GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC 2440 (OpenPGP) compliant application.
$ gpg
--gen-key
This asks some questions and then starts key generation.
$ gpg
-o revcert.asc
--gen-revoke userid
You should protect your revocation certificate (revcert.asc) very well.
$ gpg
--import revcert.asc
$ gpg
-o filename.asc
-a
--export userid
The public key (userid) is written to the file (filename.asc).
$ gpg
--import public_key.asc
$ gpg
--fingerprint
The best way to specify a key ID is by using the fingerprint of the key. This avoids any ambiguities in case that there are duplicated key IDs.
$ gpg
--lsign-key userid
$ gpg
--edit-key userid
Following are frequency used commands.
trust
, change the ownertrust.sign
, sign the key.check
, list signatures.$ gpg
-o filename.asc
-sa filename
Make the signature (filename) and write it to file (filename.asc).
$ gpg
-o filename.asc
-r recipient
-ea filename
Encrypt data (filename) for user id (recipient) and write it to file (filename.asc).
$ gpg
-o filename.asc
-r recipient
-sea filename
Sign and encrypt data (filename) for user id (recipient) and write it to file (filename.asc).
$ gpg
-d filename.asc
Decrypt data or verity the signature (filename.asc).