tips: pgp.rst@c44e4331713c


.. -*- coding: utf-8; -*-

==========
 PGP/GPG.
==========
.. contents::
   :local:

Documentation
=============

https://wiki.archlinux.org/index.php/GnuPG
  ArchLinux wiki.
http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
  The Keysigning Party HOWTO.

What preffered client?
======================

GNU gpg.

How import keys from key-server?
================================

To import key with signatures::

  $  gpg --keyserver pgp.mit.edu --recv-keys $KEYID

To check revocation statuses and receive new signatures::

  $  gpg --keyserver pgp.mit.edu --refresh-keys $KEYID

How mark key as trusted?
========================
::

  $ gpg --edit-key $KEYID trust

How export key?
===============

Export public key in binary (OpenGPG) form::

  $ gpg --export $KEYID >$PUBKEY.asc
  $ gpg --output $PUBKEY.asc --export $KEYID

Export public key in text form::

  $ gpg -a --export $KEYID >$PUBKEY.asc
  $ gpg --armor --export $KEYID >$PUBKEY.asc

Export private key (it still encrypted by pass-phrase)::

  $ gpg --output $PRIVKEY.gpg --export-secret-key $KEYID

How create own PGP key?
=======================
::

  $ gpg --gen-key   # answer the question
  ...
  $ gpg -o $keyfile --export-secret-keys $NAME

How import keys from file?
==========================
::

  $ gpg --import $keyfile

How to get public key from private without importing to local storage?
======================================================================
::

  tmp=$(mktemp -d)
  gpg --homedir $tmp --import $SECKEY
  gpg --homedir $tmp --export $ID > $PUBKEY
  rm -rf $tmp

..

* http://stackoverflow.com/questions/7661500/how-to-get-public-key-from-private-in-gpg-without-using-local-storage-under

How submit public key to key server?
====================================
::

  $ gpg --keyserver pgp.mit.edu --send-key $KEYID

What keys in local db?
======================
::

  $ gpg --list-keys
  $ gpg --list-keys $KEYID
  $ gpg --list-keys $EMAIL

  $ gpg --list-secret-keys

Making revocation certificate.
==============================
::

  $ gpg --armor --output $KEYID.rev --gen-revoke $KEYID

How delete key?
===============
::

  $ gpg --delete-key $KEYID
  $ gpg --delete-key $USER
  $ gpg --delete-key $EMAIL

  $ gpg --delete-secret-key $KEYID

Dump content of key or signture.
================================
::

  $ gpg --list-packets $FILE.sig
  $ gpg --list-packets $FILE.key

  $ sudo apt-get install pgpdump
  $ pgpdump $FILE.sig
  $ pgpdump $FILE.key

How sign file?
==============

To sign with first key::

  $ gpg -o $file.sig --sign $file
  $ gpg --default-key $NAME -o $file.sig --sign $file
  $ gpg -u ${USER_NAME} -o $file.sig --sign $file

How verify signature?
=====================
::

  $ gpg --verify $file.sig

How to backup private key?
==========================

Make a copy::

  $ gpg --export-secret-keys --armor $KEYID > privkey.asc

Restore from copy::

  $ gpg --allow-secret-key-import --import privkey.asc
author	Oleksandr Gavenko <gavenkoa@gmail.com>
	Thu, 03 Jan 2019 22:13:18 +0200
changeset 2334	c44e4331713c
parent 2230	9e6ad6607a9e
child 2432	04d9591bc5d1
permissions	-rw-r--r--