Introduce

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME and Secure Shell (ssh).

Install

Download GnuPG: https://gnupg.org/download/index.html

On macOS, you can install GPG Suite: https://gpgtools.org/
On Windows, you can install Gpg4in: https://gpg4win.org/

Command

GnuPG help:

gpg -h

Delete Key

Delete public key:

gpg --delete-key KEY_ID

Delete private key:

gpg --delete-secret-key KEY_ID

Export Key

Export public key:

gpg --export -a KEY_ID

Export private key:

gpg --export-secret-key -a KEY_ID

Import Key

Import public key:

gpg --import public.key

Import private key:

gpg --allow-secret-key-import --import private.key

List Keys

List all keys:

$ gpg --list-keys

$ gpg -k

List private keys:

$ gpg --list-secret-keys

$ gpg -K

Sign/Verify

Sign

$ gpg -s -b -a -u 6CB58EB6976AA756A61196023A24F80BD0386B7F example.file.txt
  • -s – make a signature
  • -b – make a detached signature
  • -a – create ascii armored output
  • -u – use USER-ID to sign or decrypt

Verify

$ gpg --verify example.file.txt.asc example.file.txt
gpg: Signature made Sat Nov 24 12:03:02 2018 CST
gpg:                using RSA key 6CB58EB6976AA756A61196023A24F80BD0386B7F
gpg: Good signature from "HatterJ/L2 (Hatter Jiang's L2 PGP Key) <jht****@gmail.com>" [ultimate]

OpenPGP Card

The OpenPGP Card is a specification of an ISO 7816-4,-8 compatible smartcard and also an actually available implementation of this specification as a standard sized card.

https://openpgpcard.cloudbook.wiki/

Make Card

https://openpgpcard.cloudbook.wiki/makecard/

SSH

https://openpgpcard.cloudbook.wiki/ssh/
https://codeberg.org/openpgp-card/ssh-agent

OpenPGP card tools

This crate contains the oct tool for inspecting, configuring and using OpenPGP cards.

https://codeberg.org/openpgp-card/openpgp-card-tools
https://crates.io/crates/openpgp-card-tools/

cargo install openpgp-card-tools --locked

Security

https://gist.github.com/grugq/03167bed45e774551155 - Operational PGP

Reference

  1. https://www.gnupg.org/
  2. http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/ - Quick'n easy gpg cheatsheet