Gpg: Difference between revisions

From DWIKI
← Older edit
Tony (talk | contribs)
7,300 edits
Tony (talk | contribs)
7,300 edits
Tag: wikieditor
Tony (talk | contribs)
7,300 edits
Tag: wikieditor
 
(8 intermediate revisions by the same user not shown)
Line 11: Line 11:
*[https://www.phildev.net/pgp/gpg_moving_keys.html https://www.phildev.net/pgp/gpg_moving_keys.html]  
*[https://www.phildev.net/pgp/gpg_moving_keys.html https://www.phildev.net/pgp/gpg_moving_keys.html]  
*[https://support.mozilla.org/en-US/kb/digitally-signing-and-encrypting-messages Thunderbird and GPG]
*[https://support.mozilla.org/en-US/kb/digitally-signing-and-encrypting-messages Thunderbird and GPG]
*[https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/ Creating a new GPG key with subkeys]
*[https://wiki.debian.org/Subkeys Using OpenPGP subkeys in Debian development]


= Cheatsheet =
= Cheatsheet =
Line 29: Line 31:
== Export public key ==
== Export public key ==


  gpg --export me@example.com > public.key
  gpg --output public.key --export me@example.com
 
or in ascii
 
  gpg --armor --output public.key --export me@example.com


== Export private key ==
== Export private key ==
Line 51: Line 53:
  gpg> expire
  gpg> expire


== GPG CLI commands ==
=== encrypt a file ===
In a pipe:
cat somefile | gpg --encrypt --recipient hx04r@example.com
or just
gpg --output somefile.gpg--encrypt --recipient h4x0r@example.com somefile


= FAQ =
= FAQ =
Line 68: Line 77:


== gpg: WARNING: Your encryption subkey expires soon. ==
== gpg: WARNING: Your encryption subkey expires soon. ==
"expire" is the magic command
"expire" is the magic command, probably like
 
key 1
expire


== gpg: Note: secret key XXX expired ==
== gpg: Note: secret key XXX expired ==
Line 84: Line 94:
Pass looks at .password-store/.gpg-id
Pass looks at .password-store/.gpg-id
you can put the key you want to use there, instead of the user id
you can put the key you want to use there, instead of the user id
Also check trust level
gpg --edit-key <your key>
trust
and set trust level to ultimately
==Unusable public key==
Maybe the key expired
==gpg-agent: a gpg-agent is already running - not starting a new one==
maybe you're in a tmux/screen session?
[[Category:Security]]

Latest revision as of 13:32, 20 April 2026

GNU Privacy Guard


Links

Cheatsheet

What is my key ID?

gpg --list-keys you@example.com

The bit after the / in the pub line!

 

Generate key

gpg --gen-key

Export public key

gpg --output public.key --export me@example.com

or in ascii 

 gpg --armor --output public.key --export me@example.com

Export private key

gpg --export-secret-key me@example.com > private.key

 

Import private key

gpg --import private.key

Renewing subkey

https://sites.lafayette.edu/newquisk/archives/504

Changing expiration date

gpg --edit-key me@example.com
gpg> expire


GPG CLI commands

encrypt a file

In a pipe: 

cat somefile | gpg --encrypt --recipient hx04r@example.com

or just 

gpg --output somefile.gpg--encrypt --recipient h4x0r@example.com somefile

FAQ

gpg: decryption failed: No secret key"

Means you're using gpg2 --use-agent, which is broken

 

gpg: keyserver receive failed: No name

probably means the key was nog found

gpg: keyserver send failed: No name

Try another keyserver

gpg: WARNING: Your encryption subkey expires soon.

"expire" is the magic command, probably like 

key 1
expire

gpg: Note: secret key XXX expired

gpg --edit-key XXX
gpg> expire


There is no assurance this key belongs to the named user

You probably have serveral keys with same uid, find the key with 

gpg --list-keys --keyid-format long


Pass looks at .password-store/.gpg-id you can put the key you want to use there, instead of the user id

Also check trust level 

gpg --edit-key <your key>

trust

and set trust level to ultimately

Unusable public key

Maybe the key expired

gpg-agent: a gpg-agent is already running - not starting a new one

maybe you're in a tmux/screen session?

Retrieved from "https://wiki.dhits.nl/index.php?title=Gpg&oldid=10400"