GnuPG Examples

Examples for MacOS, Windows and Linux.

Generate a key pair

$ gpg --gen-key     # generate a key pair and add the keys in key rings
$ gpg -k	# show details about public keys
$ gpg -K	# show details about private keys

Example of key ID for gpg2: 688B8380C76F876F37E8EC1A1A649BEB6789A8DC.

Export keys

$ gpg --output "my public.key" --export -a email@example.com
$ cat "my public.key"
$ gpg --output "my private.key" --export-secret-key -a email@example.com
$ cat "my private.key"

Remember that the private key is a secret and should not be published.

Encrypt and decrypt files

$ gpg --encrypt --sign -r email@example.com secretMessage.txt
$ ls secretMessage.txt.gpg
$ rm -f secretMessage.txt
$ gpg --output secretMessage.txt --decrypt  -r email@example.com secretMessage.txt.gpg
$ cat secretMessage.txt

Import keys

Import OpenPGP key only if you know that it actually belongs to a trusted peer.

$ gpg --import [FILE_WITH_KEY]

The imported public OpenPGP key has some contents like

-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----

Verify signatures for files

The signature for a file is a proof that the peer who created the signature is aware of the contents of that file. In the most cases signature verification is used to check if that file is genuine.

After you imported a key, you can check the signature like:

$ gpg --verify [FILE].sig

Remeber that you need to have the signed file [FILE] in the same folder as the signature file [FILE].sig

Delete keys

Be careful what keys you delete, especially when deleting private keys.

$ gpg --delete-key [KEY_ID]          # delete a public key
$ gpg --delete-secret-key [KEY_ID]         # delete a private key

Find out MORE about GnuPG, OpenPGP and computer security HERE.