#gpg #cheatsheet #cmd

gpg_cheatsheet.md

generate gpg key

gpg --full-generate-key

To export your gpg public key

gpg --armor --export <[email protected] | fingerprint>

where

• --armor tell gpg to encode output in ASCII armor
• --output define the output file to write to, if not provided, will write to console

To add someone to my keychain from the keyserver

gpg --keyserver `dig +short keys.gnupg.net | egrep "^[0-9]" | head -1` --search-key <[email protected] | fingerprint>

where keyserver in this case is the ip from the dig command. This might not work, so go ahead and pick another ip from that command if it doesnt work

To add someone to my keychain

gpg --import public.key

To encrypt a message in base64

echo -n "hello" | gpg --encrypt --recipient <[email protected] | fingerprint> | base64

where

• -n remove trailing newline
• --recipient pick the recipient public key in the keychain to use for encryption. use gpg --list-keys to find out who is in the keychain
• base64 to convert binary encoded output to characters to ensure safe way to transmit data

To encrypted a message in ASCII armor

gpg --encrypt --armor --recipient <[email protected] | fingerprint> <file>

To decrypt a base64 message

echo "base64 string" | base64 -D | gpg --decrypt

where

• base64 -D to convert character back to binary encoded data

signing and verifying a file

gpg --sign <file>
gpg --verify <signed-file>

signing and verifying a file (readable message)

gpg --clearsign <file>
gpg --verify <clearsigned-file>

siging and verifying a file (detach signature)

gpg --detach-sign <file>
gpg --verify <detached-signature-file> <corresponding-content-file>

useful when signing a program, video, image where you do not want to alter the content.

References

http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/

https://stackoverflow.com/questions/201479/what-is-base-64-encoding-used-for

https://medium.com/@acparas/gpg-quickstart-guide-d01f005ca99