aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/SUMMARY.md1
-rw-r--r--src/tools/README.md1
-rw-r--r--src/tools/gpg.md114
3 files changed, 116 insertions, 0 deletions
diff --git a/src/SUMMARY.md b/src/SUMMARY.md
index 5aa0cc9..455f9a7 100644
--- a/src/SUMMARY.md
+++ b/src/SUMMARY.md
@@ -8,6 +8,7 @@
- [git](./tools/git.md)
- [awk](./tools/awk.md)
- [emacs](./tools/emacs.md)
+ - [gpg](./tools/gpg.md)
- [gdb](./tools/gdb.md)
- [radare2](./tools/radare2.md)
diff --git a/src/tools/README.md b/src/tools/README.md
index eab09da..cb7b2b0 100644
--- a/src/tools/README.md
+++ b/src/tools/README.md
@@ -7,5 +7,6 @@
- [git](./git.md)
- [awk](./awk.md)
- [emacs](./emacs.md)
+- [gpg](./gpg.md)
- [gdb](./gdb.md)
- [radare2](./radare2.md)
diff --git a/src/tools/gpg.md b/src/tools/gpg.md
new file mode 100644
index 0000000..4e7c73a
--- /dev/null
+++ b/src/tools/gpg.md
@@ -0,0 +1,114 @@
+# gpg(1)
+
+```
+gpg
+ -o|--output Specify output file
+ -a|--armor Create ascii output
+ -u|--local-user <name> Specify key for signing
+ -r|--recipient Encrypt for user
+```
+
+## Generate new keypair
+```bash
+gpg --full-generate-key
+```
+
+## List keys
+```
+gpg -k / --list-key # public keys
+gpg -K / --list-secret-keys # secret keys
+```
+
+## Edit keys
+```bash
+gpg --edit-key <KEY ID>
+```
+Gives prompt to modify `KEY ID`, common commands:
+```bash
+help show help
+save save & quit
+
+list list keys and user IDs
+key <N> select subkey <N>
+uid <N> select user ID <N>
+
+expire change expiration of selected key
+
+adduid add user ID
+deluid delete selected user ID
+
+addkey add subkey
+delkey delete selected subkey
+```
+
+## Export & Import Keys
+```bash
+gpg --export --armor --output <KEY.PUB> <KEY ID>
+gpg --import <FILE>
+```
+
+## Search & Send keys
+```bash
+gpg --keyserver <SERVER> --send-keys <KEY ID>
+gpg --keyserver <SERVER> --search-keys <KEY ID>
+```
+
+## Encrypt (passphrase)
+Encrypt file using `passphrase` and write encrypted data to `<file>.gpg`.
+```bash
+gpg --symmetric <file>
+
+# Decrypt using passphrase
+gpg -o <file> --decrypt <file>.gpg
+```
+
+## Encrypt (public key)
+Encrypt file with `public key` of specified `recipient` and write encrypted
+data to `<file>.gpg`.
+```bash
+gpg --encrypt -r foo@bar.de <file>
+
+# Decrypt at foos side (private key required)
+gpg -o <file> --decrypt <file>.gpg
+```
+
+## Signing
+Generate a signed file and write to `<file>.gpg`.
+```bash
+gpg --sign -u foor@bar.de <file>
+
+# Verify
+gpg --verify <file>
+
+# Extract content from signed file
+gpg -o <file> --decrypt <file>.gpg
+```
+> Without `-u` use first private key in list `gpg -K` for signing.
+
+Files can also be `signed` and `encrypted` at once, gpg will first sign the
+file and then encrypt it.
+```bash
+gpg --sign --encrypt <file>
+```
+
+## Signing (detached)
+Generate a `detached` signature and write to `<file>.asc`.
+Send `<file>.asc` along with `<file>` when distributing.
+```bash
+gpg --detach-sign --armor -u foor@bar.de <file>
+
+# Verify
+gpg --verify <file>.asc <file>
+```
+> Without `-u` use first private key in list `gpg -K` for signing.
+
+## Abbreviations
+- `sec` secret key
+- `ssb` secret subkey
+- `pub` public key
+- `sub` public subkey
+
+## Keyservers
+- http://pgp.mit.edu
+- http://keyserver.ubuntu.com
+- hkps://pgp.mailbox.org