Differences

This shows you the differences between two versions of the page.


gpg [2017/07/21 21:56] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== GPG ======
  
 +  * [[http://www.madboa.com/geek/gpg-quickstart/|GPG Quick Start]]
 +
 +=== Create a GPG key ===
 +
 +<code>gpg --gen-key</code>
 +
 +Running this will call pinentry in ncurses mode (if used on a remote connection), but will die if in a ''screen'' session.
 +
 +=== Export your public key ===
 +
 +You need to give your public key to others so that they can use GPG to encrypt files that only you can decrypt.  Here's how to get your public key:
 +
 +<code>gpg --armor --output pubkey.txt --export 'Your Name'</code>
 +
 +=== Import a public key ===
 +
 +You will want to import someone else's public key before you can encrypt a file with them as the recipient.  Once you have the public key file, you can import it:
 +
 +<code>gpg --import pubkey.txt</code>
 +
 +=== Encrypt a file ===
 +
 +<code>gpg -e -r [email protected] foo.txt</code>
 +
 +The file created will be ''foo.txt.gpg''  Optionally, you can use ''-o'' to output to a specific filename.
 +
 +You can also encrypt a file for multiple recipients, including yourself.
 +
 +<code>gpg -e -r [email protected] -r [email protected] foo.txt</code>
 +
 +== Signing Keys ==
 +
 +If the recipient is someone other than yourself, then you will get a message that says "There is no assurance this key belongs to the named user ..." and it will ask you to verify the key.
 +
 +If you want to always be able to sign for that recipient without verifying it, you can sign the key:
 +
 +<code>gpg --sign-key <recipient email or key ID></code>
 +
 +== Listing Keys ==
 +
 +You can get the recipient email and key IDs by listing the keys:
 +
 +<code>gpg --list-keys</code>
 +
 +Note that if you start to list a key with a partial address, it will still accept that input and list the key.
 +
 +Fex, ''gpg --list-keys @beandog.org'' will list all keys with that string in the email address.
 +
 +For scripting, display keys:
 +
 +<code>
 +gpg -k | grep ^uid | sed -e 's/uid\ *//g'
 +</code>
 +
 +Also, use --keyid-format to display it one of the (many) possible formats
 +
 +<code>
 +--keyid-format none|short|0xshort|long|0xlong
 +</code>
 +
 +=== Decrypt a file ===
 +
 +<code>gpg -o foo.txt -d foo.txt.gpg</code>
 +
 +GPG will output some text while decrypting. It may ask you for your passphrase as well.  Again, make sure you are not running in screen.
 +
 +=== Batch Mode ===
 +
 +GPG, by default, will ask if you want to overwrite a file.  This can wreak havoc on scripts or pipes.
 +
 +You can overwite a file with these commands:
 +
 +<code>
 +gpg --yes --batch -r [email protected] -e -o foo.txt.gpg
 +</code>
 +
 +=== Generate Entropy ===
 +
 +<code>
 +rngd -r /dev/urandom
 +</code>

Trace:

Navigation
QR Code
QR Code gpg (generated for current page)