How to Use GPG to Encrypt Files for Secure Backups June 30, 2025

June 30, 2025 / Security and Backups

This guide explains how to encrypt files using GPG (GNU Privacy Guard), an open-source tool that utilises public-key cryptography to add an extra layer of security, ensuring your data remains protected even if backup files are exposed.

Prerequisites:

  1. GPG installed system (Linux/Windows/macOS)
  2. A GPG key pair (public and private key)
  3. Terminal or command line access

Step 1: Install GPG (if not already installed)

  1. Linux (Debian/Ubuntu): 
    sudo apt update
sudo apt install gnupg
  2. CentOS/RHEL: 
    sudo yum install gnupg
  3. macOS (using Homebrew):

    brew install gnupg
  4. Windows:
    Download from https://gnupg.org/download/index.html

Step 2: Generate a GPG Key Pair

  1. If you don’t GPG key, use the following command to generate one:
    gpg –full-generate-key

    • Choose key type (default is RSA)
    • Set key size (2048 or 4096 bits recommended)
    • Set expiration (or none)
    • Provide name, email, and optional comment
    • Create a secure passphrase
  2. To list your key: 
    gpg --list-keys

Step 3: Encrypt Files Using GPG

  1. Encrypt a single file (asymmetric encryption): 
    gpg --encrypt --recipient [email protected] file.txt

    This creates an encrypted file: file.txt.gpg

  2. Encrypt a file with a password (symmetric encryption): 
    gpg --symmetric file.txt

    You will be prompted to enter a passphrase. This creates file.txt.gpg

Step 4: Backup the Encrypted File
Now that the file is encrypted, you can safely copy or sync it to your backup destination (local drive, cloud storage, remote server, etc.).

Example using rsync:

rsync -av file.txt.gpg /backup/location/

Optional: To decrypt the file later, execute the following:

gpg --output file.txt --decrypt file.txt.gpg

Best Practices

  • Store your private key securely and never share it.
  • Keep your passphrases strong and unique.
  • Regularly verify your backups by decrypting and checking file integrity.

In such a manner, you can encrypt files using GPG (GNU Privacy Guard). Hope you liked our article. For further assistance, feel free to contact our support specialists.

Looking to secure your emails too? Learn How to use cPanel to set up email encryption

Spread the love
Tagged:

Related Articles

How to Install and Configure Fail2Ban for Linux SSH Security

July 2, 2025

How to Use R1Soft to Restore Website Files and Databases

June 21, 2025

How to Migrate to AlmaLinux 8 or CloudLinux 8 from CentOS/CloudLinux 7 Using cPanel ELevate

May 6, 2025

How to Prevent Unwanted Email Using Spam Filters in cPanel

April 14, 2025