encrypt file
gpg -c <filename>
decrypt file
gpg <filename>.gpg
clearsign message
gpg --default-key <key_id> -o <output_file> --clearsign <input_file>
search keys
gpg --search <string>
adding notations
i have used this for setting keyoxide proofs
──── ─ gpg --edit-key pyratebeard
Secret key is available.
sec rsa4096/0xC7877C715113A16D
created: 2016-08-18 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/0xA8CA96DB91B17F70
created: 2016-08-18 expires: 2024-08-16 usage: E
ssb rsa2048/0x20E945DD7FC543B7
created: 2016-08-18 expires: 2024-08-16 usage: SA
[ultimate] (1). pyratebeard <root@pyratebeard.net>
[ultimate] (2) pyratebeard <pyratebeard@protonmail.com>
gpg> uid 1
sec rsa4096/0xC7877C715113A16D
created: 2016-08-18 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/0xA8CA96DB91B17F70
created: 2016-08-18 expires: 2024-08-16 usage: E
ssb rsa2048/0x20E945DD7FC543B7
created: 2016-08-18 expires: 2024-08-16 usage: SA
[ultimate] (1)* pyratebeard <root@pyratebeard.net>
[ultimate] (2) pyratebeard <pyratebeard@protonmail.com>
gpg> notation
Enter the notation: proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
Current notations for user ID "pyratebeard <root@pyratebeard.net>":
proof@ariadne.id=https://harbour.cafe/@pyratebeard
proof@ariadne.id=dns:pyratebeard.net?type=TXT
proof@ariadne.id=irc://irc.libera.chat/pyratebeard
Adding notation: proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
sec rsa4096/0xC7877C715113A16D
created: 2016-08-18 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/0xA8CA96DB91B17F70
created: 2016-08-18 expires: 2024-08-16 usage: E
ssb rsa2048/0x20E945DD7FC543B7
created: 2016-08-18 expires: 2024-08-16 usage: SA
[ultimate] (1)* pyratebeard <root@pyratebeard.net>
[ultimate] (2) pyratebeard <pyratebeard@protonmail.com>
gpg> save
to upload the new key to a keyserver incant
gpg --export root@pyratebeard.net | curl -T - https://keys.openpgp.org
view the notations
gpg --edit-key pyratebeard
Secret key is available.
sec rsa4096/0xC7877C715113A16D
created: 2016-08-18 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/0xA8CA96DB91B17F70
created: 2016-08-18 expires: 2024-08-16 usage: E
ssb rsa2048/0x20E945DD7FC543B7
created: 2016-08-18 expires: 2024-08-16 usage: SA
[ultimate] (1). pyratebeard <root@pyratebeard.net>
[ultimate] (2) pyratebeard <pyratebeard@protonmail.com>
gpg> uid 1
sec rsa4096/0xC7877C715113A16D
created: 2016-08-18 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/0xA8CA96DB91B17F70
created: 2016-08-18 expires: 2024-08-16 usage: E
ssb rsa2048/0x20E945DD7FC543B7
created: 2016-08-18 expires: 2024-08-16 usage: SA
[ultimate] (1)* pyratebeard <root@pyratebeard.net>
[ultimate] (2) pyratebeard <pyratebeard@protonmail.com>
gpg> showpref
[ultimate] (1)* pyratebeard <root@pyratebeard.net>
Cipher: AES256, AES, 3DES
AEAD:
Digest: SHA512, SHA256, SHA1
Compression: ZLIB, ZIP, Uncompressed
Features: MDC, AEAD, Keyserver no-modify
Notations: proof@ariadne.id=irc://irc.libera.chat/pyratebeard
proof@ariadne.id=dns:pyratebeard.net?type=TXT
proof@ariadne.id=https://harbour.cafe/@pyratebeard
proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
gpg> quit
- getting "There is no assurance this key belongs to the named user" error
- could be from copying keys to a new machine
gpg --edit-key <key_id> gpg> trust # select trust level
useful links
- gpg signing - traditional vs. pgp/mime
- how to verify software