Last active
May 23, 2023 15:27
-
-
Save voronoipotato/91c727c5299be927374a6e23cbff4245 to your computer and use it in GitHub Desktop.
A brief guide for using GPG to sign files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This guide is a living document, if you see something outdated please fix it. | |
| # To make a key use this. | |
| # Defaults used to be not so good, but now they're okay for most people. | |
| # It may not be a bad idea though to select an expiration date so that in the future you can make a new key with updated encryption | |
| # Make sure to provide an email and proper name that people will know you as. | |
| # If you're using this for more than just sending gossip between friends make sure to use a passphrase. | |
| gpg --full-generate-key | |
| # To write the signature you can use this | |
| # I'm vopo, so if you see that, it's me. You can put your own name in there | |
| gpg --output vopo-file.sig --detach-sig file.zip | |
| # To verify the signature you can use this | |
| gpg --verify vopo-file.sig file.zip | |
| # To export your public key so other people can verify your signature | |
| gpg --output vopo.pgp --export vopo@email.com | |
| # You need to import a public key a friend exported for you, so you can encrypt a file to only them | |
| gpg --import vopo-friend.gpg | |
| # To encrypt a file | |
| gpg --output doc.zip.gpg --encrypt --recipient vopo-friend@email.com doc.zip | |
| # To decrypt a file | |
| gpg --output doc.zip --decrypt doc.zip.gpg |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sources
https://www.gnupg.org/gph/en/manual/c14.html
https://www.gnupg.org/gph/en/manual/x56.html
https://www.gnupg.org/gph/en/manual/x110.html