What is GPG?#
GNU Privacy Guard (GnuPG o GPG)is an encryption and digital signature tool that implements the OpenPGP standard. GnuGPG allows you to encrypt and sign both data and communications (emails for example). It has a versatile key management system, along with access modules for all types of public key directories. Also known as GPG, it is a command line tool with functions for easy integration with other applications.
GPG encrypts messages using user-generated asymmetric individual key pairs. Public keys can be shared with other users in many ways, an example of this is by depositing them on key servers.
IMPORTANT: NEVER SHARE YOUR PRIVATE KEY, KEEP IT SECURELY AND ONLY FORWARD OR PUBLISH THE PUBLIC KEYS ON A SERVER.
Generating gpg key-pair for Linux users#
Generate user key-pair#
Some questions must be answered in order to generate the key pair:
- Key type. RSA-RSA is the default.
- Expiration time: How long the key shoud be valid.
- User data (Real name, email, comment) . This data is used to identify the key in public key servers and when it's sent to other users.
- Password: It is possible to protect the key file with a password.
Export public key#
Import public key#
We can check the list of public key in our databes with this command: