Basic GPG Commands


I hate forgetting things. Here are a few GPG commands for doing the basics from the command line.


See what version you’re at:

gpg --version

List your keys:

gpg --list-keys

Import some keys:

gpg --import pubring.gpg
gpg --import secring.gpg
gpg --import file.asc

Delete keys associated with a certain name:

gpg --delete-keys Uriah

Delete secret keys:

gpg --delete-secret-keys Daniel

Sign a file with ASCII armor (prevents mangling in transit):

gpg -sa file.txt

Sign and encrypt with ASCII armor:

gpg -sea file.txt


gpg -d file.asc

Main Functions


-s, --sign [file] make a signature --clearsign [file] make a clear text signature -b, --detach-sign make a detached signature -e, --encrypt encrypt data -c, --symmetric encryption only with symmetric cipher -d, --decrypt decrypt data (default) --verify verify a signature --list-keys list keys --list-sigs list keys and signatures --check-sigs list and check key signatures --fingerprint list keys and fingerprints -K, --list-secret-keys list secret keys --gen-key generate a new key pair --delete-keys remove keys from the public keyring --delete-secret-keys remove keys from the secret keyring --sign-key sign a key --lsign-key sign a key locally --edit-key sign or edit a key --gen-revoke generate a revocation certificate --export export keys --send-keys export keys to a key server --recv-keys import keys from a key server --search-keys search for keys on a key server --refresh-keys update all keys from a keyserver --import import/merge keys --card-status print the card status --card-edit change data on a card --change-pin change a card's PIN --update-trustdb update the trust database --print-md algo [files] print message digests


-a, --armor create ascii armored output -r, --recipient NAME encrypt for NAME -u, --local-user use this user-id to sign or decrypt -z N set compress level N (0 disables) --textmode use canonical text mode -o, --output use as output file -v, --verbose verbose -n, --dry-run do not make any changes -i, --interactive prompt before overwriting --openpgp use strict OpenPGP behavior --pgp2 generate PGP 2.x compatible messages


Related posts: