Most important commands to use GnuPG
Posted: Wed Jun 16, 2010 6:09 am
Generating a new keypair
gpg –gen-key
Adding a second email address
gpg –edit-key yourID
adduid or revuid
save or quit
Generating a revocation certificate (mykey key specifier e.g. 40240B2E)
gpg –output revoke.asc –gen-revoke mykey
Listing keys and keys with sigs
gpg –list-keys
gpg –list-sigs
Exporting a public key
gpg –armor -o publicKey.gpg –export email@foo.bar
Exporting a key to a public keyserver
gpg –keyserver blackhole.pca.dfn.de –send-keys email@foo.bar
Importing a public key
gpg –import aPublicKey.gpg
Importing automatically a key
gpg –keyserver blackhole.pca.dfn.de –recv-keys somebody@foo.bar
Once imported, you should check the key
gpg –fingerprint \A key’s fingerprint is verified with the key’s owner. This may be done in person or over the phone or through any other means as long as you can guarantee that you are communicating with the key’s true owner. If the fingerprint you get is the same as the fingerprint the key’s owner gets, then you can be sure that you have a correct copy of the key.
If the owner, the email and the fingerprint fits with your data, you can sign his public key:
gpg –sign-key somebody@foo.bar
gpg –send-key –keyserver blackhole.pca.dfn.de somebody@foo.bar
Deleting a key from your keyring
gpg –delete-keys somebody@foo.bar
Updating key information from keyserver
gpg –refresh-keys
Revoking a key (ONLY if your key was compromised or lost!)
gpg –import revoke.asc
gpg –keyserver blackhole.pca.dfn.de –send-keys email@foo.bar
gpg –gen-key
Adding a second email address
gpg –edit-key yourID
adduid or revuid
save or quit
Generating a revocation certificate (mykey key specifier e.g. 40240B2E)
gpg –output revoke.asc –gen-revoke mykey
Listing keys and keys with sigs
gpg –list-keys
gpg –list-sigs
Exporting a public key
gpg –armor -o publicKey.gpg –export email@foo.bar
Exporting a key to a public keyserver
gpg –keyserver blackhole.pca.dfn.de –send-keys email@foo.bar
Importing a public key
gpg –import aPublicKey.gpg
Importing automatically a key
gpg –keyserver blackhole.pca.dfn.de –recv-keys somebody@foo.bar
Once imported, you should check the key
gpg –fingerprint \A key’s fingerprint is verified with the key’s owner. This may be done in person or over the phone or through any other means as long as you can guarantee that you are communicating with the key’s true owner. If the fingerprint you get is the same as the fingerprint the key’s owner gets, then you can be sure that you have a correct copy of the key.
If the owner, the email and the fingerprint fits with your data, you can sign his public key:
gpg –sign-key somebody@foo.bar
gpg –send-key –keyserver blackhole.pca.dfn.de somebody@foo.bar
Deleting a key from your keyring
gpg –delete-keys somebody@foo.bar
Updating key information from keyserver
gpg –refresh-keys
Revoking a key (ONLY if your key was compromised or lost!)
gpg –import revoke.asc
gpg –keyserver blackhole.pca.dfn.de –send-keys email@foo.bar