GPG
Created: November 14, 2019 (Updated: June 29, 2021)
Key pair generation
Generate a key pair:
gpg --gen-key
Generate a key pair with more options:
gpg --expert --full-gen-key
- Currently the only way to generate ECC key pairs.
Listing keys
List public keys:
gpg --list-keys
gpg --list-public-keys
List private keys:
gpg --list-secret-keys
Importing and exporting key pairs
Export a secret key:
gpg --export-secret-keys --armor KEY_ID > FILE.asc
KEY_ID
can be found in the second column of--list-secret-keys
.--armor
outputs an encoded string as opposed to binary.
Export a public key:
gpg --output FILE --armor --export IDENTITY
- The secret key will restore the public key as well when re-imported.
Import a key:
gpg --import FILE.asc
- On importing a secret key, the public key is added as well.
File encryption and decryption
Encrypt a file:
gpg --encrypt --sign --armor -r GPG_EMAIL FILE.asc
* Remove the armor flag for increased compute efficiency.
Decrypt a file:
gpg --decrypt FILE.asc --output OUTPUT_PATH
Extend key expiry
Get key ID:
gpg --list-secret-keys
Edit the key:
gpg --edit-key KEY_ID
Show keys, key expiry dates, and user ids:
list
Select all keys (can select multiple at once):
key 0
key 1
key 2
key 3
Activate the interactive extend prompt:
expire
Save:
save
Delete a user ID
Get key ID:
gpg --list-secret-keys
Edit the key:
gpg --edit-key KEY_ID
Show keys, key expiry dates, and user IDs:
list
Select the user ID:
uid UID
Delete the user ID:
deluid
Save:
save
Add a user ID
Get key ID:
gpg --list-secret-keys
Edit the key:
gpg --edit-key KEY_ID
Show keys, key expiry dates, and user IDs:
list
Add a user ID:
adduid
Save:
save