How To Use GPG To Create, List Keys and Sign Files? – POFTUT

How To Use GPG To Create, List Keys and Sign Files?

by

GnuPG or GPG is Gnu version of Open PG standard implementation. It is very popular especially at personal use for mails etc. Here I will look basic usage of gpg2 in Linux command line interface. gpg2 is the second major version of gpg.

Create/Generate Private GPG Keys

Here we will create public and private keys for key-ring. Required information asked while certificate generation process. Real name and Email address is given by user and then to encrypt these public and private keys and password is created

$ gpg2 --key-gen
Create/Generate Private GPG Keys
Create/Generate Private GPG Keys

During generation of the GPG Private Keys we will be asked for Real Name and Email . After providing this information we will need to enter a passphrase which will be used to encrypt our GPG Private Key. Generation of the private key requires some randomness which may take some time according to the situation. After keys are generated their serial number are provided.

List Existing PGP Keys

It can be auto completed by using tab as you can see in first command. In the second command we list existing public keys in keyring. We will provide --list-key option like below.

$ gpg2 --list-key
List Existing PGP Keys
List Existing PGP Keys

We can see that keys are stored in the user home directory .gnupg directory. Some information like Valid etc also provided during the listing of the keys.

Sign PGP Key

To sign the data with the specific key not default. Here the --default-key parameter is looked in keyring in fingerprint, name, email etc. If you want signature apart from data use -b option. We will provide İsmail as default key with the --default-key option. We will also provide the data with the -s option.

$ gpg2 --default-key İsmail -s test
Sign PGP Key
Sign PGP Key
GPG Passphrase
GPG Passphrase

We will also asked for passphrase to decrypt and use our private key which is create in the previous step.

LEARN MORE  UEFI or Unified Extensible Firmware Interface

List Secret Keys

To see private keys and  related info like fingerprint. We will use --list-secret-keys  option for this.

$ gpg2 --list-secret-keys
List Secret Keys
List Secret Keys

Verify Signed PGP File

The main usage aim of PGP is verifying file whether they are signed accordingly. We can use --verify option by providing the file name. We will verify the gpg file named data.gpg.

$ gpg2 --verify data.gpg
Verify Signed PGP File
Verify Signed PGP File

Export Keys

Some time we may need to use existing key in different systems. We have to export these keys into a file. To export existing keyring and use in other systems. We will export existing keys into file name mykeys

$ gpg2 --export > mykeys
Export Keys
Export Keys

 

How To Use GPG To Create, List Keys and Sign Files? Infographic

How To Use GPG To Create, List Keys and Sign Files? Infographic
How To Use GPG To Create, List Keys and Sign Files? Infographic

 

Leave a Comment