Difference between revisions of "Linux: gpg"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) m (→Signing) Tag: visualeditor |
Rafahsolis (talk | contribs) m (→Generate keys) Tag: visualeditor-switched |
||
| Line 18: | Line 18: | ||
==Asimetric Cipher== | ==Asimetric Cipher== | ||
===Generate keys=== | ===Generate keys=== | ||
| − | gpg --default-new-key-algo rsa4096 --gen-key | + | <source lang=text>-full-generate-key |
| − | + | gpg --default-new-key-algo rsa4096 --gen-key | |
| + | gpg --gen-key</source> | ||
===List private keys=== | ===List private keys=== | ||
| Line 50: | Line 51: | ||
====Encrypt to multiple recipients==== | ====Encrypt to multiple recipients==== | ||
<nowiki>gpg --recipient 42FF42FF \ | <nowiki>gpg --recipient 42FF42FF \ | ||
| − | + | --recipient 12345678 \ | |
| − | + | --recipient FEFEFEFE \ | |
| − | + | --encrypt-files backup.tar</nowiki> | |
===Decrypt with private key=== | ===Decrypt with private key=== | ||
comando gpg -d <encrypted_file> | comando gpg -d <encrypted_file> | ||
| − | === Signing Keys === | + | ===Signing Keys=== |
[https://www.phildev.net/pgp/gpgsigning.html Sign keys] | [https://www.phildev.net/pgp/gpgsigning.html Sign keys] | ||
Revision as of 15:51, 21 March 2019
GnuPG
Simetric Cipher
Encryption
gpg -c file.txt
we will be prompt for a password.
Or:
gpg -ca file.txt
If we want an ascii output
Encrypt & Sign
gpg --encrypt --sign --recipient 'some user ID value' <file>
Decryption
gpg -d file.txt
gpg --output <file> --decrypt <encrypted-and-signed-file>
find . -type f -name '*.gpg' -exec sh -c 'for file do gpg "$file"; done' sh {} +
we will be prompt for a password.
Asimetric Cipher
Generate keys
-full-generate-key
gpg --default-new-key-algo rsa4096 --gen-key
gpg --gen-key
List private keys
gpg --list-secret-keys
Export private key
gpg --export-secret-key -a "User Name" > private.key
Export public key
To file
gpg --output <destination_file.gpg> --export <public_key_ID>
To server
gpg --send-keys --keyserver pgp.mit.edu 18384645
To ascii file
gpg --armor --export you@example.com > mykey.asc
Import secret keys
gpg --allow-secret-key-import --import tmp.asc
Import public keys
From file
gpg --import <publickeyfile.gpg>
From server
gpg --keyserver pgp.mit.edu --recv-keys 18384645
Encrypt with a public key
List public keys
gpg --list-keys
Encrypt one recipient
gpg --recipient <key ID> --encrypt <file>
Encrypt with ascii output
gpg --armor --encrypt --output ~/test.crypt --recipient redteam@bbva.com ~/test.txt
Encrypt to multiple recipients
gpg --recipient 42FF42FF \
--recipient 12345678 \
--recipient FEFEFEFE \
--encrypt-files backup.tar
Decrypt with private key
comando gpg -d <encrypted_file>
Signing Keys
Signing
Sign
gpg -u <private_Key_ID> --output <output_signed_file> --sign <file_to_sign> gpg --local-user <private_Key_ID> --output <output_signed_file> --sign <file_to_sign>
Verify signature
gpg -d <signed_file>
or
gpg --verify <signed_file>
CheatSheet
Gpg_cheat_sheet.tar.gz
https://www.digitalocean.com/community/tutorials/how-to-use-gpg-to-encrypt-and-sign-messages
http://www.g-loaded.eu/2010/11/01/change-expiration-date-gpg-key/