JavaScript status: DISABLED gnupg

GNU Privacy Guard

Encryption and signing of data and communication

Distribution: source code
Distribution: binary code

  • Verify installed version via the command-line interface:
  • Command syntax:
  • Generating a new key pair

    To encrypt ones communications, one needs to create a key pair consisting of a public key and a secret key. Select RSA public key and RSA secret key formation with the highest key bit length offered: Give the random number generator a better chance to gain enough entropy: play a video.

    Generating a revocation certificate

    Create a revocation key to revoke ones public key if it has been, or suspected to have been, compromised in any way: Keep the revocation key in a safe place. Anyone who accesses it can use it to disable ones private key. (One could use symmetric encryption (see below) on ones revocation file.)

    Exchanging Keys

    To communicate with others you must exchange public keys. To list the keys on your public keyring A list of the keys registered with your e-mail should appear (and since there should be only one, it will only list your key.) Then, you can obtain your KEY-ID and run the command above in order to submit it to the key servers.

    To display the private or public keys:

    Exporting a Public Key

    Importing a Public Key

    The output should state that the key was imported. If a particular public signing key had previously been imported then the output should state that the key was unchanged.

    Encrypting and decrypting documents

    Public-key Cryptography With GNU Privacy Guard

    A pair of keys is used for encryption and decryption. To encrypt a file destined for ones friend using his public key: Explanation:
    -o encrypted_file.gpg = Output to the following filename.
    --encrypt = Encrypting a file
    -r = Recipient. KEY-ID would be your friends KEY-ID here.

    To decrypt a file that has been encrypted with ones public key:

    Symmetric-key Cryptography With GNU Privacy Guard

    GnuPG also supports symmetric encryption algorithms, One key is used for encryption and decryption. This approach is simpler in dealing with each message, but it is less secure since the key must be communicated to the recipient.
    To encrypt: To decrypt:

    Making and Verifying Signatures

    Creating a clearsigned file (document) plus its corresponding detached signature

    This is what the sender of the document performs:

    Verifying a clearsigned file (document) with its corresponding detached signature

    This is what the recipient of the electronic document would need to perform:
    1. Import the public (signing) key of the sender of the document
    2. Download an electronic document and its corresponding detached signature file (which will have the same name as the document file but with .asc or .sig appended to the end) from the sender
    3. Verify the document file using its corresponding signature file (which both must be in the same directory):
      e.g. to cryptographically verify an ISO image file:

    Key Management

    Distributing Keys

    Retrieving public keys from a keyserver: Sending public keys to a key server:



  • documentation

  • Legal Disclaimer & Copyright Policy