DNA - Cafe - GNU Privacy Guard

GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC 2440 (OpenPGP) compliant application.

Create a key

$ gpg --gen-key

This asks some questions and then starts key generation.

Generate a revocation certificate

$ gpg -o revcert.asc --gen-revoke userid

You should protect your revocation certificate (revcert.asc) very well.

Revoke the key

$ gpg --import revcert.asc

Export the public key

$ gpg -o filename.asc -a --export userid

The public key (userid) is written to the file (filename.asc).

Inport the public key

$ gpg --import public_key.asc

Show fingerprints

$ gpg --fingerprint

The best way to specify a key ID is by using the fingerprint of the key. This avoids any ambiguities in case that there are duplicated key IDs.

Sign the key locally

$ gpg --lsign-key userid

Update the trust database

$ gpg --edit-key userid

Following are frequency used commands.

  1. trust, change the ownertrust.
  2. sign, sign the key.
  3. check, list signatures.

Make a signature

$ gpg -o filename.asc -sa filename

Make the signature (filename) and write it to file (filename.asc).

Encrypt data

$ gpg -o filename.asc -r recipient -ea filename

Encrypt data (filename) for user id (recipient) and write it to file (filename.asc).

Encrypt data and make the signature

$ gpg -o filename.asc -r recipient -sea filename

Sign and encrypt data (filename) for user id (recipient) and write it to file (filename.asc).

Decrypt file or verify the signature

$ gpg -d filename.asc

Decrypt data or verity the signature (filename.asc).

Reference

http://www.gnupg.org/
The GNU Privacy Guard Homepage
http://www.openpgp.net/
OpenPGP
http://www.pgpi.org/
The International PGP Home Page

[up] [DNA - Home] Vector Valid XHTML 1.0! Valid CSS!