Many cloud storage providers boast strong encryption, but that does little to protect users’ data if they retain the keys. On the other hand, the conventional method of using GPG to encrypt data relies on a private key that must also be stored somewhere, making it logistically unsuitable for backing up.
Fortunately there’s a very simple way to encrypt files (or .zip archives) with GPG using symmetric encryption, and with a password instead of a keyfile. This feature can be used with just two simple commands.
To encrypt a given file:
$ gpg -c example.txt
The program will ask for a password twice, and the encrypted copy of the file, with the .gpg extension, is generated in the same directory.
Of course, anyone wanting to decrypt the file must use the same password, as there is no public key here. To decrypt the file, simply use:
$ gpg example.gpg
It’s also possible to define which algorithm to use for encrypting file, from the following:
$ gpg -c --cipher-algo=BLOWFISH example.txt
To encrypt with AES, substitute ‘BLOWFISH’ with ‘AES’:
$ gpg -c --cipher-algo=AES example.txt