ThirdMirrors
/
cheatsheets
mirror of https://gitee.com/Hawkin99/cheatsheets.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update layout & added "Trusting a key"

This commit is contained in:
Bez Hermoso 2017-10-18 18:05:35 -07:00
parent 06f21bdcfb
commit f452cf17ba
No known key found for this signature in database
GPG Key ID: 55BDEC097B885413
1 changed files with 53 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
gnupg.md
View File

@ -18,7 +18,7 @@ Basics
gpg -o key.gpg --export <KEY ID>
```
#### __Export key in ASCII:__
__Export key in ASCII:__
```bash
gpg -o key.asc --armor --export <KEY ID>
@ -33,7 +33,7 @@ gpg --import key.gpg
gpg --import key.asc
```
#### Only merge updates for keys already in key-ring:
Only merge updates for keys already in key-ring:
```bash
gpg --import key.asc --merge-options merge-only
@ -41,21 +41,23 @@ gpg --import key.asc --merge-options merge-only
### Managing your keyring
#### Generate a new key:
Generate a new key:
{: .-setup}
```bash
gpg --gen-key
# or, generate a new key with dialogs for all options
gpg --full-gen-key
```
#### List public keys:
List public keys:
```bash
gpg -k
gpg --list-keys
```
#### List secret keys:
List secret keys:
```bash
gpg -K
@ -65,31 +67,48 @@ gpg --list-secret-keys
### Using a keyserver
#### Import keys from keyserver:
Import keys from keyserver:
{: .-setup}
```bash
gpg --receive-keys <KEY IDS>
```
#### Upload keys to keyserver:
Upload keys to keyserver:
```bash
gpg --send-keys <KEY IDS>
```
#### Request updates from keyserver for keys already in your keyring:
Request updates from keyserver for keys already in your keyring:
```bash
gpg --refresh-keys
```
#### Search keys from keyserver:
Search keys from keyserver:
```bash
gpg --search-keys "<SEARCH STRING>"
```
#### Override keyserver from `~/.gnupg/gpg.conf`
Override keyserver from `~/.gnupg/gpg.conf`
```bash
gpg --keyserver <URL> ...
```
### Trusting a key
```bash
gpg --edit-key <KEY ID>
# In the interactive prompt:
gpg> sign
gpg> quit
```
__NOTE:__ You can use the owner's email or name (or part thereof) instead of the key ID for `--edit-key`
Encrypting
---------
@ -110,7 +129,7 @@ gpg -e -r "Bez" ...
gpg -e -r "bezalelhermoso@gmail.com" ...
```
#### Specifying multiple recipients
Specifying multiple recipients
```bash
gpg -e -r <RECIPIENT> -r <ANOTHER RECIPIENT> ... secret.txt
@ -152,7 +171,7 @@ Signing & Verifying
gpg -o signed-file.txt.gpg -s file.txt
```
#### This can be used during encryption to also sign encrypted files:
This can be used during encryption to also sign encrypted files:
```bash
gpg -s -o secret.txt.gpg \
@ -197,7 +216,7 @@ gpgconf --kill all
### Parsing keyring data
Use `--with-colons` to produce an output that can easily be parsed i.e. with `awk`, `grep`, etc:
Use `--with-colons` to produce an output that can easily be parsed i.e. with `awk`, `grep`. Fields are colon-separated.
```bash
gpg -k --with-colons
@ -205,7 +224,7 @@ gpg -k --with-colons
Field Quick Reference:
| Field | Description |
| Field # | Description |
| 1 | Record type |
| 2 | Validity |
| 3 | Key length in bits |