GnuPG is the GNU project’s complete and free implementation of the OpenPGP standard as defined by RFC4880.
WEB Interface | Keyserver |
---|---|
MIT | x-hkp://pgp.mit.edu |
PGP | x-hkp://keyserver.pgp.com |
Create key
gpg --gen-key
gpg --send-keys [key-ID]
Example
tan@pelion:~$ gpg --keyserver x-hkp://gpg-keyserver.de --send-keys EF6283B9 gpg: sending key EF6283B9 to hkp server gpg-keyserver.de
Syntax
gpg --import [filename]
Import public key
tan@pelion:~/gpgkeys$ gpg --import tanpub.asc gpg: key 05B3AA4A: public key "Tan-Vinh Nguyen <tan@xxx.de>" imported gpg: Total number processed: 1 gpg: imported: 1
Import public key into specificied keyring
gpg --no-default-keyring --keyring ./trusted.gpg --import /home/tan/pubkey.gpg
Import private key
tan@pelion:~/gpgkeys$ gpg --import tan.asc
gpg: key 05B3AA4A: secret key imported
gpg: key 05B3AA4A: "Tan-Vinh Nguyen <tan@xxx.de>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
Import public key from keyserver
tan@pelion:~$ gpg --keyserver x-hkp://gpg-keyserver.de --recv-keys EF6283B9
Export public key to tan-gpg-key.asc
gpg -a --output tan-gpg-key.asc --export EF6283B9
Export private key to tan-gpg-secret-key.asc
gpg -a --output tan-gpg-secret-key.asc --export-secret-keys EF6283B9
List public and private keys
gpg --list-keys
gpg --list-secret-keys
List signatures
gpg --list-sigs
Show fingerprint
gpg --fingerprint [key-ID]
gpg --sign-key [key-ID]
gpg --gen-revoke [key-ID]
#gpg -a --output tan-gpg-key-revoke.asc --gen-revoke EF6283B9
Revoke the public key by importing the revoke certificate
gpg --import [filename.revoke]
tan@pelion:~/gpgkeys$ gpg --import tan.revoke gpg: key 05B3AA4A: "Tan-Vinh Nguyen <tan@xxx.de>" revocation certificate imported gpg: Total number processed: 1 gpg: new key revocations: 1 gpg: no ultimately trusted keys found
Update public key to keyserver in order to spread the revocation
tan@pelion:~/gpgkeys$ gpg --keyserver gpg-keyserver.de --send-key 05B3AA4A
gpg: sending key 05B3AA4A to hkp server gpg-keyserver.de
Deletion order
gpg --delete-secret-keys <key-ID>
gpg --delete-key <key-ID>
tan@pelion:~/gpgkeys$ gpg --delete-secret-keys 05B3AA4A gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. sec 1024D/05B3AA4A 2007-12-09 Tan-Vinh Nguyen <tan@xxx.de> Delete this key from the keyring? (y/N) y This is a secret key! - really delete? (y/N) y tan@pelion:~/gpgkeys$ gpg --delete-key 05B3AA4A gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. pub 1024D/05B3AA4A 2007-12-09 Tan-Vinh Nguyen <tan@xxx.de> Delete this key from the keyring? (y/N) y
Encrypt file contents
gpg --armor --encrypt --recipient [key-ID] [filename]
gpg --armor --encrypt --recipient 655685AC --recipient 5E396988 passwd
gpg --armor --encrypt -r 655685AC -r 5E396988 -r A8723536 file
Decrypt file contents
gpg --decrypt --output secret-revealed.txt test.txt.asc
gpg --armor --detach-sign [key-ID] [filename]
gpg --verify [filename]
A Key may have many emails (uids).
Edit key to add the new uid
gpg --edit-key <Schlüssel-ID oder Name>
Befehl> adduid
Save the changes
Befehl> save
tan@crunchbang:~$ gpg --edit-key 5E396988 gpg> uid 2 gpg> deluid gpg> save
Update key on public keyserver
gpg --keyserver x-hkp://pgp.mit.edu --send-keys 5E396988