====== OpenPGP ==
===== Abstract ==

The sender encrypts a file with the public key of the receiver. After sending the receiver decrypts the file with his secret key. Digital Signatures are also possible. Infos from ''man pgp'' or [[http://www.gnupg.org/gph/en/manual.html|Manual]]

===== Commands ==
==== Create / delete Keys ==

**Create** a new primary keypair (in ''%%~/.gnupg%%'') with ''%%gpg --gen-key%%''. Keep all default values. Specifiy given name, surname, and email adress. Comment can be omitted.

Create a [[http://www.gnupg.org/gph/en/manual.html#REVOCATION|revocation certificate]] with ''%%gpg --output revoke.asc --gen-revoke <mykey>%%'' to declare your public key invalid in case the private key gets lost or exposed. ''mykey'' must be a substring of the user ID which you specified at keypair cration. Copy it eg to a floppy disk and lock it.

Delete a key
  gpg --delete Harry

==== List Keys ==

List public keys
  gpg -k
  
List secret keys
  gpg -K

==== Export / import Keys ==

Export a public key (create a texfile of your public key). Preferably use the full id of the primary key (see list keys) as unambiguous identifier.
  gpg --armor --export <id> > myFullName.asc

Export a private key: ([[http://stackoverflow.com/questions/5587513|source]])
This seems to include the public key as well. Importing such a key also imports its corresponding public key. (tested)
  gpg --export-secret-keys <id> > key.asc

Import a foreign key:
  ggp --import harryHirsch.asc

An imported key needs to be validated(?). Validate the key with:
  gpg --edit-key Harry -> fpr -> (Compare fingerprint by word of mouth) -> sign -> check -> quit -> save:y

==== Encrypt / decrypt files ==

Encryption of a file
  gpg --encrypt  file

decrpytion
  gpg --decrypt file.gpg > file

===== Other ==

''kgpg'' is a graphical frontent on slackware.

Did not see any difference between gpg and gpg2 so far. => Use gpg, cause ist easier to type.