GPG Tricks

Here is my public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.1 (GNU/Linux)

mQGiBEJZPmwRBAC2M4ckbW7frGcMzP1v0MgcW31pBD27mTvb3XtEg1USL9rUomZS
iftbp+i60LftKeqKZ4Q1CWXq/SymuGdEMBFr8OstExdTJHyMwu3wiYE2gCdPeGH9
bcuBsQUxAzs4Y07kMzZ5t+jLc6MRtFH9mNWRAMMqpJUQTb+rKki8UWlRpwCgoS9B
++kCEsZEUm8CFsfrU+iGWmMD/i+j64K8Q7+FVAsLtv4+Wofdjmxl7Fr4lpZ7fReE
pCjpuNecdlVsop2ocqAbpNjxwFvx9YRJA5k72Afw4WgB6QEFdwL6LxQmDwJZ4qiC
sSIlQFYzk0JM9VAnJSsuJVTzL/IrnCNfIaVgIJzWhEsMaewNsRdWz2duml4QbvEh
RJLNBACpfeqxeZoCw9Ztew7glU+FGC821ub3hfwRG9dRD4O4arGRQ4pTHRIECaqh
ygLstz7F3L4dWvqBNzdrjcj/X2stxeEsw7l2Nf/zL8rAP4OOr1evZJoqEK9/aXNf
LCdJFjg5tWOzBVnMCkFeOpoPZMnO7kSBGR6fOZGusIiDzhJeJ7QiTWF0dGhldyBC
ZWNrbGVyIDxiZWNrMDc3OEB1bW4uZWR1PohkBBMRAgAkBQJCWT5sAhsDBQkJZgGA
BgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEBFL8He1bmsptEEAoKDc9nNRmAgxEfhV
B87vTHQxtBbbAJ9atojPET39EIS2aztNUSYIk1d7lLQnTWF0dGhldyBCZWNrbGVy
IDxtYXRfdGhlX3dAY2hhcnRlci5uZXQ+iGQEExECACQFAkJZPtcCGwMFCQlmAYAG
CwkIBwMCAxUCAwMWAgECHgECF4AACgkQEUvwd7Vuayn3uACeILhe6qkCzxbz5ikK
hMWxA4uROSAAoJUcXZpx4rDwOVqAUG4goB6Wo8cruQINBEJZPn0QCAD5afCKN7zj
e50fpoJ6rjnQtdKtrxGtLrg8od+MAHGxGBg6OG66Ik6cNqp176L/rsMUzVKhQxLF
AUiYY1V47CZ0I28NRNp023pUJtqZ+8U6n25Aa/J7Fh1aSbegQGDhkzg7xjjX7c3c
MDYXi1cWZ9C4koscSCjS6P4rcMmkmjs3fEyRys8NNYHQi3vV4HUDxgzOx/C1C2Rm
c19KJsap3v9aB36KzC+MZxGapWtj50eYdrMBvyjZ1aUxd4xVNvoDMHnaX/+BXXYT
4qtFzPRHaEN91CjtfAsMtEcF1KSESm8XdbhV1bQWlzaLIsGLyu1YAKbNmvQhGg7N
9gqC3eP18vXzAAMFCADbwjaRHPx6A8rO+o1mZpV7LkUNCewklE9z/MLxWHsQxJhU
GFyEOWB6koBA3WEA2rBG8ZrdbpBFowsuO+cSv5+m6I2ndq5EdJTIoGwXOj7oSLIj
0d7L7nPZzBc67AzkQv+xtMEOiml0xXB+/JAlwJySPRkL1nTKVNrPPC1IXVhrm5BA
Msr5xP9v0GAg12aNfJ2LlV6gCIm3/xP04t4awx8MzaLbuwMYV0dDBx0x2Ky6gAd5
VWubBfPP25og0LIbLBu46t29LdOzXKATHJzJp6SDhm9gl8ekFbv1Owu6bgK2NDs5
PwfMC0QHI6lplkuM608YRp2t7dbyZNN60fzCKWfaiE8EGBECAA8FAkJZPn0CGwwF
CQlmAYAACgkQEUvwd7VuaykLNACZAXaw1MWkpNtw4F1TZKc0fihWHH4AoJ0wBneD
dqtlSrjxl6vSKhKZ8dkj
=3Djp
-----END PGP PUBLIC KEY BLOCK-----

Key Maintainence:

• gpg --armor --output alice-anderson-public-key.asc --export alice.anderson@hotmail.com
  This command will export your public key to an ASCII-armored text file. This file is then used for posting to a webpage or printing out for personal distribution.
  
  
• gpg --import bob-brown-public-key.asc
  This command will import a public key file into your keyring. Before you can use this key to encrypt, you need to sign it.
  
  
• gpg --edit-key bob.brown@hotmail.com
  This line opens up a gpg prompt for the key. From the prompt, press "fpr" to see the fingerprint. You then need to confirm that the the fingerprint of the key you just received matches what Bob Brown says it is. You should do this preferably in person, but over the phone will work too.
  
  If the fingerprints match, then sign their key with your own. Type "sign" at the prompt. It will then ask you if you are sure you want to sign this key. Press "y" here. You will be asked for your key's passphrase. Enter your passphrase, and then type "save". Now you are able to encrypt messages/documents with this person's public key.
  
  

Encrypting and Decrypting:

• gpg --output alice-doc.gpg --encrypt --recipient bob.brown@hotmail.com alice-doc
  This command will encrypt the file "alice-doc" to "alice-doc.gpg" using Bob Brown's public key. This means that only Bob can read it.
  
  
• gpg --output bob-doc --decrypt bob-doc.gpg
  If you have been sent an encrypted document, this command will decrypt it for you, turning "bob-doc.gpg" into "bob-doc". It will ask you for your secret key's passphrase.
  
  
• gpg --decrypt bob-doc.gpg
  If you only want to see what the message looks like, you do not need the --output option. This command will decrypt and simply print to the screen.
  
  

Signatures:

You can crytpographically 'sign' a document, thereby assuring the receiver of your document that the document came from you, and that it was not modified in transit.

• gpg --clearsign document
  This command will sign the file, but leave it unencrypted, so anybody can read it. It is useful for distributing files over the internet, in the case of downloading files from a mirror server. How do you know that the people running the mirror aren't putting viruses and harmful code in the files they are hosting for you? You sign all your files before sending them to the mirror, and then your users can check if the signature is still valid.
  
  
• gpg --output document.gpg --sign --encrypt --recipient bob.brown@hotmail.com
  You can also sign and encrypt the same document.
  
  

Back to Matthew Beckler's home page

This page was last updated April 12, 2005