2.2 KiB
2.2 KiB
title | date |
---|---|
gpg cheatsheet | 2023-04-21T16:40:56+02:00 |
List secret key with all subkeys:
$ gpg --list-secret-keys --keyid-format long
Add a new subkey:
$ gpg --edit-key <masterkey-id>
gpg> addkey
...
gpg> save
Add a new email/identity to existing key:
$ gpg --edit-key <masterkey-id>
gpg> adduid
...
gpg> save
Transfer subkey to other workstation:
$ gpg --export --armor <masterkey-id> >masterkey-public.asc
$ gpg --export-secret-key --armor <subkey-id>! >subkey-private.asc
# on the target machine:
$ gpg --import masterkey-public.asc
$ gpg --import subkey-private.asc
# afterwards, shred the private key securely:
shred -u subkey-private.asc
Or, transfer over ssh directly (might not work depending on setup):
$ gpg --export --armor <masterkey-id> \
| ssh <target-host> 'gpg --import'
$ gpg --export-secret-key --armor <subkey-id>! \
| ssh <target-host> 'gpg --import'
Check what keys are available on target:
$ gpg --list-secret-keys --with-keygrip
If the secret master key (sec
) is available (no #
suffix), delete it:
$ gpg-connect-agent 'DELETE_KEY <master-keygrip>' /bye
Reorder UID priorities:
# Suppose Bob has these three identities, in that order:
[ unknown] (1). Bob <bob@example.com>
[ unknown] (2) Bob (work) <bob@example.company>
[ unknown] (3) Bob (git) <code@example.com>
# But now Bob wants to have them in this order:
[ unknown] (1). Bob <bob@example.com>
[ unknown] (2) Bob (git) <code@example.com>
[ unknown] (3) Bob (work) <bob@example.company>
# The dot after the number in parentheses indicates the
# currently selected key.
# Now, to reorder:
$ gpg --edit-key ...
gpg> uid 2
gpg> primary
gpg> save
$ gpg --edit-key ...
gpg> uid 3 # uid of next in order
gpg> primary
gpg> save
# Repeat as often as needed, in reverse order they should appear in.