🔐 How to Securely Encrypt and Decrypt Any File in Linux

In today’s digital world, ensuring the confidentiality of your sensitive data is more important than ever. Whether you’re backing up documents, transferring files, or protecting personal information, encrypting your files is a critical security step. In this article, we’ll explore how to securely encrypt and decrypt any file using the Linux terminal — leveraging robust, open-source tools like gpg and openssl.


🔧 Symmetric Encryption with gpg

The simplest and most effective method for encrypting files locally is symmetric encryption, where the same password is used for both encryption and decryption.

🔒 Encrypt a File with a Password

gpg -c myfile.txt

You’ll be prompted to enter a passphrase. The resulting file will be myfile.txt.gpg.

🔓 Decrypt the File

gpg -o myfile_decrypted.txt -d myfile.txt.gpg

You’ll be prompted for the same passphrase to decrypt the file.

Best For: Local file protection or sharing with someone you trust enough to share a password with.


🔐 Asymmetric Encryption (Using Key Pairs)

For secure communication or file exchange between users, asymmetric encryption is recommended. This method uses a pair of keys: a public key for encryption and a private key for decryption.

Step 1: Generate a Key Pair

gpg --full-generate-key

Choose:

  • Key type: RSA and RSA
  • Key size: 4096 bits (recommended)
  • Expiration: Set if desired
  • User information: Name and email

Step 2: List Available Keys

gpg --list-keys

Step 3: Encrypt a File for a Specific User

gpg -e -r "User Name or Email" myfile.txt

This command will create myfile.txt.gpg, encrypted with the recipient’s public key.

Step 4: Decrypt the File

gpg -d myfile.txt.gpg > myfile_decrypted.txt

The recipient’s private key must be available on the system to decrypt.

Best For: Secure communication and file exchange between multiple parties.


🔧 Alternative: Using openssl

For those who prefer OpenSSL, here’s how to use AES-256 encryption:

🔒 Encrypt

openssl enc -aes-256-cbc -salt -in myfile.txt -out myfile.txt.enc

🔓 Decrypt

openssl enc -d -aes-256-cbc -in myfile.txt.enc -out myfile_decrypted.txt

You’ll be asked to provide the same password for decryption.


🛡️ Security Tips

  • Use strong, unique passphrases — at least 12+ characters with a mix of letters, numbers, and symbols.
  • Avoid storing passphrases in plaintext.
  • When sharing files, prefer asymmetric encryption over symmetric if possible.
  • Back up your private keys in a secure location.

📦 Conclusion

Encrypting files via the Linux terminal is both powerful and straightforward with tools like gpg and openssl. Whether you’re an individual protecting personal data or a business sharing confidential documents, these methods help ensure your information stays safe.