What is .gnupg directory in the home directory?
Most dot files have a name that resembles the application that uses it. Unsurprisingly, .gnupg
is used by GnuPG. GnuPG (also known as GPG) is a program that encrypts and signs files. As soon as you invoke it for the first time, it will create a .gnupg
directory in your home directory and a few files in it. This directory contains a lot of private information (e.g. who your contacts are), so it's accessible only to the owner. This could happen, for example, if someone sends you a signed email; if your email client supports PGP email then it will attempt to verify the signature (and fail since you don't have the sender's public key in your GPG keyring).
The real question here is why this directory in your home directory is owned by root. The answer is that you ran GPG as root, but with HOME
set to your own home directory. Or, more precisely, you ran a program which ran GPG under the hood. One such program is APT: package management tools (apt-get
, apt
, aptitude
, etc.) use GPG to verify that the packages that you download are genuine. If you ran something like sudo apt-get install SOMEPACKAGE
, this would create a .gnupg
directory in your home directory, since sudo
doesn't change the home directory by default.
The fix is to remove the .gnupg
directory, then create it under your user. You can just remove the root-owned directory (sudo rm -r ~/.gnupg
): any file under your home directory is fair game for you. You could alternatively move it to root's home directory (sudo mv ~/.gnupg /root
), but it doesn't contain anything important anyway. Then run a GPG command such as gpg --list-keys
; this will populate your ~/.gnupg
directory with empty keyring files.
Just entering a directory is always harmless. Listing files and viewing their content is usually harmless, but it can be harmful in some configurations because terminals parse escape sequences in what applications print. Under Linux, plain ls
or ls -l
is fine but ls -N
is potentially risky. Plain cat filename
is risky but less filename
is fine (whereas less +R filename
is risky). In the .gnupg
directory, there's nothing harmful.
The directory ~/.gnupg
is where configuration files for GnuPG, the GNU Privacy Guard, reside. This is a common cryptography tool (see https://www.gnupg.org/).
Its permissions should give you access, and perhaps nobody else. If the directory is owned by root on your system, that is strange. Is it really? Check by running ls -ld ~/.gnupg
.
This directory by itself causes no harm, and it's OK for you to look at what is inside.