GnuPG Cheatsheet

Mar 2 2008

This semester I have enrolled in a security unit at my local University. Before we get into the mechanics of modern security techniques (mathematical theory, ciphers, protocols, hashing, Kerberos)—the first lecture kicked off with a gentle overview of PKI and the basics of using the Gnu Privacy Guard (aka GnuPG or GPG for short). In short it is a complete and free implementation of the OpenPGP standard. I havent used GPG on the Windows platform before—there are win32 binaries available for download straight from the official site. Like most Unix born software it is very portable. The binaries are happy running off a mass storage device (eg. a USB flashdrive) assuming the drive is mounted on a suitable Windows host. I hope to make PGP-type security more of apart of my day-to-day routine... im not aware of many people that use PGP compatible systems—I wonder why this is? My public key is also now available on the about page.

Generate a key pair:
gpg --gen-key

Encrypt file:
gpg --armor --output Example.txt.gpg --recipient "Charlie Brown" --encrypt Example.txt
gpg -a -r "Charlie Brown" -e Example.txt

Decrypt file:
gpg --output ExampleDecrypted.txt --decrypt Example.txt.gpg
gpg -d Example.txt.gpg

To export a public key:
gpg --export --armor "Charlie Brown" > CharliePublic.key

Import public key:
gpg --import Alice.key

Delete a public key:
gpg --delete-key "Charlie Brown"

To export a private key:
gpg --export-secret-key --armor "Charlie Brown" > CharliePrivate.key

To import a private key:
gpg --allow-secret-key-import --import CharliePrivate.key

Delete a private key:
gpg --delete-secret-key "Ben Simmonds"

Sign a message:
gpg --output ExampleSigned.txt --clearsign Example.txt

Verify the message:
gpg --verify ExampleSigned.txt

Encrypt and sign a message simultaneously:
gpg --armor --output ExampleSignedEncrypted.txt --recipient "Charlie Brown" --encrypt --sign Example.txt

Decrypt and verify the encrypted and signed message:
gpg --output ExampleDecryptedVerified.txt --decrypt ExampleSignedEncrypted.txt

Create a detached signature:
gpg --armor --output Exa mpleDetachedSignature.txt --detach-sig Example.txt

Verify the detached signature for a given file:
gpg --verify ExampleDetachedSignature.txt Example.txt

Generate a list of numbers that can be used to verify public keys:
gpg --fingerprint > Fingerprints.txt

BizTalk
Posted by: Ben Simmonds
Last revised: 28 Jun, 2011 01:17 PM

Comments

No comments yet. Be the first!

No new comments are allowed on this post.

Powered by FunnelWeb, the blog engine of real developers.

Is this your blog? Log in and update it.