From b7f4aee7a60b03db06475f2a017706494d9a2d44 Mon Sep 17 00:00:00 2001 From: johannst Date: Sat, 19 Dec 2020 00:42:07 +0100 Subject: added gpg cheatsheet --- src/SUMMARY.md | 1 + src/tools/README.md | 1 + src/tools/gpg.md | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 116 insertions(+) create mode 100644 src/tools/gpg.md (limited to 'src') diff --git a/src/SUMMARY.md b/src/SUMMARY.md index 5aa0cc9..455f9a7 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -8,6 +8,7 @@ - [git](./tools/git.md) - [awk](./tools/awk.md) - [emacs](./tools/emacs.md) + - [gpg](./tools/gpg.md) - [gdb](./tools/gdb.md) - [radare2](./tools/radare2.md) diff --git a/src/tools/README.md b/src/tools/README.md index eab09da..cb7b2b0 100644 --- a/src/tools/README.md +++ b/src/tools/README.md @@ -7,5 +7,6 @@ - [git](./git.md) - [awk](./awk.md) - [emacs](./emacs.md) +- [gpg](./gpg.md) - [gdb](./gdb.md) - [radare2](./radare2.md) diff --git a/src/tools/gpg.md b/src/tools/gpg.md new file mode 100644 index 0000000..4e7c73a --- /dev/null +++ b/src/tools/gpg.md @@ -0,0 +1,114 @@ +# gpg(1) + +``` +gpg + -o|--output Specify output file + -a|--armor Create ascii output + -u|--local-user Specify key for signing + -r|--recipient Encrypt for user +``` + +## Generate new keypair +```bash +gpg --full-generate-key +``` + +## List keys +``` +gpg -k / --list-key # public keys +gpg -K / --list-secret-keys # secret keys +``` + +## Edit keys +```bash +gpg --edit-key +``` +Gives prompt to modify `KEY ID`, common commands: +```bash +help show help +save save & quit + +list list keys and user IDs +key select subkey +uid select user ID + +expire change expiration of selected key + +adduid add user ID +deluid delete selected user ID + +addkey add subkey +delkey delete selected subkey +``` + +## Export & Import Keys +```bash +gpg --export --armor --output +gpg --import +``` + +## Search & Send keys +```bash +gpg --keyserver --send-keys +gpg --keyserver --search-keys +``` + +## Encrypt (passphrase) +Encrypt file using `passphrase` and write encrypted data to `.gpg`. +```bash +gpg --symmetric + +# Decrypt using passphrase +gpg -o --decrypt .gpg +``` + +## Encrypt (public key) +Encrypt file with `public key` of specified `recipient` and write encrypted +data to `.gpg`. +```bash +gpg --encrypt -r foo@bar.de + +# Decrypt at foos side (private key required) +gpg -o --decrypt .gpg +``` + +## Signing +Generate a signed file and write to `.gpg`. +```bash +gpg --sign -u foor@bar.de + +# Verify +gpg --verify + +# Extract content from signed file +gpg -o --decrypt .gpg +``` +> Without `-u` use first private key in list `gpg -K` for signing. + +Files can also be `signed` and `encrypted` at once, gpg will first sign the +file and then encrypt it. +```bash +gpg --sign --encrypt +``` + +## Signing (detached) +Generate a `detached` signature and write to `.asc`. +Send `.asc` along with `` when distributing. +```bash +gpg --detach-sign --armor -u foor@bar.de + +# Verify +gpg --verify .asc +``` +> Without `-u` use first private key in list `gpg -K` for signing. + +## Abbreviations +- `sec` secret key +- `ssb` secret subkey +- `pub` public key +- `sub` public subkey + +## Keyservers +- http://pgp.mit.edu +- http://keyserver.ubuntu.com +- hkps://pgp.mailbox.org -- cgit v1.2.3