uTopple Blog | GPG Commands I Don't Want To Forget

GPG Commands I Don't Want To Forget

Some gpg commands I use semi-regularly that I don't want to forget.

List all keys: gpg --list-keys

Encrypt a file: gpg --sign file.txt

Decrypt a file: gpg --output file.txt --decrypt file.txt.gpg

Export a secret key: gpg --export-secret-key -a <identifier>

Export a public key: gpg --export -a <identifier>

Edit a key and add a subkey:

gpg --expert --edit-key <identifier>
> addkey

Show your subkeys and their identifiers: gpg --list-secret-keys --with-subkey-fingerprint

Export just a subkey (such as the SE subkey used for PGP email encryption):

mkdir /tmp/gpg
gpg --export-secret-subkeys -a <identifier>! > /tmp/subkey.gpg
gpg --homedir /tmp/gpg --import /tmp/subkey.gpg
gpg --homedir /tmp/gpg --edit-key <identifer>
> passwd
> save
gpg --homedir /tmp/gpg -a --export-secret-subkeys <identifer>! > /tmp/subkey.altpasswd.gpg