gpg encrypt always creates a new encrypted file

Brian C brianc1969 at gmail.com
Mon Oct 28 22:45:01 CET 2019


Writing over the original file as "gpg -encrypt foo && mv foo.gpg foo"
would do will also :potentially: leave remnants of the original
unencrypted file around. The encrypted file will most likely be smaller
(if plain text) than the original, thus not as many blocks may be
used... also, I don't think a file system would ensure the :same: blocks
will be used, so writing over the original file may not actually
overwrite the original at all.

I would suggest after creating the encrypted file, use a command such as
"wipe" to securely delete the original file rather than trying to
overwrite it.

Brian


On 10/28/19 2:40 PM, vedaal via Gnupg-users wrote:
> On 10/28/2019 at 3:43 PM, "Phillip Susi" <phill at thesusis.net> wrote:Anil Kumar Pippalapalli via Gnupg-users writes:
> 
>> Hello,
>> I am trying to encrypt a file on my system using gpg —encrypt command but it always creates a new encrypted file I want to overwrite the original file instead so that I can only open it using passphrase. Is this possible.
> 
> gpg -encrypt foo && mv foo.gpg foo
> 
> =====
> 
> Alternatively, if you want no record of the plaintext  written to a file at all, you can type it into the command line, and have only the encrypted output written:
> 
> printf "whatever you write as plaintext" | gpg -a -e -r -o -filename.gpg | more
> 
> (obviously not intended for big files, or non-text files, but occasionally a useful workaround if you aren't comfortable with your system's 'wipe' process.)
> 
> 
> vedaal
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20191028/07186537/attachment.sig>


More information about the Gnupg-users mailing list