Notes on GPG

Security really matters these years1. WannaCry gave us a global warning early this year. Before, Chinese netizens feel quite safe maybe because of few technology audience… or rather GFW helps? With the technology’s deeper root in life accompanied by mobile payment, online shopping, smart stuff and the like, I believe security issue is critical enough to draw everyone’s attention. Security is the most inevitable thing even if one may ignore privacy problem for now.

Okay, here is my notes on GPG. I only introduce my commonly used options and all the details are in GnuPG manual.

Options

Examples

Basic Encryption

gpg -r chris -e foo.txt
# It creates foo.txt.gpg

Encrypt with Symmetric Cipher

gpg -c foo.txt
# Enter passphase twice and foo.txt.gpg is created.

ASCII output

gpg -c -a foo.txt
# Enter passphase twice and foo.txt.asc is created.

Using with pipeline

echo "hello" | gpg -c -a -
# -----BEGIN PGP MESSAGE-----
#
# jA0EBwMCI9EOCv8RfTDh0jsB6f1PHXr7CnPvtFQ3+1xzVkaaFT0NGnaXV7vp0TA6
# yQaOCS806a4Gg7/3UxBcPqm1t74asvk2tgm06Q==
# =fstr
# -----END PGP MESSAGE-----

Sign and verify

gpg --clear-sign foo.txt
# File foo.txt.asc which is not encrypted is generated
gpg -d foo.txt.asc # show raw data and verify signature
gpg --verify foo.txt.asc # verify signature

Detached sign

gpg --detach-sign foo.txt
# File foo.txt.sig (notice its size) is generated
gpg --verify foo.txt.sig foo.txt # verify signature

Output to stdout

gpg -o - -ab foo.txt
# -----BEGIN PGP SIGNATURE-----
# 
# iQEzBAABCAAdFiEEiul6fOyv8uDC/NJyNkEjOM7Lx3AFAllZ9bYACgkQNkEjOM7L
# x3DWtggAg+ACLCf4uDutKZNen9JQEMsoxlNmCoZpfTraE5Hy6eeZ3m4CV8YlpPup
# Qhl9ajFvvTL8pdS3e6LSWvViZ3MRfTYi8bxfpb4Erv4Isk+kCIZJwG7QmFCKLtCA
# ERoj1Mygt2AL7mPQBWKWtetYGrbScOPRNKu/cRhazbovHoUJbgtjZRpyn9+U9lRz
# OEBJTBqFO4p4uefbwstMLg+ZnId3Q2MTqmb0DGuu4GRUpDQf2U+R+6meTprjayPE
# T1QDHpI9hQ9gto0PGT3G9hSAWIJqxLXytltTAclPNVv62GhBEfgh10zRe1wkhYiz
# uXM+IG4guxTRIAynlz6esmyGHoer/g==
# =qDbQ
# -----END PGP SIGNATURE-----