lk/data/gpg.md

84 lines
1.7 KiB
Markdown
Raw Normal View History

2022-01-16 18:20:39 +00:00
---
title: "gpg"
tags: [ "Documentation", "data" ]
---
2020-02-07 23:06:49 +00:00
# Making keys
2020-01-02 00:04:35 +00:00
Generate keys:
2020-02-07 23:06:20 +00:00
> gpg --gen-key
2020-01-02 00:04:35 +00:00
Follow the guide.
# Encrypting a file
2020-02-07 23:06:20 +00:00
> gpg -r malinfreeborn@tutamail.com -e file
2020-01-02 00:04:35 +00:00
`-r` specifies the recipient.
Check you have an encrypted version of your file.
# Changing Expiration Dates
gpg --list-keys
... and then use the second part of 'pub', which is the ID. But that's not appearing here so... on with gpg2?
# Making encrypted files with a local password
Make a password with a password (cypher encryption).
> gpg -c --output passwords.txt
or
> gpg -c > passwords.txt
Put in a password.
Write message then stop with Ctrl+d.
Get the message back out the file with:
> gpg -d passwords.txt
2021-10-21 19:46:03 +00:00
# Circles of Trust
Search for a key at any key store:
> gpg --keyserver sks.hklbgd.org --search-keys nestorv
Once you've made a decision about someone:
> gpg --list-keys
You get something like this:
```
pub rsa3072 2021-08-15 [SC] [expires: 2023-08-15]
CD30421FD825696BD95F1FF644C62C57B790D3CF
uid [ultimate] Malin Freeborn <malinfreeborn@posteo.net>
sub rsa3072 2021-08-15 [E] [expires: 2023-08-15]
```
Notice the long, ugly, string - CD30421FD825696BD95F1FF644C62C57B790D3CF - and how horribly ugly it is.
This is a fingerprint.
You can now decide the trust level (this stays on your computer).
2021-11-09 01:36:24 +00:00
> gpg --edit-key (some fingerprint)
2021-10-21 19:46:03 +00:00
2021-10-21 19:48:22 +00:00
Once you're in the interface, type `trust`.
2021-10-21 19:46:03 +00:00
> gpg --sign-key alice@posteo.net
2021-11-09 01:36:24 +00:00
Then send those trusted keys up to a server, so people can see you have verified them:
> gpg --keyserver sks.hklbgd.org --send-keys 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
2021-10-21 19:46:03 +00:00
# Refresh Keys
> gpg --keyserver sks.hklbgd.org --refresh-keys