Now when you transferred your GPG key to the server, it is time to import it into local GnuPG copy running there. It is done on this way and generates the following message.
[battle@royale]$ gpg --import /tmp/client-gpg.key
gpg: Warning: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /www/site2111/.gnupg/trustdb.gpg: trustdb created
gpg: key A360769C: public key imported
gpg: Total number processed: 1
gpg: imported: 1
Now when the server has the client's public key, it is time to encrypt data (in this situation a mysql dump) that is scheduled for transfer to the client's computer.
[battle@royale]$ gpg --encrypt -r "Mark Woodstone" mysql-dump-2004_34.txt.gz
[battle@royale]$ ls -al
-rw-rw-r-- 1 hosting hosting 38147486 Mar 4 12:24 mysql-dump-2004_34.txt.gz.gpg
As you can see, a new file was created and has a .gpg file type appended to the original file name.
Client perspective #2
After downloading the file we have just a quick decrypt process to do:
[cron@enberg]$ gpg -d mysql-dump-2004_34.txt.gz.gpg > mysql-dump-2004_34.txt.gz
This concludes a brief process of securely downloading a file from a remote location. If your client or server computers aren't decently patched and/or secured, the security of the download process is a bit irrelevant, but that is up to you to take care of.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.