gpg --gen-key
Create a revocation certificate
gpg --output revoke.asc --gen-revoke key # store revoke.asc somewhere safe!
Upload the public key to a keyserver
After you have created a key pair, you should export your public key and put it on keyserver:
gpg --export --armor name-of-key
Then put key on a keyserver. eg. :
Step 1: Import the key to your keychain
wget http://someserver.com/key.asc gpg --import key.asc
Step 2: Validate the key
If the key is already signed by an entity you trust, this can be skipped. Otherwise
gpg --edit key fpr # validate fingerprint with owner sign # certify it as a valid key
Step 3: Trust the key-owner
gpg --edit key trust # select trust level
Step 4: Export the signed key to a keyserver
gpg --keyserver keys.gnupg.net --send-key key
A neat trick is to write the message in the texteditor, then copy it to clipboard and in the commandline do
xsel -b | gpg --encrypt --armor -r recipient@mail.com | xsel -b # now you have the encrypted message in your clipboard.
To directly send the encrypted text by mail (also showing a shorter version of the above gpg command):
xsel -b | gpg -ear recipient | mail -s"Subject" recipient@mail.com # or send message directly from commandline echo "The cake is a lie" | gpg -ear reciever | mail -s "Subject" receiver@cia.com
gpg -d message # or copy encrypted message to clipboard then do xsel -b | gpg -d
A simple way is to backup your ~/.gnupgp directory :
# create encrypted backup archive tar cfvz - ~/.gnupg/ | gpg -c > gnupgp.tgz.pgp # decrypt and unpack gpg -d gnupgp.tgz.pgp | tar xvz
Put in bashrc
# gpg encrypt clipboard for recipient encclip() { echo "Encrypting for $1" echo "---------------" echo xsel -b echo echo "---------------" echo xsel -b | gpg -ear $1 | xsel -b echo echo "Done. Encrypted contents are in clipboard." }
Use:
# first copy text to clipboard, then do
encclip recipient
gpg -c doc.txt # enter a secure passphrase # the file doc.txt.gpg now contains the encrypted contents
gpg -d doc.txt.gpg > doc.txt