Example of key ID for gpg2:
$ gpg --gen-key # generate a key pair and add the keys in key rings $ gpg -k # show details about public keys $ gpg -K # show details about private keys
Remember that the private key is a secret and should not be published.
$ gpg --output "my public.key" --export -a firstname.lastname@example.org $ cat "my public.key" $ gpg --output "my private.key" --export-secret-key -a email@example.com $ cat "my private.key"
$ gpg --encrypt --sign -r firstname.lastname@example.org secretMessage.txt $ ls secretMessage.txt.gpg $ rm -f secretMessage.txt $ gpg --output secretMessage.txt --decrypt -r email@example.com secretMessage.txt.gpg $ cat secretMessage.txt
Import OpenPGP key only if you know that it actually belongs to a trusted peer.
$ gpg --import [FILE_WITH_KEY]
The imported public OpenPGP key has some contents like
-----BEGIN PGP PUBLIC KEY BLOCK----- ... -----END PGP PUBLIC KEY BLOCK-----
The signature for a file is a proof that the peer who created the signature is aware of the contents of that file. In the most cases signature verification is used to check if that file is genuine.
After you imported a key, you can check the signature like:
$ gpg --verify [FILE].sig
Remeber that you need to have the signed file
[FILE] in the same folder as the signature file
Be careful what keys you delete, especially when deleting private keys.
Find out MORE about GnuPG, OpenPGP and computer security HERE.
$ gpg --delete-key [KEY_ID] # delete a public key $ gpg --delete-secret-key [KEY_ID] # delete a private key