2019-08-01 19:15:39 -07:00
|
|
|
# GPG Cheat Sheet
|
|
|
|
|
|
|
|
## Create a key
|
2019-06-27 19:39:56 -07:00
|
|
|
`gpg --expert --full-generate-key`
|
|
|
|
* RSA (set your own capabilities)
|
|
|
|
* Set to Certify only.
|
|
|
|
* 4096
|
|
|
|
* 2020-01-01
|
|
|
|
|
|
|
|
`gpg --expert --edit-key <userid>`
|
|
|
|
* `addkey` (Create 3, one for sign, encrypt, authenticate)
|
|
|
|
* `adduid`
|
|
|
|
* `save`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Backup key
|
2019-06-27 19:39:56 -07:00
|
|
|
* `mv ~/.gnupg/secring.gpg ~/.backup/gpg/`
|
|
|
|
* `mv ~/.gnupg/pubring.gpg ~/.backup/gpg/`
|
|
|
|
* `gpg -a --export-secret-key <userid> > secret_key.gpg`
|
|
|
|
* `gpg -a --export-secret-subkeys <userid> > secret_subkeys.gpg`
|
|
|
|
* `gpg --delete-secret-keys <userid>`
|
|
|
|
* `gpg --import secret_subkeys.gpg`
|
|
|
|
* `gpg --list-secret-keys`
|
|
|
|
* `rm secret_subkeys.gpg`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Revoke cert
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg -a --output revoke.asc --gen-revoke '<fingerprint>'`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Import/Export public key
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --import public.key`
|
|
|
|
* `gpg --output public.key --armor --export <userid>`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Import/Export private key
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --export-secret-keys --armor <userid> > privkey.asc`
|
|
|
|
* `gpg --import privkey.asc`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Edit keys
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --edit-key <userid>`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## List (secret) keys
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --list-keys`
|
|
|
|
* `gpg --list-secret-keys`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Encrypt/Decrypt
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --recipient user-id --encrypt doc`
|
|
|
|
* `gpg --output doc --decrypt doc.gpg`
|
|
|
|
|
|
|
|
or...
|
|
|
|
|
|
|
|
* `gpg -c --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 --s2k-count 65536 doc`
|
|
|
|
* `gpg --output doc --decrypt doc.gpg`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Signing
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --output doc.sig --sign doc`
|
|
|
|
* `gpg --output doc.sig --clearsign doc`
|
|
|
|
* `gpg --output doc.sig --detach-sig doc`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Verify
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --verify doc.sig`
|
|
|
|
* `gpg --verify archlinux-version.iso.sig`
|
|
|
|
* `gpg --verify archlinux-version.iso.sig /path/to/archlinux-version.iso`
|
|
|
|
* `gpg --with-fingerprint <keyfile>`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Send keys
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --send-keys <userid>`
|
|
|
|
* `gpg --refresh-keys`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Get keys
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --recv-key '<fingerprint>'`
|
|
|
|
* `gpg --fingerprint '<fingerprint>'`
|
|
|
|
|
2019-08-01 19:15:39 -07:00
|
|
|
## Sign key
|
2019-06-27 19:39:56 -07:00
|
|
|
* `gpg --lsign-key '<fingerprint>'`
|
|
|
|
|
|
|
|
or...
|
|
|
|
|
|
|
|
* `gpg --sign-key '<fingerprint>'`
|