Skip to main content
Documentation

GPG Decryption

Files.com administrators can enable GPG decryption on a per-folder basis. When enabled for a folder, any files uploaded to that folder or its subfolders are automatically decrypted, unless you explicitly disable the setting in a subfolder.

Decryption requires a GPG/PGP private key. You can use different keys for each folder and select multiple public keys for decryption. When multiple keys are selected, each key is tried until a matching key is found. Files uploaded to these folders are decrypted using the matching private key.

If Files.com cannot decrypt a file with the chosen private keys, the file remains unchanged. Only files encrypted with a matching public key can be decrypted. Files encrypted with expired public keys cannot be decrypted.

To prevent unencrypted files from being uploaded to a decryption folder, enable the Limit uploaded files to certain extensions folder setting to allow only .pgp or .gpg files.

When you enable GPG decryption, files that existed in the folder beforehand remain unchanged. To apply decryption to those files, re-upload them after enabling the setting.

Using Existing Keys From the GPG Key Manager

Select one or more decryption keys from the available key list.

Provide a file suffix. Files.com removes this suffix from the uploaded file name. For example, .gpg or .pgp.

You can also enable the Ignore MDC integrity check option to bypass any modification detection code errors.

Providing Your Own Keys

Select Import from file... when choosing keys.

Enter a name to identify the key or key pair.

If the private key has a passphrase, enter it. Leave the field blank if there is no passphrase.

Creating a New Key Pair

Select Create new... when choosing keys.

Enter a name and email address for the new key.

Optionally, add a passphrase to protect the private key.

After generating the key pair, you can view and copy the public key before continuing.

Once saved, a popup displays the private key. Download and store it securely.

Error Notifications

Errors encountered while decrypting files are logged in the Site Alert Emails, which are sent to site administrators who have opted in to receiving these alerts.

Partial Files

If an encrypted file is partially uploaded so that an incomplete file is delivered, decryption fails. Make sure that your counterparties upload files completely.