[ About | Licence | Contacts ]
Written by Oleksandr Gavenko (AKA gavenkoa), compiled on 2017-01-30 from rev ccaa2f364422+.

PGP/GPG.

Documentation

https://wiki.archlinux.org/index.php/GnuPG
ArchLinux wiki.
http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
The Keysigning Party HOWTO.

What preffered client?

GNU gpg.

How import keys from key-server?

To import key with signatures:

$  gpg --keyserver pgp.mit.edu --recv-keys $KEYID

To check revocation statuses and receive new signatures:

$  gpg --keyserver pgp.mit.edu --refresh-keys $KEYID

How mark key as trusted?

$ gpg --edit-key $KEYID trust

How export key?

Export public key in binary (OpenGPG) form:

$ gpg --export $KEYID >$PUBKEY.asc
$ gpg --output $PUBKEY.asc --export $KEYID

Export public key in text form:

$ gpg -a --export $KEYID >$PUBKEY.asc
$ gpg --armor --export $KEYID >$PUBKEY.asc

Export private key (it still encrypted by pass-phrase):

$ gpg --output $PRIVKEY.gpg --export-secret-key $KEYID

How create own PGP key?

$ gpg --gen-key   # answer the question
...
$ gpg -o $keyfile --export-secret-keys $NAME

How import keys from file?

$ gpg --import $keyfile

How to get public key from private without importing to local storage?

tmp=$(mktemp -d)
gpg --homedir $tmp --import $SECKEY
gpg --homedir $tmp --export $ID > $PUBKEY
rm -rf $tmp
http://stackoverflow.com/questions/7661500/how-to-get-public-key-from-private-in-gpg-without-using-local-storage-under

How submit public key to key server?

$ gpg --keyserver pgp.mit.edu --send-key $KEYID

What keys in local db?

$ gpg --list-keys
$ gpg --list-keys $KEYID
$ gpg --list-keys $EMAIL

$ gpg --list-secret-keys

Making revocation certificate.

$ gpg --armor --output $KEYID.rev --gen-revoke $KEYID

How delete key?

$ gpg --delete-key $KEYID
$ gpg --delete-key $USER
$ gpg --delete-key $EMAIL

$ gpg --delete-secret-key $KEYID

Dump content of key or signture.

$ gpg --list-packets $FILE.sig
$ gpg --list-packets $FILE.key

$ sudo apt-get install pgpdump
$ pgpdump $FILE.sig
$ pgpdump $FILE.key

How sign file?

To sign with first key:

$ gpg -o $file.sig --sign $file
$ gpg --default-key $NAME -o $file.sig --sign $file
$ gpg -u ${USER_NAME} -o $file.sig --sign $file

How verify signature?

$ gpg --verify $file.sig

How to backup private key?

Make a copy:

$ gpg --export-secret-keys --armor $KEYID > privkey.asc

Restore from copy:

$ gpg --allow-secret-key-import --import privkey.asc