How to Decrypt Data

The script "" allows you to decrypt data encrypted with a GnuPG or [PGP (Pretty Good Privacy)]. Before to use this script you may need to know several things:

What do you need to decrypt the data?

The perl script "" allows you to decrypt data encrypted with GnuPG [or PGP] program.

To use "" you should have installed:

  • PERL, available from: (Follow the instruction to download and install the software)

  • GPG [or PGP]

  • For all systems (Windows, Linux, MacOS), GnuPG is available from The GPG Home Page.

    • NOTE: There is a known issue with GPG version 1.2.6 where you must manually create the ~/.gnupg directory for encryption to work.

    • NOTE: For systems with GnuPG 2.2.8 or higher, a (false) error message from GnuPG has caused abrupt failures in previous (3.2.1 (June 2014) and lower) versions of "". This new version (3.3.3 (Sep 2020)) addresses this problem.

  • For Linux machine the script supports the version 6.5.8 of PGP. This is availble from The Download PGP Page. (Follow the instruction to download and install the software). However PGP is no longer updated as it has been largely superceded by GnuPG.

  • You need to know the PASSWORD of the encrypted files.

    How to test

    • The platform you are using: The following command print your operating system

      > uname -a

    • If you have GPG [or PGP] installed: The following command shows if you have gpg [or pgp] installed

      > which gpg (or > which pgp )

    • The GPG [or PGP] version: The following command shows the version of GPG [or PGP]installed

      > gpg -h (or > pgp --version )

    How to use ""

    • Download "" in any directory you want. It is not necessary to have the script with the data to be decrypted in the same directory.

    • You may need to modify the first line of the script to point to perl directory. To know where perl is installed type in the command line:

      > which perl

    • Edit "" and change the first line according to what you obtained in the last step.

    • Create an executable file: Type in the command line:

      > chmod +x

    • To decrypt data included in a tree of directories and subdirectories, type in the command line:

      > -d directory

      Using GPG 2.2.20

      Enter the password:

      and enter the password or decrypting key at the prompt.

      If this does not work, you do not have in your path. You may change your path in your .cshrc (for C-shell users) or .bashrc (for bash shell users) or type in the command line:

      > ./ -d directory

      If the directory is not specified on the command line the script will prompt for the directory. There is the possibility to run the script to decrypt files in directories and its subdirectories or single file. To decrypt a single file it is sufficient to specify the filename on the command line.

      > ./ filename

      The script allows for the specification of the password on the command line using the option -p. The password must be surrounded by single quotes in all shell enviroments. Also, if you are using csh or tcsh you should be aware that if the decrypting password contains the special characters ! or ~ (i.e. exclamation point or tilde) they must be preceded by a backslash (\). The sh, ksh, and bash shells do not require this backslash. For example, assume that your decrypting key is ffg&$!6]~r if specified on the csh or tcsh command line, this should be given as

      > -p 'ffg&$\!6]\~r'

      Single quotes in the password key are also a problem on the csh or tcsh command line. If the key contains a single quote the key has to be separated to include the single quote in double quotes. For example, assume that the key is fa'ka&fr7%" to pass this key on the command line here is the syntax to use 'fa'"'"'ka&fr7%"' on the command line

      > -p 'fa'"'"'ka&fr7%"'

      The script will check if you have GPG [or PGP] installed in your machine. If you have both installed, it will match the software type with the file extension, e.g. if the file extension is .gpg will use GPG. You have the option to force to use GPG or PGP (see below). By default the script will decrypt the data and save the decrypted and the encrypted files in the same structure of directories and subdirectories.

    • To force the use of GPG, type in the command line:

      > -d directory -g

    • To force the use of PGP, type in the command line:

      > -d directory -f

    • You also have the option of deleting the encrypted files. To do so, type in the command line:

      > -d directory -r

    • You can make a log of the decryption process. To do so, type in the command line:

      > -d directory -l

      This will create a log file named “directory_decrypt.log”

    • For a description of the script and all command options, type in the command line:

      > -h

    • To see the version of the script, type in the command line:

      > -v

    If you are running the script on newer GnuPG installations, and create a decryption log, you may see the following WARNING message:
    WARNING: message was not integrity protected
    This is not important and the data are correctly decrypted.

    Do you want to know more about PGP and GnuPG?

    PGP (short for Pretty Good Privacy) is a popular key encryption package originally written by Phil Zimmermann in 1991. It is used to protect the privacy of the data. GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. You can go to PGP History to read more about the PGP history. To read more about GnuPG go to:

    HEASARC Home | Observatories | Archive | Calibration | Software | Tools | Students/Teachers/Public

    Last modified: Wednesday, 01-Dec-2021 18:04:04 EST