· 6 years ago · Aug 06, 2019, 09:14 PM
1# GPG basics:
2
3GPG is sensitive to the order of command-line options.
4
5## List installed keys
6```
7gpg --list-keys
8gpg --list-secret-keys
9```
10
11## Generate and Backup a new Key
121. Generate key with full options:
13 ```
14 gpg --full-generate-key
15 ```
161. Backup the revocation certificate. It is generated in step 1 above.
171. Export the public key
18 ```
19 gpg --armor --output public.key --export <key-id>
20 ```
211. Export the secret key
22 ```
23 gpg --armor --output secret.key --export-secret-key <key-id>
24 ```
25Backup these files in a safe location. The key files are irreplaceable. The revocation cert can be regenerated from the secret key.
26
27
28## Delete the key pair
29First delete the secret key.
30```
31gpg --delete-secret-keys <key-id>
32gpg --delete-keys <key-id>
33```
34
35## Import the key pair on a new machine
36```
37gpg --import secret.key
38gpg --import public.key
39```
40
41# Use the GPG key to encrypt/decrypt files
42```
43gpg --output <myfile.gpg> --encrypt --recipient <receipient-key-ID> <myfile>
44gpg --output <myfile> --decrypt <myfile.gpg>
45```
46Decryption will automatically choose the right secret key, assuming you have it.