GPG

From YM2149.org

Revision as of 17:49, 21 November 2024 by Andrzej (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

also known as GNU Privacy Guard or GnuPG
somewhat convenient way to manage your secrets

Config

~/.gnupg/gpg-agent.conf
default-cache-ttl ... to lock a key after the given number of seconds if unused
max-cache-ttl ... to lock a key after the given number of seconds no matter what

Share

typically you will generate a secret key per account and system for decryption, and copy its public key to other places for encryption there
gpg --output payload --export ... on the origin system to export a public key
gpg --import payload on the target system to import it
- then you need to trust it, see below

Agent

gpg-connect-agent <<<help for list of commands
- gpg-connect-agent <<<'help ...' for help on a specific command
gpg-connect-agent <<<reloadagent to pick up new config
- this also forgets cached passphrases
gpg-connect-agent <<<'keyinfo --list' to check which keys (by keygrip) are currently unlocked, look for a 1
- note that all keys with the same passphrase are unlocked even if this shows just one of them is
- gpg --list-secret-keys --with-keygrip to show the keygrips of your secret keys

Shell

gpg --edit-key ...
trust to make an imported public key usable for encryption
passwd to change the passphrase

Retrieved from ‘https://ym2149.org/s/ym2149.org/index.php?title=GPG&oldid=423’

Wisdom

Navigation menu