GnuPG: Difference between revisions

1,451 bytes added ,  18 July 2019
→‎Cookbook: add many more example commands
add keyservers
→‎Cookbook: add many more example commands
Line 3: Line 3:
= Cookbook =
= Cookbook =


CREATE a new key:
== Create a new key ==


<source lang="console">
<source lang="console">
Line 29: Line 29:




LIST the keys in the *public key ring*:
== Useful commands ==


<source lang="console">
<source lang="console">
$ gpg2 --list-keys
// list the keys in the public ring
$ gpg --list-keys
 
// generate a revocation certificate
$ gpg --output revoke.asc --gen-revoke mykey
 
// generate a binary file (public key)
$ gpg --output mhankey.gpg --export mhan
 
// generate in ASCII-armored format
$ gpg --armor --export mhan
 
 
// add a key to public key ring
$ gpg --import didi.gpg
 
// validate
$ gpg --edit-key didi
Command> fpr
// after verifying fingerprint w/ owner
Command> sign
// check signature
Command> check
 
 
// encrypt [and compress] a document
$ gpg --output filename.gpg --encrypt --recipient didi filename.doc
 
// decrypt a file
$ gpg --output filename.doc --decrypt filename.gpg
 
// symmetric cipher to encrypt
$ gpg --output filename.gpg --symmetric filename.doc
 
 
// create a signature for a document
$ gpg --output doc.sig --sign doc
 
// verify & extract doc
$ gpg --output doc --decrypt doc.sig
 
// clearsign document
$ gpg --clearsign doc
 
// create a deteached signature for a doc
$ gpg --output doc.sig --detach-sig doc
 
// verify the signature against the doc
$ gpg --verify doc.sig doc
</source>
 
 
== Key management ==
 
; adduid
: add new user ID
; uid, key
: select UID or a key
; deluid, delkey
: delete UID or a key
; revuid, revkey
: revoke UID or a key
; expire
: update expiration time
 
 
== Key distribution ==
 
<source lang="console">
// retrieve a key
$ gpg --keyserver certserver.pgp.com --recv-key 0xBB7576AC
 
// send a key
$ gpg --keyserver certserver.pgp.com --send-key mhan
</source>
</source>


</source>


= Keyservers =
= Keyservers =