LinuxCommandLibrary

gpg2

Encrypt, decrypt, sign, and verify data

TLDR

View documentation for the original command

$ tldr gpg
copy

SYNOPSIS

gpg2 [options] [files]

PARAMETERS

--armor, -a
    Create ASCII armored output.

--output file, -o file
    Use file for output.

--decrypt, -d
    Decrypt data.

--encrypt, -e
    Encrypt data.

--sign, -s
    Make a signature.

--verify
    Verify a signature.

--list-keys
    List all keys.

--list-secret-keys
    List all secret keys.

--gen-key
    Generate a new key pair.

--delete-secret-key keyid
    Delete a secret key

--delete-key keyid
    Delete a public key

--recv-keys keyid
    Import keys from a keyserver.

--send-keys keyid
    Export keys to a keyserver.

--import file
    Import keys from a file.

--export keyid
    Export keys to a file.

--trust-model model
    Set the trust model
auto: Use auto trust model.
always: all keys are trusted
pgp: the classic PGP trust model
direct: direct trust to all keys

--version
    Show the program version.

--help
    Display help information.

DESCRIPTION

GPG (GNU Privacy Guard) is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GPG2 is the second generation of GPG, offering enhanced cryptographic support and features compared to the original `gpg` command. It allows you to encrypt and sign your data and communications; features a versatile key management system as well as access modules for all kinds of public key directories. GPG2 provides cryptographic services for privacy, authentication, and data integrity. It can be used to encrypt emails, files, and other data. It can also be used to sign data to verify its authenticity and integrity.

Common uses include securing email communication, verifying software downloads, and managing digital identities. Understanding the command and its options is critical for anyone seeking to protect sensitive information or ensure the authenticity of digital content on a Linux system.

CAVEATS

GPG2 relies on a trust model for key validation. It's important to understand this model and properly configure trust settings to avoid accepting compromised keys. Security also depends on the strength of the encryption algorithms used and the secrecy of the private key.

KEY MANAGEMENT

Proper key management is crucial for GPG2 security. Regularly backup your secret keys and protect them with a strong passphrase. Consider using a hardware security module (HSM) for added protection of secret keys.

TRUST DATABASE

GPG2 uses a trust database to track the validity of keys. It's important to understand how this database works and to update it regularly to reflect changes in the trust relationships between keys. Use `gpgconf` to manage trust database options.

HISTORY

GPG was created in 1999 by Werner Koch as a free alternative to PGP (Pretty Good Privacy). GPG2 is a more modern version, offering improved performance, better support for newer cryptographic algorithms, and various usability enhancements. The transition from GPG to GPG2 represents a significant step in maintaining a secure and up-to-date encryption toolset.

SEE ALSO

gpg(1), gpg-agent(1), gpgconf(1)

Copied to clipboard