2022-01-16 18:20:39 +00:00
|
|
|
---
|
|
|
|
|
title: "gpg"
|
|
|
|
|
tags: [ "Documentation", "data" ]
|
|
|
|
|
---
|
2020-02-07 23:06:49 +00:00
|
|
|
# Making keys
|
2020-01-02 00:04:35 +00:00
|
|
|
|
|
|
|
|
Generate keys:
|
|
|
|
|
|
2020-02-07 23:06:20 +00:00
|
|
|
> gpg --gen-key
|
2020-01-02 00:04:35 +00:00
|
|
|
|
|
|
|
|
Follow the guide.
|
|
|
|
|
|
|
|
|
|
# Encrypting a file
|
|
|
|
|
|
2022-05-16 22:23:53 +00:00
|
|
|
> gpg -r malinfreeborn@posteo.net -e file
|
2020-01-02 00:04:35 +00:00
|
|
|
|
|
|
|
|
`-r` specifies the recipient.
|
|
|
|
|
|
|
|
|
|
Check you have an encrypted version of your file.
|
|
|
|
|
|
|
|
|
|
# Changing Expiration Dates
|
|
|
|
|
|
|
|
|
|
gpg --list-keys
|
|
|
|
|
|
|
|
|
|
... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2?
|
|
|
|
|
|
|
|
|
|
# Making encrypted files with a local password
|
|
|
|
|
|
|
|
|
|
Make a password with a password (cypher encryption).
|
|
|
|
|
|
|
|
|
|
> gpg -c --output passwords.txt
|
|
|
|
|
|
|
|
|
|
or
|
|
|
|
|
|
|
|
|
|
> gpg -c > passwords.txt
|
|
|
|
|
|
|
|
|
|
Put in a password.
|
|
|
|
|
|
|
|
|
|
Write message then stop with Ctrl+d.
|
|
|
|
|
|
|
|
|
|
Get the message back out the file with:
|
|
|
|
|
|
|
|
|
|
> gpg -d passwords.txt
|
|
|
|
|
|
2021-10-21 19:46:03 +00:00
|
|
|
# Circles of Trust
|
|
|
|
|
|
|
|
|
|
Search for a key at any key store:
|
|
|
|
|
|
2023-04-11 12:40:50 +00:00
|
|
|
> gpg --search-keys nestorv
|
2021-10-21 19:46:03 +00:00
|
|
|
|
|
|
|
|
Once you've made a decision about someone:
|
|
|
|
|
|
|
|
|
|
> gpg --list-keys
|
|
|
|
|
|
|
|
|
|
You get something like this:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
|
|
|
|
|
CD30421FD825696BD95F1FF644C62C57B790D3CF
|
|
|
|
|
uid [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
|
|
|
|
|
sub rsa3072 2021-08-15 [E] [expires: 2023-08-15]
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
|
|
|
|
|
This is a fingerprint.
|
|
|
|
|
|
|
|
|
|
You can now decide the trust level (this stays on your computer).
|
|
|
|
|
|
2022-12-02 19:44:46 +00:00
|
|
|
> gpg --edit-key *CD30421FD825696BD95F1FF644C62C57B790D3CF*
|
2021-10-21 19:46:03 +00:00
|
|
|
|
2021-10-21 19:48:22 +00:00
|
|
|
Once you're in the interface, type `trust`.
|
2021-10-21 19:46:03 +00:00
|
|
|
|
|
|
|
|
> gpg --sign-key alice@posteo.net
|
|
|
|
|
|
2021-11-09 01:36:24 +00:00
|
|
|
Then send those trusted keys up to a server, so people can see you have verified them:
|
|
|
|
|
|
2023-04-11 12:40:50 +00:00
|
|
|
> gpg --send-keys *024C6B1C84449BD1CB4DF7A152295D2377F4D70F*
|
2021-11-09 01:36:24 +00:00
|
|
|
|
2021-10-21 19:46:03 +00:00
|
|
|
# Refresh Keys
|
|
|
|
|
|
2023-04-11 12:40:50 +00:00
|
|
|
> gpg --refresh-keys
|
2021-10-21 19:46:03 +00:00
|
|
|
|
2022-05-01 18:53:16 +00:00
|
|
|
# Export
|
|
|
|
|
|
2023-04-04 15:35:17 +00:00
|
|
|
Your public key:
|
|
|
|
|
|
2022-05-01 18:53:16 +00:00
|
|
|
> gpg --output *me*.gpg --armor --export
|
|
|
|
|
|
2023-04-04 15:35:17 +00:00
|
|
|
or
|
|
|
|
|
|
2023-04-17 07:16:03 +00:00
|
|
|
> gpg --export -a *person@email.tld* > *my_key*.pub
|
2023-04-04 15:35:17 +00:00
|
|
|
|
