Skip to content

Instantly share code, notes, and snippets.

@joegraviton

joegraviton/gpg.md

Last active November 22, 2022 19:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save joegraviton/199f8a2b8bff655e3d2b03fe8cefa34e to your computer and use it in GitHub Desktop.
Save joegraviton/199f8a2b8bff655e3d2b03fe8cefa34e to your computer and use it in GitHub Desktop.
Download ZIP
Use GPG to send secret
Raw
gpg.md

Use GPG to send secret

Story: Troy needs to send a secret text file to Joe, here is how to do it with GPG.

GPG: GNU Privacy Guard.

Prerequisite for both sides:

Overview:

  • Joe, the receiver, needs to generate gpg key pair, and give the public key to Troy, the sender.
  • Troy uses Joe's GPG public key to encrypt the secret text file, and send the encrypted file to Joe
  • Joe decrypt the file with his private GPG key, which only he knows and never sent to any one else.

Details:

Joe:

  • generate gpg key: gpg --full-generate-key
  • list existing keys: gpg --list-secret-keys --keyid-format=long
  • The GPG key id is the part on line sec ed25519/<key-id>, run this in terminal or add to bashrc: export GPGKEY=<key-id>
  • publish your public key: gpg --send-keys --keyserver keyserver.ubuntu.com $GPGKEY (optional)
  • export public key: gpg --armor --export $GPGKEY > joe.asc
  • send joe.asc to Troy

Troy:

  • import Joe's public key: gpg --import joe.asc
  • list imported keys: gpg --list-keys, the full key name will be something like Joe Guo (Graviton) <joe@graviton.xyz>
  • encrypt the secret with Joe's public key: gpg -e -r "Joe Guo (Graviton) <joe@graviton.xyz>" secret.txt, this will generate a secret.txt.gpg file
  • send the gpg file to Joe

Joe:

  • ensure you have: export GPGKEY=<key-id>, gpg will use it by default
  • decrypt the secret: gpg -d secrets.txt.gpg

refs:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment