Created
February 10, 2018 13:01
-
-
Save evpo/4b9786dad44046d9de5a9c681d0d2d40 to your computer and use it in GitHub Desktop.
GnuPG: Sample commands to store master key offline and use subkeys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################## | |
| # In your underground bunker: | |
| ############################## | |
| ubuntu@sign-key-owner:~$ gpg2 --list-secret-keys | |
| /home/ubuntu/.gnupg/pubring.gpg | |
| ------------------------------- | |
| sec rsa2048/26AD9CA6 2018-02-10 [SC] [expires: 2018-02-20] | |
| uid [ultimate] Shelling Point <nowhere@north.pole> | |
| ssb rsa2048/4CC51AF4 2018-02-10 [E] [expires: 2018-02-20] | |
| ssb rsa2048/3D534625 2018-02-10 [S] [expires: 2018-02-20] | |
| gpg2 --output working-keys.gpg --export-secret-subkeys 0x4CC51AF4! 3D534625! | |
| ############################## | |
| # On your desktop | |
| ############################## | |
| ubuntu@key-recipient:~$ gpg2 --import working-keys.gpg | |
| ubuntu@key-recipient:~$ gpg2 --list-keys | |
| /home/ubuntu/.gnupg/pubring.kbx | |
| ------------------------------- | |
| pub rsa2048/26AD9CA6 2018-02-10 [SC] [expires: 2018-02-20] | |
| uid [ unknown] Shelling Point <nowhere@north.pole> | |
| sub rsa2048/4CC51AF4 2018-02-10 [E] [expires: 2018-02-20] | |
| sub rsa2048/3D534625 2018-02-10 [S] [expires: 2018-02-20] | |
| ubuntu@key-recipient:~$ gpg2 --list-secret-keys | |
| /home/ubuntu/.gnupg/pubring.kbx | |
| ------------------------------- | |
| sec# rsa2048/26AD9CA6 2018-02-10 [SC] [expires: 2018-02-20] | |
| uid [ unknown] Shelling Point <nowhere@north.pole> | |
| ssb rsa2048/4CC51AF4 2018-02-10 [E] [expires: 2018-02-20] | |
| ssb rsa2048/3D534625 2018-02-10 [S] [expires: 2018-02-20] | |
| ubuntu@key-recipient:~$ gpg2 --edit-key 0x26AD9CA6 | |
| Secret key is available. | |
| pub rsa2048/26AD9CA6 | |
| created: 2018-02-10 expires: 2018-02-20 usage: SC | |
| trust: unknown validity: unknown | |
| ssb rsa2048/4CC51AF4 | |
| created: 2018-02-10 expires: 2018-02-20 usage: E | |
| ssb rsa2048/3D534625 | |
| created: 2018-02-10 expires: 2018-02-20 usage: S | |
| [ unknown] (1). Shelling Point <nowhere@north.pole> | |
| gpg> addkey | |
| Secret parts of primary key are not available. | |
| ubuntu@key-recipient:~$ gpg2 --output for-sender.gpg --export 0x26AD9CA6 | |
| ############################## | |
| # On the sender who writes to you | |
| ############################## | |
| ubuntu@key-sender:~$ gpg2 --import for-sender.gpg | |
| gpg: key 26AD9CA6: public key "Shelling Point <nowhere@north.pole>" imported | |
| gpg: Total number processed: 1 | |
| gpg: imported: 1 | |
| ubuntu@key-sender:~$ gpg2 --edit-key 0x26AD9CA6 | |
| pub rsa2048/26AD9CA6 | |
| created: 2018-02-10 expires: 2018-02-20 usage: SC | |
| trust: unknown validity: unknown | |
| sub rsa2048/4CC51AF4 | |
| created: 2018-02-10 expires: 2018-02-20 usage: E | |
| sub rsa2048/3D534625 | |
| created: 2018-02-10 expires: 2018-02-20 usage: S | |
| [ unknown] (1). Shelling Point <nowhere@north.pole> | |
| gpg> sign | |
| ubuntu@key-sender:~$ gpg2 --edit-key 0x26AD9CA6 | |
| pub rsa2048/26AD9CA6 | |
| created: 2018-02-10 expires: 2018-02-20 usage: SC | |
| trust: full validity: full | |
| sub rsa2048/4CC51AF4 | |
| created: 2018-02-10 expires: 2018-02-20 usage: E | |
| sub rsa2048/3D534625 | |
| created: 2018-02-10 expires: 2018-02-20 usage: S | |
| [ full ] (1). Shelling Point <nowhere@north.pole> | |
| ubuntu@key-sender:~$ echo "Dear Shelling Point, I have received your goods. Outback" > email-to-nowhere-north-pole.txt | |
| ubuntu@key-sender:~$ gpg2 -e --sign --recipient nowhere@north.pole -o email-to-nowhere-north-pole.gpg email-to-nowhere-north-pole.txt | |
| pub rsa2048/524FB641 | |
| created: 2018-02-10 expires: 2018-02-20 usage: SC | |
| trust: unknown validity: unknown | |
| sub rsa2048/7945FF16 | |
| created: 2018-02-10 expires: 2018-02-20 usage: E | |
| [ unknown] (1). Happy Customer <outback@com.au> | |
| ############################## | |
| # On your desktop | |
| ############################## | |
| ubuntu@key-recipient:~$ gpg2 --list-secret-keys | |
| /home/ubuntu/.gnupg/pubring.kbx | |
| ------------------------------- | |
| sec# rsa2048/26AD9CA6 2018-02-10 [SC] [expires: 2018-02-20] | |
| uid [ultimate] Shelling Point <nowhere@north.pole> | |
| ssb rsa2048/4CC51AF4 2018-02-10 [E] [expires: 2018-02-20] | |
| ssb rsa2048/3D534625 2018-02-10 [S] [expires: 2018-02-20] | |
| ubuntu@key-recipient:~$ gpg2 -d email-to-nowhere-north-pole.gpg | |
| gpg: encrypted with 2048-bit RSA key, ID 4CC51AF4, created 2018-02-10 | |
| "Shelling Point <nowhere@north.pole>" | |
| Dear Shelling Point, I have received your goods. Outback | |
| gpg: Signature made Sat 10 Feb 2018 11:02:56 AM UTC using RSA key ID 524FB641 | |
| gpg: Good signature from "Happy Customer <outback@com.au>" [full] | |
| ubuntu@key-recipient:~$ echo "Payment received. Thanks" | gpg2 --encrypt --sign -o reply-to-customer.gpg -r outback@com.au | |
| ############################## | |
| # Reading the reply on the customer's PC | |
| ############################## | |
| ubuntu@key-sender:~$ gpg2 -d reply-to-customer.gpg | |
| gpg: encrypted with 2048-bit RSA key, ID 7945FF16, created 2018-02-10 | |
| "Happy Customer <outback@com.au>" | |
| Payment received. Thanks | |
| gpg: Signature made Sat 10 Feb 2018 11:48:28 AM UTC using RSA key ID 3D534625 | |
| gpg: Good signature from "Shelling Point <nowhere@north.pole>" [full] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Evpo,
Thanks for this. I found it by a link you provided in a reddit thread.