GnuPG

General

gpg --output doc --decrypt doc.gpg

... decrypt doc.gpg and write the output to doc

gpg --output file.gpg --encrypt --recipient user@pichove.org file.txt

... encrypt file.txt and write the output to file.gpg (preserving file.txt)

gpg -se -o file.gpg -r user@pichove.org file.txt

... sign and encrypt file.txt for user@pichove.org and write it to file.gpg (preserving file.txt)

gpg --export-secret-keys <key-id> > exported_file.gpg

... exports both private and public keys corresponding to

gpg -a --gen-random 1 20

... generates 20 random bytes of quality 1 in base64 format

gpg --armor --export-secret-keys YOUREMAILADDRESS | gpg --armor --symmetric --output mykey.sec.asc

... exports and then encrypts the private key

gpg --output doc.sig --default-key <key-ID> --detach-sign doc

... creates a detached signature 'doc.sig' of doc using

gpg --verify doc.sig doc

... verifies doc against detached signature doc.sig

gpg --with-fingerprint <key.pub>

... displays the fingerprint of a pubkey without importing it

xz -cd linux-5.0.13.tar.xz | gpg --verify linux-5.0.13.tar.sign -

... verifies the Linux kernel

Argument description

• -a, --armor: create ascii armored output
• -b, --detach-sign: make a detach signature
• -e, --encrypt: encrypt data
• -c, --symmetric: encryption only with symmetric cipher
• -d, --decrypt: decrypt data (default)
• --edit-key: sign or edit a key
• --fingerprint: list keys and fingerprints
• --full-gen-key: Generate a new key pair with dialogs for all options
• --verify: verify a signature
• -k, --list-keys: list keys
• -K, --list-secret-keys: list secret keys
• --list-sigs: lists keys and their signatures
• -n, --dry-run: do not make any changes
• -o, --output FILE: write output to FILE
• -s, --sign: make a signature
• -v, --verbose: verbose
• -z N: set compress level to N (0 disables compression)

Environment

export GPG_TTY=$(tty)

... prompts for password using the TTY