Thursday, 27 September 2012

GnuPG cheat sheet

The PGP and GnuPG encryption programs are excellent but not all that intuitive. I use GPG a lot, on both Windows and Linux command lines, and I still have to refer to the documentation from time to time.

Here is a cheat sheet of commands I use frequently.


  1. Encrypting
  2. Decrypting
  3. Importing keys
  4. Exporting keys
  5. Listing keys

1. Encrypting

a) Encrypt with a password:

gpg -c -o file.txt.gpg file.txt

[use conventional encryption;
output to file.txt.gpg;
encrypt file.txt]

b) Encrypt multiple files with the same password (Linux):

Create a bash script containing at least the following.
for a
echo "Encrypting $a..."
echo password123 | gpg --batch -q -c --passphrase-fd 0 --cipher-algo AES256 $a
$ ./ files/*

The above command will encrypt all files in the 'files' directory, using conventional encryption with the password of password123

c) Encrypt using a public key:

gpg -e -r simon file.txt

[encrypt to a recipient called simon;
encrypt file.txt]

d) Encrypt using multiple public keys:

gpg -e -r simon -r john file.txt

[encrypt to recipients simon and john;
encrypt file.txt]

e) Encrypt multiple files with one or more public keys:

gpg --encrypt-files -r simon -r john *.txt

[encrypt multiple files;
encrypt to recipients simon and john;
encrypt all files in the current directory with the file extension .txt]

2. Decrypting

a) Decrypt with a password:

gpg -d file.txt.gpg

[decrypt file.txt.gpg to the terminal]

b) Decrypt with a password:

gpg -d file.txt.gpg > file.txt

[decrypt file.txt.gpg to file.txt]

3. Importing keys

a) Import a third-party's public key

gpg --import john.txt

4. Exporting keys

a) Export your public key

gpg --export -a > pub.txt

[export in ascii format;
save to pub.txt]

b) Export someone else's public key

gpg --export -a "john" > john.txt

[export in ascii format;
use john's public key;
save to john.txt]

5. Listing keys

a) List public keys

gpg --list-keys

b) List secret keys

gpg --list-secret-keys