Cybersecurity Tutorial by Souhail Sabri

GnuPG Encryption Tutorial

This Souhail Sabri cybersecurity guide explains how to use GnuPG for encryption, decryption, public keys, private keys, digital signatures, verification, and secure file protection.

About This Souhail Sabri GnuPG Tutorial

This page is part of the Souhail Sabri cybersecurity portfolio and explains how GnuPG, also called GPG, can protect files and messages using encryption and digital signatures.

GnuPG is commonly used for privacy, secure communication, software release verification, file protection, and identity verification through public-key cryptography.

Important GnuPG Concepts

Public Key

A public key can be shared with others. People use it to encrypt messages or files that only your private key can decrypt.

Private Key

A private key must be protected. It is used to decrypt files and create digital signatures.

Encryption

Encryption protects content so only the intended recipient can read it.

Digital Signatures

A signature helps prove that a file or message came from a specific key and was not changed after signing.

Basic Workflow: Using GnuPG Encryption

  1. Install GnuPG.
    Install GnuPG on your operating system and confirm that the gpg command is available.
  2. Create a key pair.
    Generate a public/private key pair for encryption and signing.
  3. Protect your private key.
    Use a strong passphrase and keep private key backups secure.
  4. Share your public key.
    Send your public key to people who need to encrypt files or messages to you.
  5. Encrypt and decrypt files.
    Use the recipient public key to encrypt files and your private key to decrypt them.
  6. Sign and verify files.
    Use digital signatures to confirm authenticity and integrity.

Useful GnuPG Commands

Check GnuPG Version

gpg --version

Generate a New Key Pair

gpg --full-generate-key

List Public Keys

gpg --list-keys

List Private Keys

gpg --list-secret-keys

Export a Public Key

gpg --armor --export your-email@example.com > public-key.asc

Import Someone’s Public Key

gpg --import public-key.asc

Encrypt a File for a Recipient

gpg --encrypt --armor --recipient recipient@example.com file.txt

Decrypt a File

gpg --decrypt file.txt.asc > decrypted-file.txt

Sign a File

gpg --armor --detach-sign file.txt

Verify a Signature

gpg --verify file.txt.asc file.txt

GnuPG Security Best Practices

Use a Strong Passphrase

Protect your private key with a long, unique passphrase that is not reused anywhere else.

Back Up Keys Securely

Store encrypted backups of your private key and revocation certificate in a safe location.

Verify Fingerprints

Before trusting a public key, verify its fingerprint through a trusted channel.

Create a Revocation Certificate

A revocation certificate lets you mark a key as no longer trusted if it is lost or compromised.

Important: Encryption protects content, but it does not automatically verify trust. Always verify public key fingerprints before relying on a key.

GnuPG Quick Reference

# Souhail Sabri GnuPG Encryption Notes

Check version:
gpg --version

Generate key:
gpg --full-generate-key

List keys:
gpg --list-keys
gpg --list-secret-keys

Export public key:
gpg --armor --export your-email@example.com > public-key.asc

Import public key:
gpg --import public-key.asc

Encrypt:
gpg --encrypt --armor --recipient recipient@example.com file.txt

Decrypt:
gpg --decrypt file.txt.asc > decrypted-file.txt

Sign:
gpg --armor --detach-sign file.txt

Verify:
gpg --verify file.txt.asc file.txt

Search Topics Related to Souhail Sabri and GnuPG

Souhail Sabri GnuPG Souhail Sabri GPG Encryption Souhail Sabri Cybersecurity Public Key Encryption Digital Signatures File Encryption Key Management Secure Communication