Khi bạn muốn mang 1 file cho người mà không muốn cho ai đọc nội dung. Dùng cách sau đây là đơn giản nhất (nếu 2 bên có Linux hay dùng Live CD cũng được)
Vào Linux gõ
$ gpg -c file.txt
Bạn nhập vào passphrase 2 lần. Kết quả là file file.txt.gpg. Mang file này cho người đó và nhớ cho biết passphrase luôn ;-)
Để giải mã gõ
$ gpg file.txt.gpg
Bạn nhập vào passphrase là xong, kết quả là file.txt. An toàn không 8-)
Bản gốc đây
Want to encrypt a file, but don't know where to start? Use GnuPG:
$ gpg -c test.txt
Enter passphrase:
Repeat passphrase:
The new encrypted file has the same name, but with the extension .gpg added.
The original file is left intact. The -c stands for conventional
(symmetric) encryption, which does not involve public keys. This type of
encryption is most useful only if you want to decrypt your files, but you
don't trust where your files are stored. For example, easily lost or stolen
storage can be protected with this type of encryption. This type of
encryption is especially useful for off-site backups.
To extract the encrypted file, type:
$ gpg filename.gpg
GnuPG automatically detects that the file is encrypted with a passphrase and
asks for it. Then it writes the decrypted data to a file with the same name
but without the .gpg extension. The encrypted file is left intact. If you
want the output file to be written to a different filename, use standard
redirection. Note that both input and output redirection must be used, or
GnuPG becomes confused:
$ gpg < filename.gpg > filename.txt
If you want someone else to decrypt the file, you have to tell them the
passphrase without leaking it to anyone else. A simple way to do this is in
person. That might seem not useful, as the original file also could be
given in person. But that passphrase can now be reused safely multiple
times on different files in the future.
Note: this warning is normal when using passphrase encryption in GnuPG.
This can be avoided with public key encryption:
gpg: WARNING: message was not integrity protected
$ gpg -c test.txt
Enter passphrase:
Repeat passphrase:
The new encrypted file has the same name, but with the extension .gpg added.
The original file is left intact. The -c stands for conventional
(symmetric) encryption, which does not involve public keys. This type of
encryption is most useful only if you want to decrypt your files, but you
don't trust where your files are stored. For example, easily lost or stolen
storage can be protected with this type of encryption. This type of
encryption is especially useful for off-site backups.
To extract the encrypted file, type:
$ gpg filename.gpg
GnuPG automatically detects that the file is encrypted with a passphrase and
asks for it. Then it writes the decrypted data to a file with the same name
but without the .gpg extension. The encrypted file is left intact. If you
want the output file to be written to a different filename, use standard
redirection. Note that both input and output redirection must be used, or
GnuPG becomes confused:
$ gpg < filename.gpg > filename.txt
If you want someone else to decrypt the file, you have to tell them the
passphrase without leaking it to anyone else. A simple way to do this is in
person. That might seem not useful, as the original file also could be
given in person. But that passphrase can now be reused safely multiple
times on different files in the future.
Note: this warning is normal when using passphrase encryption in GnuPG.
This can be avoided with public key encryption:
gpg: WARNING: message was not integrity protected
No comments:
Post a Comment