In today’s digital world, ensuring the confidentiality of your sensitive data is more important than ever. Whether you’re backing up documents, transferring files, or protecting personal information, encrypting your files is a critical security step. In this article, we’ll explore how to securely encrypt and decrypt any file using the Linux terminal — leveraging robust, open-source tools like gpg and openssl.
🔧 Symmetric Encryption with gpg
The simplest and most effective method for encrypting files locally is symmetric encryption, where the same password is used for both encryption and decryption.
🔒 Encrypt a File with a Password
gpg -c myfile.txt
You’ll be prompted to enter a passphrase. The resulting file will be myfile.txt.gpg.
🔓 Decrypt the File
gpg -o myfile_decrypted.txt -d myfile.txt.gpg
You’ll be prompted for the same passphrase to decrypt the file.
✅ Best For: Local file protection or sharing with someone you trust enough to share a password with.
🔐 Asymmetric Encryption (Using Key Pairs)
For secure communication or file exchange between users, asymmetric encryption is recommended. This method uses a pair of keys: a public key for encryption and a private key for decryption.
Step 1: Generate a Key Pair
gpg --full-generate-key
Choose:
- Key type:
RSA and RSA - Key size:
4096 bits(recommended) - Expiration: Set if desired
- User information: Name and email
Step 2: List Available Keys
gpg --list-keys
Step 3: Encrypt a File for a Specific User
gpg -e -r "User Name or Email" myfile.txt
This command will create myfile.txt.gpg, encrypted with the recipient’s public key.
Step 4: Decrypt the File
gpg -d myfile.txt.gpg > myfile_decrypted.txt
The recipient’s private key must be available on the system to decrypt.
✅ Best For: Secure communication and file exchange between multiple parties.
🔧 Alternative: Using openssl
For those who prefer OpenSSL, here’s how to use AES-256 encryption:
🔒 Encrypt
openssl enc -aes-256-cbc -salt -in myfile.txt -out myfile.txt.enc
🔓 Decrypt
openssl enc -d -aes-256-cbc -in myfile.txt.enc -out myfile_decrypted.txt
You’ll be asked to provide the same password for decryption.
🛡️ Security Tips
- Use strong, unique passphrases — at least 12+ characters with a mix of letters, numbers, and symbols.
- Avoid storing passphrases in plaintext.
- When sharing files, prefer asymmetric encryption over symmetric if possible.
- Back up your private keys in a secure location.
📦 Conclusion
Encrypting files via the Linux terminal is both powerful and straightforward with tools like gpg and openssl. Whether you’re an individual protecting personal data or a business sharing confidential documents, these methods help ensure your information stays safe.