Basic File Encryption with GPG key pairs!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

okay so this video is going to be on new PG the new privacy guard and how to encrypt basic files and stuff like that in Linux so what is the new privacy guard well it is a program that comes on basically every Linux distribution and it is a tool for generating keys that you can encrypt things with and identify yourself with it's used all the time on your computer even if you don't know that it's being used in your package manager and stuff like that so in this video we're going to encrypt some files do some basic stuff in that but in order to do that we actually have to generate a key pair so a key pair is of course two keys there's gonna be a private one and a public one the public of course is the one you can show to other people the private one is the one that you know basically unlocks everything you lock with that so in this video we are going to generate one of those and it's a pretty easy process in fact it's really just one command in a menu so one thing you should know is some distros will have GPG some will have GPG - they're gonna work the same for our purposes here just one is or you know earlier than the other some some distres may have both but I am going to run the important command is g PG or g PG to full gen key that's what we're gonna run now I'm gonna go ahead and run that and that's just going to create the new PG files or the directory that it's going to keep everything in now it's gonna ask you what kind of key do you want to create we're just gonna pick RSA RSA that's the default selection you also get to choose how many bits are going to be in your key so in terms of you know how easy it can be to crack your key it's always better to have more bits so 4096 would be extra safe since it takes a little longer to generate one of those keys and since I'm doing a video I'm just gonna say 2048 you could do 1024 but it's always better to go with longer keys I mean so far as I know it's just you know more secure so but I'm gonna go with the the not as long one just because we're in a video so then you can choose when your key expires now for ease sake it might be okay to have a key that never expires but you're pretty much going to want some kind of expiration date on your key and that's just because if your computer is compromised and of course your file system with your key on it is compromised you know that there will come a point where that key expires so you don't have to worry about after that now again for the purposes of this video I'm just gonna say 0 whatever doesn't expire but you might want to say you know 6 months or you know 6 M for 6 months or something like that but I'm just gonna say 0 here so I'm gonna confirm all that and then you need to actually give an identification you can just identify yourself but what by whatever you identify yourself with I'm gonna put my real name and you also need to give an email this email is not going to you're not gonna have it's not gonna send any type thing to your email right now but this is more or less just for identification purposes and I'm gonna put that in and we can also put a comment it doesn't really matter for this so I confirm I'll say ok and now it's gonna ask for a password I am gonna put in a password I'm putting in a good pass or it even though again this is just a video I'm not actually gonna use this key now it you'll see down here it says oh well okay well maybe I should explain what this is actually doing so it didn't really matter for us because it's already done but the what basically your system needs to do to generate this key is generate a certain amount of entropy so if you're generating a key that's uh you know 4096 bits or whatever it's going to want you to basically mash on the keyboard open a bunch of programs while that's loading well it's actually you know making the key pair just to throw and randomness into the system but ours actually finished really quickly so that's fine um so that's actually yet you now have a gbg key pair so you might wonder what that's for now the reason I'm doing this video is the next video I'm gonna put out on my neo MUC config you actually need a GPG pair to encrypt your password safely but I'm gonna show you how to actually encrypt files general generally using a GPG key pair so let's actually uh well create a file actually will will echo you know a secret so this is a secret and we're gonna put the secret in something called file so there is now a file down here and we can open it up it says this is a secret so if we want to encrypt a file we can use GPG to encrypt it so how you do that is just GPG and you need to set to two things one is the R option and the R option is for the recipient whoever this you know the the encryption you're encrypting this for someone else to view now in this situation we're encrypting it for ourselves so what you should put for the recipient is whatever email you identified yourself as in your GPG key pair so i'm encrypting it with for my email so the recipient is that and then you just say give it the e option and choose whatever file you want to encrypt so I'm gonna say alright so now you'll see the file is still here it's still you know open secrets right here but there's now a GPG file and this GPG file this is an encrypted version of your original file so now so basically this file you could put this up on the internet and no one would know what it was only you could decrypt it so what we in practice what you're gonna do of course is you're going away you don't need to recursively remove that but you need you can remove the original file so now that original file we I should have shredded and then you did but you know whatever you can get rid of that file now that files gone gone now we don't need to worry about it so now you know your friend Billy could be on your computer and he's never gonna find your secret now how your secret will be revealed is if you write GPG then the d option and then give it a file GPG now d of course is decrypt if you run that what it's what's gonna happen is it's gonna ask for your password your GPG password that you put in when you were actually creating your key so I'm just gonna put that in and once you do that it will actually print out what the secret was here it is that's the contents of the file in fact we can put that in another file you know new file and we can see that of course that is there it is so notice that if I run if I run decrypt a couple times it's not gonna ask me for a password every time and that's because once you have cashed your password there's a certain period for which you don't have to put it in again and again so that's so if you you know you're running a bash script that's decrypting a whole bunch of files it doesn't have to ask for your password every single time now you can change those settings now as it is right now I have to put in a password you know whenever I first think rip decrypt something I need to put in my password in order to you know actually decrypt that you can set it so you can use something like pan GPG Pama GPG to you know automatically log into your GPG key when you log into the computer or you can make it so that your sign-in never expires so if I sit here for Allah I don't know what the default is like 10 minutes or something like that and I try to decrypt it again it's gonna ask me for my password you can change those settings as well so just know that but anyway this is pretty much all I wanted to talk about in this video again basic decryption decryption how to make a GPG pair very simple stuff but anyway I hope you learn something and I'll see you guys in the next video

Info

Channel: Luke Smith

Views: 76,967

Rating: 4.9666853 out of 5

Keywords: podcast, gnu, key, gpg, linux, mutt, ssh, secure, privacy guard, privacy, gnupg, password, protect, generate, luke smith, offlineimap, rsa, neomutt, email, file, not related

Id: DMGIlj7u7Eo

Channel Id: undefined

Length: 8min 35sec (515 seconds)

Published: Sat Feb 17 2018