is the only person who can decrypt them: gpg -e --recipient my@email.edu filename.mp3 Or, I can encrypt all the files at once: gpg --recipient my@email.edu --encrypt-files *.mp3 Finally, I move one of the encrypted files back to my home computer and try decrypting it there and checking that I get the same file that I stated with. gpg --decrypt --output filename.mp3 filename.mp3.gpg diff filename.mp3 originalfile.mp3 Now I just need to figure out where to keep a copy of my private key... Otherwise, I am no better now in case of a hard drive crash than I would have been without a copy: if my harddrive dies I won't be able to use the remote files either! Advanced Fields Category 2002200320042005200620072008200920102011201220132014E. AsiaE. EuropeL's FamilyL's FriendsN. AmericaN. EuropeS. AmericaS. AsiaW. EuropeY & LY's FamilyY's Friends Prototype Redirect Permissions0 Actions Config Markup Module HTML/Meta/Keywords HTML/Meta/Description Save Hook HTML Fields Main Head Body Header Menu Logo Content Template Page Sidebar Footer Tags Allowed for XSSFilter HTTP Fields Cache-Control Expires Guru Fields Templates Translations Fields Edit UI Admin Edit UI A summary of your changes Edit Summary Don't put anything here Don't put anything here Don't put anything here save preview cancel
