GPG (GNU Privacy Guard) is a tool for secure communication and data encryption. Managing GPG keys involves creating, importing, exporting, and revoking keys. Here's a step-by-step guide:
If you haven't installed GPG on your system, you can do so by using a package manager. For example, on macOS, you can use Homebrew:
brew install gpgOn Debian/Ubuntu Linux:
sudo apt-get install gnupgTo create a new GPG key, open a terminal and run:
gpg --full-generate-keyFollow the prompts to set up your key. This involves choosing the key type, key size, key validity, and providing your name and email address.
You can list your GPG keys using the following command:
gpg --list-keysThis will display a list of your GPG keys along with their details.
To share your public key with others, you can export it:
To a file:
gpg --armor --export your@email.com > public_key.ascTo the clipboard:
gpg --armor --export your@email.com | pbcopyThis command exports the public key to a file named public_key.asc. Share this file with others who need to encrypt messages to you.
Exporting your secret key is important for backup purposes. Keep this file secure and do not share it.
gpg --armor --export-secret-keys your@email.com > private_key.ascIf someone shares their public key with you, you can import it:
gpg --import public_key.ascReplace public_key.asc with the actual filename of the public key.
To encrypt a file, use the -e option followed by the recipient's email:
gpg -e -r recipient@email.com filename.txtTo decrypt a file, use:
gpg -d filename.txt.gpgIf your private key is compromised or lost, you should revoke it. Find the key ID using gpg --list-keys and then run:
gpg --edit-key key_idWithin the key edit menu, type revkey and follow the prompts to generate a revocation certificate. Share this certificate with others.
Remember to manage your GPG keys securely, especially the private key, as it is crucial for decrypting messages and files. Regularly back up your keys to avoid data loss.