The sender encrypts a file with the public key of the receiver. After sending the receiver decrypts the file with his secret key. Digital Signatures are also possible. Infos from man pgp
or Manual
Create a new primary keypair (in ~/.gnupg
) with gpg --gen-key
. Keep all default values. Specifiy given name, surname, and email adress. Comment can be omitted.
Create a revocation certificate with gpg --output revoke.asc --gen-revoke <mykey>
to declare your public key invalid in case the private key gets lost or exposed. mykey
must be a substring of the user ID which you specified at keypair cration. Copy it eg to a floppy disk and lock it.
Delete a key
gpg --delete Harry
List public keys
gpg -k
List secret keys
gpg -K
Export a public key (create a texfile of your public key). Preferably use the full id of the primary key (see list keys) as unambiguous identifier.
gpg --armor --export <id> > myFullName.asc
Export a private key: (source)
This seems to include the public key as well. Importing such a key also imports its corresponding public key. (tested)
gpg --export-secret-keys <id> > key.asc
Import a foreign key:
ggp --import harryHirsch.asc
An imported key needs to be validated(?). Validate the key with:
gpg --edit-key Harry -> fpr -> (Compare fingerprint by word of mouth) -> sign -> check -> quit -> save:y
Encryption of a file
gpg --encrypt file
decrpytion
gpg --decrypt file.gpg > file
kgpg
is a graphical frontent on slackware.
Did not see any difference between gpg and gpg2 so far. ⇒ Use gpg, cause ist easier to type.