*********************************** ***** MINI GPG HOWTO FOR UNIX ***** *********************************** KEY GENERATION Generate a private key: NAME="Test User" EMAIL="test@user.example" echo -e "Key-Type:RSA\nKey-Length:4096\nSubkey-Type:RSA\nSubkey-Length:4096\nExpire-Date:0\nName-Real:$NAME\nName-Email:$EMAIL" | gpg --batch --gen-key gpg --edit-key $EMAIL gpg> setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed Set preference list to: Cipher: AES256, AES192, AES, CAST5, 3DES Digest: SHA512, SHA384, SHA256, SHA224, SHA1 Compression: ZLIB, BZIP2, ZIP, Uncompressed Features: MDC, Keyserver no-modify Really update the preferences? (y/N) y gpg> passwd This key is not protected. Enter the new passphrase for this secret key. gpg> save Add email to key: gpg --edit-key gpg> adduid Real Name: Email address: Comment: Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O Enter passphrase: gpg> uid gpg> trust Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y gpg> setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed Set preference list to: Cipher: AES256, AES192, AES, CAST5, 3DES Digest: SHA512, SHA384, SHA256, SHA224, SHA1 Compression: ZLIB, BZIP2, ZIP, Uncompressed Features: MDC, Keyserver no-modify Really update the preferences? (y/N) y gpg> save Generate an ASCII version of your public key: gpg -a --output pubkey.txt --export '' Generate an ASCII version of your private key: gpg -a --output seckey.txt --export-secret-key '' Optional: Register your key with public keyserver: gpg --keyserver pgp.mit.edu --send-keys 'Your Name' KEY IMPORT Import from a file: gpg --import key.asc Import from keyserver: gpg --keyserver pgp.mit.edu --search-keys 'myfriend@his.isp.com' ENCRYPTION Encryption: gpg -e -r Name foo.txt Decryption: gpg --output foo.txt -d foo.txt.gpg SIGNATURES Create signature: gpg -a --detach-sign your-file.zip Check signature: gpg --verify crucial.tar.gz.asc crucial.tar.gz KEY MANAGEMENT List all imported public keys: gpg --list-public-keys List all imported secret keys: gpg --list-secret-keys Remove public key: gpg --delete-key 'myfriend@his.isp.example' Remove secret key: gpg --delete-secret-key 'me@home.example' Change passphrase of key: gpg --edit-key 'me@home.example' passwd gpg> save Export public key: gpg --armor --output 'myfriend.gpg' --export 'myfriend@his.isp.example' Export secret key: gpg --armor --output 'me.gpg' --export-secret-key 'me@home.example'