====== OpenPGP == ===== Abstract == The sender encrypts a file with the public key of the receiver. After sending the receiver decrypts the file with his secret key. Digital Signatures are also possible. Infos from ''man pgp'' or [[http://www.gnupg.org/gph/en/manual.html|Manual]] ===== Commands == ==== Create / delete Keys == **Create** a new primary keypair (in ''%%~/.gnupg%%'') with ''%%gpg --gen-key%%''. Keep all default values. Specifiy given name, surname, and email adress. Comment can be omitted. Create a [[http://www.gnupg.org/gph/en/manual.html#REVOCATION|revocation certificate]] with ''%%gpg --output revoke.asc --gen-revoke %%'' to declare your public key invalid in case the private key gets lost or exposed. ''mykey'' must be a substring of the user ID which you specified at keypair cration. Copy it eg to a floppy disk and lock it. Delete a key gpg --delete Harry ==== List Keys == List public keys gpg -k List secret keys gpg -K ==== Export / import Keys == Export a public key (create a texfile of your public key). Preferably use the full id of the primary key (see list keys) as unambiguous identifier. gpg --armor --export > myFullName.asc Export a private key: ([[http://stackoverflow.com/questions/5587513|source]]) This seems to include the public key as well. Importing such a key also imports its corresponding public key. (tested) gpg --export-secret-keys > key.asc Import a foreign key: ggp --import harryHirsch.asc An imported key needs to be validated(?). Validate the key with: gpg --edit-key Harry -> fpr -> (Compare fingerprint by word of mouth) -> sign -> check -> quit -> save:y ==== Encrypt / decrypt files == Encryption of a file gpg --encrypt file decrpytion gpg --decrypt file.gpg > file ===== Other == ''kgpg'' is a graphical frontent on slackware. Did not see any difference between gpg and gpg2 so far. => Use gpg, cause ist easier to type.