Encrypt a single file

How do you encrypt a single file? I tried gpg -c, but I don’t get prompted for a password when I open the .gpg file.

Did you managed to decypher the file, i.e. to obtain the original plain one ?

  • If yes : good ! The gpg-agent uses a cache, the passphrase or the gpg key is kept in memory for a time determined by your configuration (by default, it’s for 10min after last entry, maximum for 2h if used “continuously”). During this time, decipher the file is direct, without asking again the secret. If necessary, you can view and set this time using the gpg-agent. See its man, especially for --default-cache-ttl and --max-cache-ttl options.
  • If no : how did you tried ? Again with the command line or in graphical mode ?

To provide another example : 7z is also a god tool to encrypt files. Available in Leap.

So how long should I expect I expect it to take for an edited file to be locked or encrypted?

Sorry if that was not clear. The .gpg file is encrypted at start, as soon as it’s created. Even if you can decypher it without providing the secret explicitely (for a time). Don’t just trust me : try to open it with a simple file viewer or editor to find out (for ex. with cat your-gpg-file.gpg).

With the gpg-agent cache, your system temporarily knows about the secret that was used to encrypt the file but the content of the file is really encrypted. If you copy it on another device or wait until the cache is expired, you will need the passphrase to read the original plain content.

1 Like

The passphrase caching can be avoided by using --no-symkey-cache
See man gpg

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.