Skip to main content

gpg

GNU Privacy Guard: encrypt, sign, and manage keys.

Key management

  • List keys (public/secret)
gpg --list-keys
gpg --list-secret-keys
  • Generate a key
gpg --full-generate-key
  • Export public key (ASCII)
gpg --armor --export you@example.com > pubkey.asc
  • Export private key (backup)
gpg --armor --export-secret-keys you@example.com > privkey.asc
  • Import keys
gpg --import pubkey.asc
  • Set trust level
gpg --edit-key KEYID trust save

Encrypt/decrypt

  • Encrypt for recipient
gpg --encrypt --recipient KEYID file.txt
  • Encrypt to self and recipient, ASCII armored
gpg -ea -r KEYID -r you@example.com file.txt
  • Decrypt
gpg --decrypt file.txt.gpg > file.txt

Sign/verify

  • Detached signature
gpg --detach-sign --armor file.tar.gz
  • Verify
gpg --verify file.tar.gz.asc file.tar.gz

Git signing

  • Show signing key
gpg --list-secret-keys --keyid-format LONG
  • Configure git
git config --global user.signingkey KEYID
git config --global commit.gpgsign true

Agent tips

  • Restart agent and load key
gpgconf --kill gpg-agent
gpg --list-keys