Skip to content

gnugpg

Add below in .bashrc before you doing anything else

export GPG_TTY=$(tty)
gpg --version

List keys

gpg -k 

List keys

gpg --list-keys      

Long key

gpg --list-keys --keyid-format LONG

Short key behind sub

gpg --list-keys --keyid-format SHORT 

List the keys in your secret key ring:

gpg --list-secret-keys

Generate a new key

gpg --full-generate-key               

Delete key

gpg --delete-secret-keys <KEY IDS>
gpg --list-keys --with-colons 7967E2B3A270A35011AF1E852C5419F5A6FA5869 \
    |awk -F: '/^pub:/ { print $5 }'

Easier way to get keyid

gpg --list-signatures

Short key behind sub

gpg --list-keys --keyid-format SHORT

Generate a new key

gpg --full-generate-key

Export gpg key

gpg -o key.gpg --export <KEY ID>

Export gpg key in ascii

gpg -o key.asc --armor --export <KEY ID>

Import keys

gpg --import key.gpg

Import keys

gpg --import key.asc

Test Clearsign

echo "test" | gpg --clearsign
gpg --list-keys --with-colons <keyid>  \
    | awk -F: '/^pub:/ { print $5 }'   

Easier way to get keyid

gpg --list-signatures               

Long key

gpg --list-keys --keyid-format LONG       

Import private key

gpg --import key.gpg
gpg --import key.asc  

This will produce an encrypted file, secret.txt. gpg, that can only be decrypted by the recipient

gpg -e -o secret.txt.gpg -r <RECIPIENT> secret.txt    

Decrypting a file

gpg -d -o secret.txt secret.txt.gpg     

Create a tarball and encrypt it

tar czvpf - foo.txt\
    |gpg --symmetric --cipher-algo TWOFISH -o foo.txt.tar.gz

Decrypt and untar

gpg -d foo.txt.tar.gz.gpg \
    |tar xzvf -
Encrypt file using a shared key. You will be prompted for a passphrase.
gpg -c secret.txt 

Sign a file

gpg -o signed-file.txt.gpg -s file.txt

Import keys from keyserver

gpg --receive-keys <KEY IDS>

Upload keys to keyserver

gpg --send-keys <KEY IDS>   

Request updates from keyserver for keys already in your keyring

gpg --refresh-keys         

Search keys from keyserver:

gpg --search-keys "<SEARCH STRING>"     

Override keyserver from ~/.gnupg/ to gpg.conf

gpg --keyserver <URL> ...                  

Only merge updates for keys already in key-ring:

gpg --import key.asc --merge-options merge-only                                            

Trusting a key

gpg --edit-key <KEY ID>                                                                  
gpg> sign                                                                                
gpg> save                                                                                   

Create a text file with the your messagage, save it to test.txt. Now we want to manual sign it

gpg --clearsign test.txt

After entering password, we will get a new file named text.txt.asc, its signed, now we also want to verify this

gpg --verify test.txt.asc

Send key to key servers

gpg --export-options export-minimal --export  <KEY IDS> \
    | curl -T - https://keys.openpgp.org

Backup Key

gpg -o wuseman.gpg --export-options backup --export-secret-keys wuseman@nr1.nu

Restore Backup

gpg --import-options restore --import wuseman.gpg

Get some more info then keyid

gpg --list-packets backups/gnupg/<KEY IDS>.asc 

Get keyid

gpg --list-packets ~/backups/gnupg/<KEY IDS>.asc \
    |awk '$1=="keyid:"{print$2}'

This will produce an encrypted file, secret.txt.gpg, that can only be decrypted by the recipient

gpg -e -o secret.txt.gpg -r <RECIPIENT> secret.txt

For encrypt our file

gpg --encrypt --armor test.txt

For decrypt our file

gpg --decrypt encrypted.file

Decrypting a file

gpg -d -o secret.txt secret.txt.gpg

Encrypt file using a shared key. You will be prompted for a passphrase.

gpg -c secret.txt

Sign a file

gpg -o signed-file.txt.gpg -s file.txt

Import keys from keyserver:

gpg --receive-keys <KEY IDS>

Upload keys to keyserver:

gpg --send-keys <KEY IDS>

equest updates from keyserver for keys already in your keyring:

gpg --refresh-keys

Search keys from keyserver:

gpg --search-keys "<SEARCH STRING>"

verride keyserver from ~/.gnupg/gpg.conf

gpg --keyserver <URL> ...

Only merge updates for keys already in key-ring

gpg --import key.asc --merge-options merge-only

  • Comments are closed on this article!

Last update: December 6, 2022 16:13:32