gpg --gen-key
This documentation provides the basic usage of GPG: creating, importing, exporting, and submitting keys to keyservers. Use your distro package manager to install GNU Privacy Guard (GPG). It will be installed by default in most recent distributions.
gpg --gen-key
It will ask lot of questions to create the key. You can use the default values. Remember your passphrase.
gpg --armour --export "Tom Cruise <tom.cruise@e-mail.com>" > \
pubkey.asc
Your public key is pubkey.asc. You can check the current keys present using:
gpg --list-keys
A sample output:
~/.gnupg/pubring.gpg ------------------------------ pub 1024D/1644B902 2007-01-02 uid Tom Cruise <tom.cruise@e-mail.com> sub 2048g/4A7258D9 2007-01-02
The keyID is 1644B902.
To submit keys to a keyserver, say, pgp.mit.edu, do:
gpg --keyserver pgp.mit.edu --send-key 1644B902
You can search for keys using:
gpg --keyserver pgp.mit.edu --search-keys "Tom Cruise"
To import keys to your pubring, you can do:
gpg --import whoispubkey.asc
To sign a document to send it to say, katie.holmes@e-mail.com, use the —encrypt option. You must have Katie Holmes' public key in your pubring.
gpg --output doc.gpg --encrypt --recipient \
katie.holmes@e-mail.com document
As Katie Holmes, if you want to decrypt the above message, you can do:
gpg --output document --decrypt doc.gpg
It will ask for your passphrase.
You can also clearsign the document to be sent, via e-mail, for example, use:
gpg --clearsign document
The document contents will be embedded between the PGP signed message, as shown below:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [----document-content-----] -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iaYEA3ECAbYFA2dY3Qo4Cgk2J916UL31dqz4IwC5Q7wP6j/i8lhbcwSK4rLyQB1 oCoAoOwqpaqEfr4eOksqHeLE/r8/Ra2k =y3k2 -----END PGP SIGNATURE-----