$ gpg --list-secret-keys --keyid-format LONG
$ gpg --full-generate-key
$ gpg --list-secret-keys --keyid-format=long
$ gpg --armor --export KEY-ID > ~/yourkey-public.asc
$ gpg --armor --export-secret-keys KEY-ID > ~/yourkey-private.ascSign a file with specific key:
$ gpg --sign --local-user KEY-ID --output some.sig --detach-sig some.exe
Now check the signature:
$ gpg --verify some.sig some.exe
gpg: Signature made 02/15/21 14:16:55 W. Europe Standard Time
gpg: using RSA key KEY-ID
gpg: Good signature from "user <[email protected]>" [ultimate]
$ echo $?
0
$ gpg --verify some.sig another.exe
gpg: Signature made 02/15/21 14:16:55 W. Europe Standard Time
gpg: using RSA key KEY-ID
gpg: BAD signature from "user <[email protected]>" [ultimate]
$ echo $?
1
Say you've created a key just for signing ([SC]) and now you want to extend it with encrypting capabilities:
$ gpg --edit-key K3B36613975DB722
gpg> change-usage
Changing usage of the primary key.
Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? E
Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? QPack the folder into a single archive file (no compression):
$ tar -C /path/to/folder/to/encrypt -cf archName.tar .If you haven't already, export your public key on local machine (where your keychain is), transfer it to the server and import it there:
$ gpg --import your-public-key.asc Now you can encrypt the archive:
$ gpg --encrypt --recipient [email protected] archName.tar