How To Use GPG To Create, List Keys and Sign Files?
GnuPG or GPG is Gnu version of Open PG standard implementation. It is very popular especially at personal use for mails etc. Here I will look basic usage of gpg2 in Linux command line interface. gpg2 is the second major version of gpg.
Create/Generate Private GPG Keys
Here we will create public and private keys for key-ring. Required information asked while certificate generation process. Real name and Email address is given by user and then to encrypt these public and private keys and password is created
$ gpg2 --key-gen
During generation of the GPG Private Keys we will be asked for
Real Name and
List Existing PGP Keys
It can be auto completed by using tab as you can see in first command. In the second command we list existing public keys in keyring. We will provide
--list-key option like below.
$ gpg2 --list-key
We can see that keys are stored in the user home directory
.gnupg directory. Some information like
Valid etc also provided during the listing of the keys.
Sign PGP Key
To sign the data with the specific key not default. Here the
--default-key parameter is looked in keyring in fingerprint, name, email etc. If you want signature apart from data use -b option. We will provide
İsmail as default key with the
--default-key option. We will also provide the data with the
$ gpg2 --default-key İsmail -s test
We will also asked for passphrase to decrypt and use our private key which is create in the previous step.
List Secret Keys
To see private keys and related info like fingerprint. We will use
--list-secret-keys option for this.
$ gpg2 --list-secret-keys
Verify Signed PGP File
The main usage aim of PGP is verifying file whether they are signed accordingly. We can use
--verify option by providing the file name. We will verify the gpg file named
$ gpg2 --verify data.gpg
Some time we may need to use existing key in different systems. We have to export these keys into a file. To export existing keyring and use in other systems. We will export existing keys into file name
$ gpg2 --export > mykeys