m-chrzan.xyz
aboutsummaryrefslogtreecommitdiff
path: root/gpg.md
blob: d54836df626f0a83fbfab4b6ae2adeeade437929 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# GPG Crypto

## General options

* `--armor` or `-a`: ASCII armor, output is printable ASCII
* `--local-user` or `-u`: specify which ID to use

## Symmetric encryption

### Encrypt file with passphrase

    gpg --symmetric <file>

Add `--armor` to make it readable-ASCII encoded.

### Decrypt

    gpg --output <out-file> --decrypt <in-file>

## Export private key

    gpg --armor --export-secret-keys <ID>

## Export public key

    gpg --armor --export <ID> [--output <file>]

## Asymmetric crypto

    gpg --encrypt [--sign] [-u <signer>] [--recipient <receipient>] file

## gpg-agent

`gpg-agent` is a daemon that e.g. provides a passphrase cache for GPG. Running
enters an interactive shell. Commands can be also be passed on the command line
as individual arguments.

Configuration in `~/.gnupg/gpg-agent.conf`

* `/bye`: closes connection and shell
* `keyinfo --list`: lists some information about keys

    S KEYINFO FE40F504838C6FEDF80C0A592AE43EA8BFFC619E D - - - P - - -
    S KEYINFO 8E6D7DD22EA6A76CB7CB4E52315D4F372F67A23C D - - 1 P - - -

  The long identifier is a "keygrip", use `gpg --list-keys --with-keygrip` to
  match key with keygrip. The 6th column indicates if the passphrase is currently
  cached.
* `reloadagent`: restarts the agent.