Gpg: Difference between revisions
From DWIKI
mNo edit summary |
m →FAQ Tag: wikieditor |
||
| (25 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
GNU Privacy Guard | GNU Privacy Guard | ||
=Cheatsheet= | |||
==Generate key== | = Links = | ||
*[https://www.gnupg.org/ https://www.gnupg.org/] Homepage] | |||
*[http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html GPG HOWTO] | |||
*[http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/gpg-cs.html GPG Cheat sheet] | |||
*[https://devhints.io/gnupg GnuPG cheatsheet] | |||
*[https://www.phildev.net/pgp/gpg_moving_keys.html https://www.phildev.net/pgp/gpg_moving_keys.html] | |||
*[https://support.mozilla.org/en-US/kb/digitally-signing-and-encrypting-messages Thunderbird and GPG] | |||
*[https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/ Creating a new GPG key with subkeys] | |||
*[https://wiki.debian.org/Subkeys Using OpenPGP subkeys in Debian development] | |||
= Cheatsheet = | |||
== What is my key ID? == | |||
gpg --list-keys you@example.com | |||
The bit after the / in the pub line! | |||
| |||
== Generate key == | |||
gpg --gen-key | gpg --gen-key | ||
== Export public key == | |||
gpg --output public.key --export me@example.com | |||
or in ascii | |||
gpg --armor --output public.key --export me@example.com | |||
== Export private key == | |||
gpg --export-secret-key me@example.com > private.key | gpg --export-secret-key me@example.com > private.key | ||
| |||
== Import private key == | |||
gpg --import private.key | |||
== Renewing subkey == | |||
[https://sites.lafayette.edu/newquisk/archives/504 https://sites.lafayette.edu/newquisk/archives/504] | |||
==Changing expiration date== | |||
gpg --edit-key me@example.com | |||
gpg> expire | |||
== GPG CLI commands == | |||
=== encrypt a file === | |||
In a pipe: | |||
cat somefile | gpg --encrypt --recipient hx04r@example.com | |||
or just | |||
gpg --output somefile.gpg--encrypt --recipient h4x0r@example.com somefile | |||
= FAQ = | |||
== gpg: decryption failed: No secret key" == | |||
Means you're using gpg2 --use-agent, which is broken | |||
| |||
== gpg: keyserver receive failed: No name == | |||
probably means the key was nog found | |||
== gpg: keyserver send failed: No name == | |||
Try another keyserver | |||
== gpg: WARNING: Your encryption subkey expires soon. == | |||
"expire" is the magic command, probably like | |||
key 1 | |||
expire | |||
== gpg: Note: secret key XXX expired == | |||
gpg --edit-key XXX | |||
gpg> expire | |||
== There is no assurance this key belongs to the named user == | |||
You probably have serveral keys with same uid, find the key with | |||
gpg --list-keys --keyid-format long | |||
Pass looks at .password-store/.gpg-id | |||
you can put the key you want to use there, instead of the user id | |||
Also check trust level | |||
gpg --edit-key <your key> | |||
trust | |||
and set trust level to ultimately | |||
==Unusable public key== | |||
Maybe the key expired | |||
==gpg-agent: a gpg-agent is already running - not starting a new one== | |||
maybe you're in a tmux/screen session? | |||
[[Category:Security]] | |||
Latest revision as of 13:32, 20 April 2026
GNU Privacy Guard
Links
- https://www.gnupg.org/ Homepage]
- GPG HOWTO
- GPG Cheat sheet
- GnuPG cheatsheet
- https://www.phildev.net/pgp/gpg_moving_keys.html
- Thunderbird and GPG
- Creating a new GPG key with subkeys
- Using OpenPGP subkeys in Debian development
Cheatsheet
What is my key ID?
gpg --list-keys you@example.com
The bit after the / in the pub line!
Generate key
gpg --gen-key
Export public key
gpg --output public.key --export me@example.com
or in ascii
gpg --armor --output public.key --export me@example.com
Export private key
gpg --export-secret-key me@example.com > private.key
Import private key
gpg --import private.key
Renewing subkey
https://sites.lafayette.edu/newquisk/archives/504
Changing expiration date
gpg --edit-key me@example.com gpg> expire
GPG CLI commands
encrypt a file
In a pipe:
cat somefile | gpg --encrypt --recipient hx04r@example.com
or just
gpg --output somefile.gpg--encrypt --recipient h4x0r@example.com somefile
FAQ
gpg: decryption failed: No secret key"
Means you're using gpg2 --use-agent, which is broken
gpg: keyserver receive failed: No name
probably means the key was nog found
gpg: keyserver send failed: No name
Try another keyserver
gpg: WARNING: Your encryption subkey expires soon.
"expire" is the magic command, probably like
key 1 expire
gpg: Note: secret key XXX expired
gpg --edit-key XXX gpg> expire
There is no assurance this key belongs to the named user
You probably have serveral keys with same uid, find the key with
gpg --list-keys --keyid-format long
Pass looks at .password-store/.gpg-id you can put the key you want to use there, instead of the user id
Also check trust level
gpg --edit-key <your key>
trust
and set trust level to ultimately
Unusable public key
Maybe the key expired
gpg-agent: a gpg-agent is already running - not starting a new one
maybe you're in a tmux/screen session?
