Useful GPG commands (2024)

On this page:

Encryption/decryption commands
Key management commands
Esoteric commands
Command options that can be used in combination with other command options

Encryption/decryption commands

To encrypt a plaintext file with the recipient's public key:
```
gpg -e -r recipient_userid textfile
```
To sign a plaintext file with your secret key:
```
gpg -s textfile
```
To sign a plaintext file with your secret key and have the outputreadable to people without running GPG first:
```
gpg --clearsign textfile
```
To sign a plaintext file with your secret key, and then encrypt itwith the recipient's public key:
```
gpg -se -r recipient_userid
```
To decrypt an encrypted file, or to check the signature integrityof a signed file:
```
gpg [-o outputfile] ciphertextfile
```

Key management commands

To generate your own unique public/secret key pair:
```
gpg --gen-key
```
To add a public or secret key file's contents to your public orsecret key ring:
```
gpg --import keyfile
```
To extract (copy) a key from your public or secret key ring:
```
gpg -ao keyfile --export userid
```
or
See Also
How to encrypt and sign text or files with GPG Services? / GPG Services FAQ / Knowledge Base
```
gpg -ao keyfile --export-secret-key
```
To view the contents of your public key ring:
```
gpg --list-keys
```
To view the "fingerprint" of a public key, to help verify it overthe telephone with its owner:
```
gpg --fingerprint userid
```
To view the contents and check the certifying signatures of yourpublic key ring:
```
gpg --check-sigs
```
To edit a key:
```
gpg --edit-key userid
```
To remove a key or just a userid from your public key ring:
```
gpg --delete-key userid
```
To permanently revoke your own key, issuing a key compromise certificate:
```
gpg --gen-revoke userid
```

To disable or re-enable a public key on your own public key ring:

gpg --batch --edit-key userid disable

gpg --batch -edit-key userid enable

Esoteric commands

To create a signature certificate that is detached from the document:
```
gpg -sb textfile
```
To detach a signature certificate from a signed message:
```
gpg -b ciphertextfile
```

Command options that can be used in combination with other command options

To produce a ciphertext file in ASCII format, add the -a option when encrypting or signing a message or extracting a key:
```
gpg -sea textfile
```
To specify a recipient, add the -r option followed by a user id:
```
gpg -se -r recipient textfile
```
To specify an output file, add the -o option followed by a filename:
```
gpg -d -o outputfile textfile
```

FAQs

What are GPG commands? ›

The gpg command is used for encryption and signing of data. It's also used for key management. This command is especially useful in secure communication, as it allows users to encrypt and decrypt messages, ensuring the privacy and integrity of their data.

Read On ›

What is the best key algorithm in GPG? ›

Public Key Algorithms

The pubkey algorithm options you're likely to see are RSA, RSA-E, RSA-S, ELG-E, and DSA. RSA is probably the most commonly used algorithm. It's faster to verify than DSA but slower to sign; its main benefit is that it has key lengths of up to 4096 bits.

Discover More Details ›

What can you do with GPG? ›

GPG uses public key encryption. You can use someone's public key to encrypt a message or document, in a way that only the owner of the corresponding private key will be able to decrypt.

What is the GPG secret key? ›

GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user's private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate.

See Details ›

Is GPG still used? ›

GPG is in use today by journalists, business leaders, universities, and others who wish to keep the transmission of messages and data secure. The primary issues with GPG continue to be user acceptance, key handling, and the lack of understanding surrounding the complexity of key creation and exchange.

Find Out More ›

What is GPG mostly used in? ›

The GNU Privacy Guard

GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications.

Tell Me More ›

What are the disadvantages of GPG? ›

Difficult User Experience: Many reviewers find the user experience of GnuPG confusing or cryptic, either due to its interface design or because cryptography is naturally complex, making it difficult for most users.

Show Me More ›

Is GPG better than PGP? ›

PGP and GPG provide secure encryption and authentication, with PGP being proprietary and GPG open-source and free. Following Phil Zimmermann's PGP, GPG emerged as an OpenPGP-compliant free version. Your preference between PGP and GPG depends on your willingness to pay for licensing and support services.

Explore More ›

What is GPG vs Ssh? ›

In summary, while both GPG and SSH keys utilize public key cryptography, their primary purposes differ. GPG keys focus on encrypting/decrypting and signing/verifying messages or files, while SSH keys are used for secure remote access and encrypted communication between devices.

How to decrypt a GPG key? ›

Using a Pre-Existing Key From the GPG Key Manager

Within the folder where you would like to enable GPG decryption, click on the Folder Settings button. Expand the GPG encryption/decryption section. Select the Yes, use GPG decryption on all files in this folder and its sub-folders option.

Show Me More ›

How do I list all GPG keys? ›

Open Terminal . Use the gpg --list-secret-keys --keyid-format=long command to list the long form of the GPG keys for which you have both a public and private key. A private key is required for signing commits or tags.

Read The Full Story ›

How to decrypt a PGP message? ›

Decrypt messages

Highlight the block of ciphertext. Open the PGP Tray. Select Current Window. Choose Decrypt & Verify.

See Details ›

What does GPG stand for? ›

The grain per gallon (gpg) is a unit of water hardness defined as 1 grain (64.8 milligrams) of calcium carbonate dissolved in 1 US gallon of water (3.785412 L). It translates into 1 part in about 58,000 parts of water or 17.1 parts per million (ppm). Also called Clark degree (in terms of an imperial gallon).

Get More Info Here ›

What is the difference between PGP and GPG commands? ›

GPG, or GNU Privacy Guard, is an open-source implementation of PGP encryption. It is functionally similar to PGP, but is available for free and can be used on a wider range of devices. PGP is more user-friendly and supports a wider range of cryptographic algorithms. GPG is more powerful and supports digital signatures.

What are GPG files used for? ›

The GNU Privacy Guard (GPG or gpg) tool is a native/baseos security tool for encrypting files. According to the gpg man page: gpg is the OpenPGP (Pretty Good Privacy) part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard.

How to run GPG command? ›

To get started with GPG, you first need to generate your key pair. That is, you will generate both a private and a public key with a single command. Enter your name and email address at the prompts, but accept the default options otherwise. The first key is your private (or secret) key.

View Details ›

Useful GPG commands (2024)

Encryption/decryption commands

Key management commands

Esoteric commands

Command options that can be used in combination with other command options

Related documents

FAQs

What are GPG commands? ›

How do I list all GPG keys? ›