GnuPG (also known by its command name, gpg) is a tool primarily for public key Encryption and cryptographic authentication.
Homepage: https://www.gnupg.org
There is a lot of material about GnuPG out there, so I won’t be duplicating it all here. But, I do have some more unique contributions for those familiar with GnuPG:
- There are alternatives to gpg/gpgv that may be useful in some cases: Age (Encryption) for encryption and signify for authentication.
- GPG makes a nice companion to Filespooler; see Verifying Filespooler Job Integrity and Encrypting Filespooler Jobs with GPG.
Links to this note
Sometimes, one wants to verify the integrity and authenticity of a Filespooler job file before processing it.
Sequoia PGP is a Rust-based implementation of OpenPGP, aimed to be modern and secure. It is often thought of as an alternative to GnuPG (GPG).
Signify is a toool to create and verify signatures on files.
Thanks to Filespooler’s support for decoders, data for filespooler can be Encrypted at rest and only decrypted when Filespooler needs to scan or process a queue.
Age is a public-key encryption system, similar in certain concepts to GnuPG (GPG), but simpler because it isn’t focused on building a web of trust.
Anything that uses encryption to keep content away from spying eyes.