# GPG Crypto ## General options * `--armor` or `-a`: ASCII armor, output is printable ASCII * `--local-user` or `-u`: specify which ID to use ## Symmetric encryption ### Encrypt file with passphrase gpg --symmetric Add `--armor` to make it readable-ASCII encoded. ### Decrypt gpg --output --decrypt ## Export private key gpg --armor --export-secret-keys ## Export public key gpg --armor --export [--output ] ## Asymmetric crypto gpg --encrypt [--sign] [-u ] [--recipient ] file ## Key management Add new email to key: gpg --edit-key # This gives an interactive shell > adduid # interactive form to provide name, email, comment > save # saves and quits ## gpg-agent `gpg-agent` is a daemon that e.g. provides a passphrase cache for GPG. Running enters an interactive shell. Commands can be also be passed on the command line as individual arguments. Configuration in `~/.gnupg/gpg-agent.conf` * `/bye`: closes connection and shell * `keyinfo --list`: lists some information about keys S KEYINFO FE40F504838C6FEDF80C0A592AE43EA8BFFC619E D - - - P - - - S KEYINFO 8E6D7DD22EA6A76CB7CB4E52315D4F372F67A23C D - - 1 P - - - The long identifier is a "keygrip", use `gpg --list-keys --with-keygrip` to match key with keygrip. The 6th column indicates if the passphrase is currently cached. * `reloadagent`: restarts the agent.