Difference between revisions of "Gpg"
(Created page with "=gpg= ==Generating new set of keys== We can use <pre> gpg --gen-key </pre> to generate new GPG keys. Preferred options are all default 'DSA and Elgamal' for key type, 2048 b...") |
m |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Gpg|gpg]] | |||
==Generating new set of keys== | ==Generating new set of keys== | ||
Line 99: | Line 99: | ||
More information on gpg can be read using '<tt>man gpg</tt>'. There is also GUI with name '<tt>kgpg</tt>' which allows all these operations using nice GUI interface | More information on gpg can be read using '<tt>man gpg</tt>'. There is also GUI with name '<tt>kgpg</tt>' which allows all these operations using nice GUI interface | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Gpg|gpg]] |
Latest revision as of 16:01, 24 March 2022
Home > CentOS > CentOS 6.x > Security tools > gpg
Generating new set of keys
We can use
gpg --gen-key
to generate new GPG keys. Preferred options are all default 'DSA and Elgamal' for key type, 2048 bit for key size and key does not expire (0). The keys generated get stored in sub-folders / files inside ~/.gnupg
Encrypting a file
To encrypt file use
gpg -r <name> -e <file_to_encrypt>
Here, <name> should be same as name used above while generating key. Even partial matches of name like just first name also work. If file is encrypted successfully then there is '<file_to_encrypt>.gpg' file in the same folder.
Decrypting encrypted file
To decrypt file use
gpg --output <file_name> -d <encrypted_file>
Then one has to enter correct passphrase as was used during generating keys to decrypt file properly.
Changing passphrase of key
To change passphrase of key use:
gpg --edit-key <name>
where name is same as used while generating key. This command takes to a editing menu which supports help command. 'passwd' option can be used to change passphrase and then 'save' can be used to save and quit.
Encrypt using symmetric key
To encrypt file using symmetric key use:
gpg -c <file_to_encrypt>
Decrypt file encrypted using symmetric key
To decrypt file encrypted using symmetric key use:
gpg --output <file_name> -d <encrypted_file>
Note that decryption command is same as used for decrypting file encrypted using public key algorithms. gpg intelligently detects the algorithm used to encrypt file and prompts for passphrase accordingly.
Sign a file
To create a signature we can use:
gpg -s <file_to_sign>
which generates a .gpg file. We can also use -b command to create a detached signature which has .sig extension.
Verify signature on a file
In case signature is not deatched then we can use
gpg --verify <signed_file>
to verify the signature.
But in case detached signature was generated then we can use
gpg --verify <signature> <file that was signed>
Listing keys
We can use:
gpg --list-keys
to list all keys
To list only public keys use:
gpg --list-public-keys
Similarly to list only secret keys use:
gpg --list-secret-keys
More information on gpg can be read using 'man gpg'. There is also GUI with name 'kgpg' which allows all these operations using nice GUI interface
Home > CentOS > CentOS 6.x > Security tools > gpg