Skip to main content

University Library, University of Illinois at Urbana-Champaign

Data Encryption: GPG Command Cheat Sheet

Provides information and instructions for encrypting a variety of data types.

GPG Commands

The following are a list of commonly used commands for encrypting documents in Terminal (Mac, Linux) or PowerShell (Windows).

 

Creating A New Keypair  
gpg --gen-key Prompts for information and then creates an appropriate keypair
   
Importing, Exporting, and Refreshing Keys  
Importing  
gpg --import File Imports a key contained in File to the appropriate keyring
gpg –recv-keys KeyID1 KeyID2 Receives the key which corresponds to KeyID1, KeyID2, etc from the provided keyserver
gpg --search-keys Term1 Term2 Searches for keys which contain Term1 and Term2, etc and provides an interactive interface to choose the correct key to import to the appropriate keyring
Exporting  
gpg --export -a KEYID > publickey.asc Output a public key to a plain text file
gpg --send-keys KeyID Upload a public key to a keyserver
Refreshing  
gpg --refresh-keys Check to see if your version of a key is out of date. If so update it.
   
Printing Key Information  
gpg --list-keys Print a list of all of the keys in your public keyring
gpg --list-keys UniqueID Print all keys matching UniqueID
gpg --list-sigs Print a list of all keys in your public keyring and their associated signatures
gpg --list-sigs UniqueID Print a list of all keys and their associated signatures matching UniqueID
gpg --fingerprint Print a list of all keys in your public keyring and their associated fingerprints
gpg --fingerprint UniqueID Print a list of all keys and their associated signatures matching UniqueID
   
Signing a Key  
gpg --fingerprint UniqueID Check the local key fingerprint against the reported fingerprint
gpg --sign-key UniqueID If the fingerprints match sign the key with your private key
   
Encrypting and Signing  
Encrypting  
gpg -er Recipient File Produces File.gpg an encrypted version of File, which can be decrypted by Recipient
echo “Text” | gpg -ear Recipient Produces an encrypted version of Text which can be decrypted by Recipient and prints the result to the terminal
echo “Text” | gpg -ear Recipient > OutFile Produces an encrypted version of Text which can be decrypted by Recipient and writes the result to OutFile
cat InFile | gpg -ear Recipient Produces an encrypted version of the text contained in InFile which can be decrypted by Recipient and prints the result to the terminal
cat InFile | gpg -ear Recipient > OutFile Produces an encrypted version of the text contained in InFile which can be decrypted by Recipient and writes the result to OutFile
Signing  
gpg -s File Produces File.gpg, a signed version of File, which can be verified
echo “Text” | gpg -as Produces a signed version of Text and prints the result to the terminal
echo “Text” | gpg -s > OutFile Produces a signed version of Text and writes the result to OutFile
cat InFile | gpg -as Produces a signed version of the text in InFile and prints the result to the terminal
cat InFile | gpg -s > OutFile Produces a signed version of the text in InFile and writes the result to OutFile
gpg --detach-sign File Produces a separate signature, File.sig, which can be used to verify File
echo “Text” | gpg --clearsign  
cat InFile | gpg --clearsign  
Encrypting and Signing  
gpg -esr Recipient File Produces File.gpg, an encrypted and signed version of File, which can be decrypted and verified by Recipient
echo “Text” | gpg -esar Recipient File Produces an encrypted and signed version of Text which can be decrypted and verified by Recipient and prints the result to the terminal
echo “Text” | gpg -esar Recipient File > OutFile Produces an encrypted and signed version of Text which can be decrypted and verified by Recipient and writes the result to OutFile
cat InFile | gpg -esar Recipient Produces an encrypted and signed version of the text in InFile which can be decrypted and verified by Recipient and prints the result to the terminal
cat InFile | gpg -esar Recipient > OutFile Produces an encrypted and signed version of the text in InFile which can be decrypted and verified by Recipient and prints the result to the terminal
   
Decrypting and Verifying  
gpg -d InFile > OutFile Decrypt and/or verify File
echo “Cipher Text” | gpg -d Decrypt and/or verify Cipher Text
echo “Cipher Text” | gpg -d > OutFile Decrypt and/or verify Cipher Text and write the result to OutFile
cat InFile | gpg -d Decrypt and/or verify the contents of File
cat InFile | gpg -d > OutFile Decrypt and/or verify the contents of File and write the result to OutFile
   
Symmetric Encryption  
gpg -c File Create a file symmetrically encrypted with a passphrase
gpg -ca File Create a file symmetrically encrypted with a passphrase readable as plain text
echo “Text” | gpg -ca Symmetrically encrypt Test with a passphrase and output the result to the terminal
echo “Text” | gpg -c > OutFile Symmetrically encrypt Test with a passphrase and write the result to OutFile
cat InFile | gpg -ca Symmetrically encrypt the text in InFile and output the result to the terminal
cat InFile | gpg -c > OutFile Symmetrically encrypt the text in InFile and write the result to OutFile

 

Created by Brian Balsamo. Used with permission.

Scholarly Commons

Scholarly Commons's picture
Scholarly Commons
Contact:
306 Main Library
Drop-ins welcome
Monday-Friday 8:30am-6:00pm
Phone: 217-244-1331
Website