GnuPG is a hybrid-encryption software program because it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient’s public key to encrypt a session key which is used only once.
The GnuPG 1.x series uses an integrated cryptographic library, while the GnuPG 2.x series replaces this with Libgcrypt.
GnuPG encrypts messages using asymmetric key pairs individually generated by GnuPG users. The resulting public keys may be exchanged with other users in a variety of ways, such as Internet key servers.
It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.
GnuPG also supports symmetric encryption algorithms. By default, GnuPG uses the AES symmetrical algorithm since version 2.1.
As of 2.2 versions GnuPG supports the following algorithms:
- Public key: RSA, ElGamal, DSA, ECDH, ECDSA, EdDSA.
- Cipher: 3DES, IDEA, CAST5, Blowfish, Twofish, AES-128, AES-192, AES-256, Camellia-128, Camellia-192, Camellia-256.
- Hash: MD5, SHA-1, RIPEMD-160, SHA-256, SHA-384, SHA-512, SHA-224.
- Compression: Uncompressed, ZIP, ZLIB, BZIP2.
Master key, also known as primary key, holds your trust.
If your key gets certified, those certifications will be issued on tuples of primary key and user ID. Outgoing certifications (on other keys) are also exclusively issued by your primary key.
What capabilities your primary key has depends on the algorithm chosen and what capabilities are actually enabled (you can change this when running GnuPG in the –expert mode).
All primary keys must have the certification capability C, but can have signature capability S (which must always be supported, as certifications are also signatures) and finally encryption capability E (which is not supported by all algorithms that fit a primary key, for example DSA can only be used for certifications/signatures, not for encryption).
Invoke gpg ‘
--full-generate-key’ with the ‘
--expert’ flag to expose some
additional menu items
$ gpg --expert --full-generate-key
Select the “RSA (set your own capabilities)” option to remove the ‘Encrypt’ capability from the key. Leave only the ‘Certify’ and ‘Sign’ capabilities.
Use separate, short-lived subkeys for generic sign and encryption.
Use a key-length of 4096 bit and set expiration to 3 years. If the key is still in use when the date approaches, set a new expiration date and distribute the new updated public key.
The UID (User ID) is composed by the name and e-mail of the key owner.
Real name: Davide Galassi Email address: email@example.com Comment: You selected the USER-ID: "Davide Galassi <firstname.lastname@example.org>"
A passphrase is required to protect the secret key. A passphrase is like a password but longer and can contain spaces.
At this point the keys is generated along with a revocation certificate.
The secret key is stored under
The revocation certificate under
The secret key file name is equal to the keygrip.
$ gpg --list-keys --with-keygrip
Subkeys make key management easier. You publish the subkeys on the normal keyservers, and everyone else will use them instead of the master key for encrypting messages or verify your message signatures. Likewise, you will use the subkeys for decrypting and signing messages.
The master key is used only in exceptional circumstances:
- sign someone else’s key or revoke an existing signature;
- add a new UID or mark an existing UID as primary;
- create and certify a new subkey;
- revoke an existing UID or subkey;
- change the preferences (e.g. with
setpref) on a UID;
- change the expiration date on your master key or any of its subkey;
- generate a revocation certificate for the complete key;
If a machine with a subkey is violated you can easily revoke the subkey without revoking the primary one.
Which subkey is chosen is implementation dependent, usually they will choose the newest non-revoked key capable of what you want to perform. If you add another subkey, this will be chosen. If you remove all subkeys, the primary key will be used – given it has the necessary capability bits set. If the primary key does not support the required capability, the key cannot be used at all!
In GnuPG, you can enforce a specific subkey: by specifying the key ID followed by ‘!’. For example, if you want to enforce usage of subkey DEADBEEFDEADBEEF as a recipient, use the option –recipient DEADBEEFDEAEDBEEF!.
Subkeys can be arbitrarily revoked and regenerated without losing reputation in the web of trust.
--edit-key option should bring us to the gpg command prompt.
Is suggested to use the
--expert option as well to have more control on
addkey command for each subkey you want to add.
Use the “
RSA (set your own capabilities)” option and create one key to
sign only, one to encrypt only and one to authenticate only.
Set the expiration to a relative short date (e.g. 6 months).
When finished, use the
save command to exit the prompt.
The simpler way to backup all the information is to copy the secret and
public keyrings (
to a removable media.
Export the key information in ‘armor’ format (printable base64 encoded data).
Export all the secret keys (including the subkeys)
$ gpg --armor --export-secret-key <key-id> > secret_key.asc
Export the secret key only (not the exclamation mark)
$ gpg --armor --export-secret-key <key-id>! > master_secret_key.asc
Export the public key
$ gpg --armor --export <key-id> > public_key.asc
Create a revocation certificate
$ gpg --armor --gen-revoke <key-id> > revocation_cert.asc
You can also decide to export, separately, the subkeys
$ gpg --armor --export-secret-subkeys <key-id> > secret_subkeys.asc
Remove Master Key secret
After that you’ve exported the secret subkeys in a separate file, delete the secret key (and subkeys) from the keyring.
$ gpg --delete-secret-key <key-id>
Re-import only the subkeys
$ gpg --import secret_subkeys.asc
If you run the
gpg --list-secret-key command you must see a “sec#” on the
first few lines of output. This indicates that the secret key is no more
Change passphrase (optional)
At this point you can change the “complicated” and “super-secret” passphrase protecting the keyring with something more practical for day-by-day usage.
$ gpg --edit-key <key-id> passwd
(If your master key was removed you’ll receive an error for that key)
This format is deduced from the length of the string and its content or the 0x prefix. Note, that only the 20 byte version fingerprint is available with gpgsm (i.e. the SHA-1 hash of the certificate).
When using gpg an exclamation mark (!) may be appended to force using the specified primary or secondary key and not to try and calculate which primary or secondary key to use.
The best way to specify a key Id is by using the fingerprint. This avoids any ambiguities in case that there are duplicated key IDs.
The key ID are the low 64 bits of its SHA-1 fingerprint.
The use of key IDs is just a shortcut, for all automated processing the fingerprint should be used.
You are ready to distribute your public key to a keyserver.
A good key server to load your public key:
To list the public keys
$ gpg --list-keys
To list the secret keys
$ gpg --list-secret keys
To see signatures
$ gpg --list-signatures
To see the fingerprints
$ gpg --fingerprint
To delete a public key
$ gpg --delete-key UID
To delete a secret key
$ gpg --delete-secret-key UID
To list the ids of subkeys
$ gpg --list-keys --keyid-format long
$ gpg --import keyfile
Make a cleartext signature. The content in a cleartext signature is readable without any special software.
$ gpg --clear-sign filename
Make a detached signature.
$ gpg --detach-sign
The operation requires a private key. If multiple private keys are present,
the key is selected via the
-u <user> option.
To verify a signature
$ gpg --verify signaturefile
Encryption is done using the recipient (-r) public key. The public keys
available are listed in our public keyring (
$ gpg -r <key-id> --armor --encrypt message.txt
The output is stored in an ascii file
$ gpg --decrypt message.txt.asc
The private key passphrase is eventually asked.
To edit key some key metadata
gpg --edit-key UID
This command will leave you in the gpupg prompt. From here several commands
are availbale. The
help command is your friend.
A public key can be signed so that you are absoltely positive that this key is valid. With that reassurance you can start encrypting.
gpg --edit-key UID command for the key to be signed you can sign it
Edit the key to per renewed (be sure to have imported the secret master key)
gpg --edit-key [keyname]
Lists the available subkeys:
Choose the number of the subkey you want to edit; e.g. key 1
command> key [subkey]
Set a new experation date for the subkey.
Save and exit
If your laptop keypair is compromised, we need to revoke the subkeys on that keypair.
Given a gpg fresh install, import your master keypair from the backup.
$ gpg --import public_key.asc private_key.asc
Now use the
--edit-key option to enter the gpg prompt and to
interactively revoke your subkeys.
One key is selected giving the key number (respect to the lising order):
for example the command
key 2, within the prompt, select the second
> key 2 > key 3 > key 4
Once that the keys are selected revoke the subkeys validity with the
Follow the on-screen instructions and
save the modifications.
Now that your subkeys has been revoked, you have to tell the world about it by distributing your key to a key server.
Complete Secret Removal
For GnuPG version 2.12 and above, you can use the
gpg-connect agent to do the
deletion. This is by using the following command:
$ gpg-connect-agent "DELETE_KEY <keygrip>" /bye
Import Smart Card Secrets Stubs
Import the secret keys stubs from a smart card or token (e.g. Yubikey):
$ gpg --card-status ... Application ID ...: D2760001240103040006193415350000 ...
Application ID refers to the unique identifier associated with the smart
card or token.
This will add the subkeys handles to the “$HOME/.gnupg/private-keys-v1.d” folder
These files are in a shadowed private key format, which translates to references to keep track of keys stored on IC cards.
$ cat `<keygrip>`.key Token: D2760001240103040006193415350000 OPENPGP.1 - 19+341+535 ...
Note that the
Token is equal to the
Application ID listed previously.
- Seahorse: default GNOME front-end for GnuPG
- Firefox + EnigMail: encrypt/sign outgoing messages and decrypt/verify incoming messages. Can also export/import public keys.