Pretty Good Privacy (PGP) is an encryption/decryption program that provides cryptographic privacy and authentication for data communication. PGP is popularly used to digitally sign, encrypt or decrypt email messages or files being transferred over the Internet. In Linux, there exists GnuPG, a GPL-licensed alternative to PGP.
While it is possible to use GnuPG to encrypt or decrypt files manually, you can use various GUI frontends for GnuPG. One such GUI frontend is GNOME Seahorse, which can manage various types of encryption keys including PGP keys, SSH keys, passphrases, etc. Seahorse offers various plugins to interface with other applications. There is also a Seahorse plugin for Nautilius.
In this tutorial, I will describe how to PGP-encrypt, decrypt or digitally sign documents on Nautilus by using Seahorse plugin. This set up was tested in Ubuntu environment.
Install Seahorse Plugin for Nautilius
On Ubuntu Oneiric (11.10) or earlier:
On Ubuntu Precise (12.04) or later:
Generate a PGP Key
The first step is to create a default PGP key to use for encryption/decryption. To do so, launch Seahorse application either by executing seahorse command manually, or typing "Passwords and Keys" in Ubuntu Dash.
Click on "+" icon to create a new encryption key.
Choose "PGP Key" option.
Type in your name and email address, and customize encryption options (e.g., encryption type, key strength and expiration date).
Enter the passphrase for a new PGP key, and click on "OK" button. The minimum length of the passphrase is 20 characters.
When generating a PGP key, Seahorse uses GnuPG in the backend. Since key generation requires a lot of random data, it is recommended to conduct some activities during key generation, such as typing on keyboards, moving the mouse, running applications, etc, so that the system gets enough random data needed.
After a new key has been generated, close Seahorse application, and reload Nautilus as follows.
PGP-Encrypt or Decrypt a File on Nautilus
To encrypt a file, right-click the file and choose "Encrypt".
It will launch a pop-up window showing the default PGP key that you created earlier. Choose the default key, and optionally sign message as yourself. Click on "OK" button.
When prompted for a passphrase, enter it.
It will create an encrypted file with .pgp extension. If you want to decrypt the .pgp file, right-click it and choose "Decrypt" option.
Subscribe to Xmodulo
You can have daily Linux tutorials and FAQs delivered to your email inbox. Simply enter your email address below to subscribe to our mailing list. You will receive hands-on guides and carefully written tutorials related to Linux, everything for free.