GnuPG, GNU Privacy Guard, is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and communications.


Cheat Sheet

Keys Management

Generate A New Key

# You will be prompted with a few questions. Follow the instructions to generate the key.
gpg --full-generate-key

List Keys

# List the private keys
gpg --list-secret-keys [--keyid-format=long]

# List the public keys
gpg --list-keys [--keyid-format=long]

Export Keys

# Export the private key
gpg --output /path/to/output/private.asc --armor --export-secret-key KEY_ID

# Export the public key
gpg --output /path/to/output/public.asc --armor --export KEY_ID

Import Key

gpg --import /path/to/key

Delete Keys

# Delete private keys
gpg --delete-secret-key KEY_ID [...KEY_IDS]

# Delete public keys
# - If the public key is associated with the private key, the private key has to be deleted first.
gpg --delete-key KEY_ID [...KEY_IDS]


# Encrypt the file
# - You must first import the public key of the recipient.
gpg --output /path/to/encrypted.txt.gpg --encrypt --recipient /path/to/plain.txt

# Decrypt the file
# - You will need the corresponding private key.
gpg --output /path/to/plain.txt --decrypt /path/to/encrypted.txt.gpg


# Sign the message
shasum -a 256 /path/to/file.txt | awk '{print $1}' > /path/to/file.txt.sha256sum
gpg --output /path/to/file.txt.sha256sum.sig --sign /path/to/file.txt.sha256sum

# Verify the signature
gpg --verify /path/to/file.txt.sha256sum.sig

Last updated