Gpg
From Attie's Wiki
How to make use of GPG (GNU Privacy Guard)
# make a key (it is often necessary to copy a large file in order to generate enough random data - roughly 2GB should do for a 2048-bit key) gpg --gen-key # view the stored keys gpg --list-keys gpg --list-secret-keys # export the public key (for use by others) gpg --armor --output pubkey.txt --export <key-id> # export a secret key (be safe!) gpg --armor --output privkey.txt --export-secret-keys <key-id> # import a key (public or private) gpg --import key.asc # send your public key to a public server - it may take a minute or two to appear, presumably there is some server-side processing to be done gpg --send-keys <key-id> # retrieve a public key from a public server gpg --search-keys 'myfriend@his.isp.com' # encrypt a file gpg --encrypt --recipient <key-id> foo.txt # decrypt a file gpg --output foo.txt --decrypt foo.txt.gpg # sign a file gpg --armor --detach-sign crucial.tar.gz # verify a file's signature gpg --verify crucial.tar.gz.asc crucial.tar.gz
Long | Short | Description |
---|---|---|
--list-keys | -k | list the public keys stored |
--list-secret-keys | -K | list the private keys stored |
--armor | -a | create ASCII armored output, the default is plain binary |
--output | -o | write to output file |
--recipient | -r | encrypt a file for the given recipeint |
--encrypt | -e | encrypt a file |
--decrypt | -d | decrypt a file |
--detach-sign | -b | make a detached signature |
key-id?
The <key-id>
tags above generally mean the 32-bit identifier, in hex.
$ gpg -k /home/attie/.gnupg/pubring.gpg ------------------------------ pub 2048R/8462FC4A 2012-02-23 uid Attie Grande <attie@attie.co.uk> sub 2048R/E8423A6F 2012-02-23
The fake key information from above has a <key-id>
of 0x8462FC4A
In some situations like the --recipient
argument you may use the name Attie Grande
, part of the name Attie
, or the identifier 0x8462FC4A