« back to all changes in this revision
Viewing changes to doc/gpg.info
- browse files at revision 1.1.7
- compare with another revision
- download diff
- download tarball
- view history from revision 1.1.7
- Committer: Bazaar Package Importer
- Author(s): Kees Cook
- Date: 2006-12-12 15:56:56 UTC
- mto: This revision was merged to the branch mainline in revision 14.
- Revision ID: james.westby@ubuntu.com-20061212155656-kk00wp4x0uq4tm1y
Tags: upstream-1.4.6
ImportĀ upstreamĀ versionĀ 1.4.6
- files added:
- doc/gnupg1.info
- files removed:
- doc/gpg.1
- files modified:
- AUTHORS
added
removed
doc/gpg.info
1
This is gpg.info, produced by makeinfo version 4.8 from gpg.texi.
2
3
INFO-DIR-SECTION GnuPG
4
START-INFO-DIR-ENTRY
5
* gpg: (gpg). GnuPG encryption and signing tool.
6
END-INFO-DIR-ENTRY
7
8
9
File: gpg.info, Node: Top, Up: (dir)
10
11
gpg
12
***
13
14
Name
15
****
16
17
gpg -- encryption and signing tool
18
19
Synopsis
20
********
21
22
gpg
23
--homedir name
24
--options file
25
options
26
command
27
args
28
29
DESCRIPTION
30
***********
31
32
`gpg' is the main program for the GnuPG system.
33
34
This man page only lists the commands and options available. For more
35
verbose documentation get the GNU Privacy Handbook (GPH) or one of the
36
other documents at http://www.gnupg.org/documentation/ .
37
38
Please remember that option parsing stops as soon as a non option is
39
encountered, you can explicitly stop option parsing by using the
40
special option "-".
41
42
COMMANDS
43
********
44
45
`gpg' may be run with no commands, in which case it will perform a
46
reasonable action depending on the type of file it is given as input
47
(an encrypted message is decrypted, a signature is verified, a file
48
containing keys is listed).
49
50
`gpg' recognizes these commands:
51
52
-s, -sign
53
Make a signature. This command may be combined with -encrypt (for a
54
signed and encrypted message), -symmetric (for a signed and
55
symmetrically encrypted message), or -encrypt and -symmetric
56
together (for a signed message that may be decrypted via a secret
57
key or a passphrase).
58
59
-clearsign
60
Make a clear text signature. The content in a clear text signature
61
is readable without any special software. OpenPGP software is only
62
needed to verify the signature. Clear text signatures may modify
63
end-of-line whitespace for platform independence and are not
64
intended to be reversible.
65
66
-b, -detach-sign
67
Make a detached signature.
68
69
-e, -encrypt
70
Encrypt data. This option may be combined with -sign (for a signed
71
and encrypted message), -symmetric (for a message that may be
72
decrypted via a secret key or a passphrase), or -sign and
73
-symmetric together (for a signed message that may be decrypted
74
via a secret key or a passphrase).
75
76
-c, -symmetric
77
Encrypt with a symmetric cipher using a passphrase. The default
78
symmetric cipher used is CAST5, but may be chosen with the
79
-cipher-algo option. This option may be combined with -sign (for a
80
signed and symmetrically encrypted message), -encrypt (for a
81
message that may be decrypted via a secret key or a passphrase),
82
or -sign and -encrypt together (for a signed message that may be
83
decrypted via a secret key or a passphrase).
84
85
-store
86
Store only (make a simple RFC1991 packet).
87
88
-d, -decrypt
89
Decrypt `file' (or stdin if no file is specified) and write it to
90
stdout (or the file specified with -output). If the decrypted file
91
is signed, the signature is also verified. This command differs
92
from the default operation, as it never writes to the filename
93
which is included in the file and it rejects files which don't
94
begin with an encrypted message.
95
96
-verify
97
Assume that `sigfile' is a signature and verify it without
98
generating any output. With no arguments, the signature packet is
99
read from stdin. If only a sigfile is given, it may be a complete
100
signature or a detached signature, in which case the signed stuff
101
is expected in a file without the ".sig" or ".asc" extension.
102
With more than 1 argument, the first should be a detached signature
103
and the remaining files are the signed stuff. To read the signed
104
stuff from stdin, use `-' as the second filename. For security
105
reasons a detached signature cannot read the signed material from
106
stdin without denoting it in the above way.
107
108
-multifile
109
This modifies certain other commands to accept multiple files for
110
processing on the command line or read from stdin with each
111
filename on a separate line. This allows for many files to be
112
processed at once. -multifile may currently be used along with
113
-verify, -encrypt, and -decrypt. Note that `-multifile -verify'
114
may not be used with detached signatures.
115
116
-verify-files
117
Identical to `-multifile -verify'.
118
119
-encrypt-files
120
Identical to `-multifile -encrypt'.
121
122
-decrypt-files
123
Identical to `-multifile -decrypt'.
124
125
-list-keys
126
-list-public-keys
127
List all keys from the public keyrings, or just the ones given on
128
the command line.
129
130
Avoid using the output of this command in scripts or other
131
programs as it is likely to change as GnuPG changes. See
132
-with-colons for a machine-parseable key listing command that is
133
appropriate for use in scripts and other programs.
134
135
-K, -list-secret-keys
136
List all keys from the secret keyrings, or just the ones given on
137
the command line. A '#' after the letters 'sec' means that the
138
secret key is not usable (for example, if it was created via
139
-export-secret-subkeys).
140
141
-list-sigs
142
Same as -list-keys, but the signatures are listed too.
143
144
For each signature listed, there are several flags in between the
145
"sig" tag and keyid. These flags give additional information about
146
each signature. From left to right, they are the numbers 1-3 for
147
certificate check level (see -ask-cert-level), "L" for a local or
148
non-exportable signature (see -lsign-key), "R" for a nonRevocable
149
signature (see the -edit-key command "nrsign"), "P" for a signature
150
that contains a policy URL (see -cert-policy-url), "N" for a
151
signature that contains a notation (see -cert-notation), "X" for an
152
eXpired signature (see -ask-cert-expire), and the numbers 1-9 or
153
"T" for 10 and above to indicate trust signature levels (see the
154
-edit-key command "tsign").
155
156
-check-sigs
157
Same as -list-sigs, but the signatures are verified.
158
159
-fingerprint
160
List all keys with their fingerprints. This is the same output as
161
-list-keys but with the additional output of a line with the
162
fingerprint. May also be combined with -list-sigs or -check-sigs.
163
If this command is given twice, the fingerprints of all secondary
164
keys are listed too.
165
166
-list-packets
167
List only the sequence of packets. This is mainly useful for
168
debugging.
169
170
-gen-key
171
Generate a new key pair. This command is normally only used
172
interactively.
173
174
There is an experimental feature which allows you to create keys
175
in batch mode. See the file `doc/DETAILS' in the source
176
distribution on how to use this.
177
178
-edit-key `name'
179
Present a menu which enables you to do all key related tasks:
180
181
sign
182
Make a signature on key of user `name' If the key is not yet
183
signed by the default user (or the users given with -u), the
184
program displays the information of the key again, together
185
with its fingerprint and asks whether it should be signed.
186
This question is repeated for all users specified with -u.
187
188
lsign
189
Same as "sign" but the signature is marked as non-exportable
190
and will therefore never be used by others. This may be used
191
to make keys valid only in the local environment.
192
193
nrsign
194
Same as "sign" but the signature is marked as non-revocable
195
and can therefore never be revoked.
196
197
tsign
198
Make a trust signature. This is a signature that combines the
199
notions of certification (like a regular signature), and
200
trust (like the "trust" command). It is generally only useful
201
in distinct communities or groups.
202
203
Note that "l" (for local / non-exportable), "nr" (for
204
non-revocable, and "t" (for trust) may be freely mixed and
205
prefixed to "sign" to create a signature of any type desired.
206
207
revsig
208
Revoke a signature. For every signature which has been
209
generated by one of the secret keys, GnuPG asks whether a
210
revocation certificate should be generated.
211
212
trust
213
Change the owner trust value. This updates the trust-db
214
immediately and no save is required.
215
216
disable
217
enable
218
Disable or enable an entire key. A disabled key can not
219
normally be used for encryption.
220
221
adduid
222
Create an alternate user id.
223
224
addphoto
225
Create a photographic user id. This will prompt for a JPEG
226
file that will be embedded into the user ID. Note that a very
227
large JPEG will make for a very large key. Also note that
228
some programs will display your JPEG unchanged (GnuPG), and
229
some programs will scale it to fit in a dialog box (PGP).
230
231
deluid
232
Delete a user id.
233
234
delsig
235
Delete a signature.
236
237
revuid
238
Revoke a user id.
239
240
addkey
241
Add a subkey to this key.
242
243
addcardkey
244
Generate a key on a card and add it to this key.
245
246
keytocard
247
Transfer the selected secret key (or the primary key if no
248
key has been selected) to a smartcard. The secret key in the
249
keyring will be replaced by a stub if the key could be stored
250
successfully on the card and you use the save command later.
251
Only certain key types may be transferred to the card. A sub
252
menu allows you to select on what card to store the key. Note
253
that it is not possible to get that key back from the card -
254
if the card gets broken your secret key will be lost unless
255
you have a backup somewhere.
256
257
bkuptocard `file'
258
Restore the given file to a card. This command may be used to
259
restore a backup key (as generated during card
260
initialization) to a new card. In almost all cases this will
261
be the encryption key. You should use this command only with
262
the corresponding public key and make sure that the file
263
given as argument is indeed the backup to restore. You should
264
then select 2 to restore as encryption key. You will first
265
be asked to enter the passphrase of the backup key and then
266
for the Admin PIN of the card.
267
268
delkey
269
Remove a subkey.
270
271
addrevoker
272
Add a designated revoker. This takes one optional argument:
273
"sensitive". If a designated revoker is marked as sensitive,
274
it will not be exported by default (see export-options).
275
276
revkey
277
Revoke a subkey.
278
279
expire
280
Change the key expiration time. If a subkey is selected, the
281
expiration time of this subkey will be changed. With no
282
selection, the key expiration of the primary key is changed.
283
284
passwd
285
Change the passphrase of the secret key.
286
287
primary
288
Flag the current user id as the primary one, removes the
289
primary user id flag from all other user ids and sets the
290
timestamp of all affected self-signatures one second ahead.
291
Note that setting a photo user ID as primary makes it primary
292
over other photo user IDs, and setting a regular user ID as
293
primary makes it primary over other regular user IDs.
294
295
uid `n'
296
Toggle selection of user id with index `n'. Use 0 to
297
deselect all.
298
299
key `n'
300
Toggle selection of subkey with index `n'. Use 0 to deselect
301
all.
302
303
check
304
Check all selected user ids.
305
306
showphoto
307
Display the selected photographic user id.
308
309
pref
310
List preferences from the selected user ID. This shows the
311
actual preferences, without including any implied preferences.
312
313
showpref
314
More verbose preferences listing for the selected user ID.
315
This shows the preferences in effect by including the implied
316
preferences of 3DES (cipher), SHA-1 (digest), and
317
Uncompressed (compression) if they are not already included
318
in the preference list. In addition, the preferred keyserver
319
and signature notations (if any) are shown.
320
321
setpref `string'
322
Set the list of user ID preferences to `string' for all (or
323
just the selected) user IDs. Calling setpref with no
324
arguments sets the preference list to the default (either
325
built-in or set via -default-preference-list), and calling
326
setpref with "none" as the argument sets an empty preference
327
list. Use "gpg -version" to get a list of available
328
algorithms. Note that while you can change the preferences on
329
an attribute user ID (aka "photo ID"), GnuPG does not select
330
keys via attribute user IDs so these preferences will not be
331
used by GnuPG.
332
333
keyserver
334
Set a preferred keyserver for the specified user ID(s). This
335
allows other users to know where you prefer they get your key
336
from. See -keyserver-options honor-keyserver-url for more on
337
how this works. Setting a value of "none" removes an
338
existing preferred keyserver.
339
340
notation
341
Set a name=value notation for the specified user ID(s). See
342
-cert-notation for more on how this works. Setting a value of
343
"none" removes all notations, setting a notation prefixed
344
with a minus sign (-) removes that notation, and setting a
345
notation name (without the =value) prefixed with a minus sign
346
removes all notations with that name.
347
348
toggle
349
Toggle between public and secret key listing.
350
351
clean
352
Compact (by removing all signatures except the selfsig) any
353
user ID that is no longer usable (e.g. revoked, or expired).
354
Then, remove any signatures that are not usable by the trust
355
calculations. Specifically, this removes any signature that
356
does not validate, any signature that is superseded by a
357
later signature, revoked signatures, and signatures issued by
358
keys that are not present on the keyring.
359
360
minimize
361
Make the key as small as possible. This removes all
362
signatures from each user ID except for the most recent
363
self-signature.
364
365
cross-certify
366
Add cross-certification signatures to signing subkeys that
367
may not currently have them. Cross-certification signatures
368
protect against a subtle attack against signing subkeys. See
369
-require-cross-certification.
370
371
save
372
Save all changes to the key rings and quit.
373
374
quit
375
Quit the program without updating the key rings.
376
377
The listing shows you the key with its secondary keys and all user
378
ids. Selected keys or user ids are indicated by an asterisk. The
379
trust value is displayed with the primary key: the first is the
380
assigned owner trust and the second is the calculated trust value.
381
Letters are used for the values:
382
383
-
384
No ownertrust assigned / not yet calculated.
385
386
e
387
Trust calculation has failed; probably due to an expired key.
388
389
q
390
Not enough information for calculation.
391
392
n
393
Never trust this key.
394
395
m
396
Marginally trusted.
397
398
f
399
Fully trusted.
400
401
u
402
Ultimately trusted.
403
404
-card-edit
405
Present a menu to work with a smartcard. The subcommand "help"
406
provides an overview on available commands. For a detailed
407
description, please see the Card HOWTO at
408
http://www.gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO .
409
410
-card-status
411
Show the content of the smart card.
412
413
-change-pin
414
Present a menu to allow changing the PIN of a smartcard. This
415
functionality is also available as the subcommand "passwd" with the
416
-card-edit command.
417
418
-sign-key `name'
419
Signs a public key with your secret key. This is a shortcut
420
version of the subcommand "sign" from -edit.
421
422
-lsign-key `name'
423
Signs a public key with your secret key but marks it as
424
non-exportable. This is a shortcut version of the subcommand
425
"lsign" from -edit.
426
427
-delete-key `name'
428
Remove key from the public keyring. In batch mode either -yes is
429
required or the key must be specified by fingerprint. This is a
430
safeguard against accidental deletion of multiple keys.
431
432
-delete-secret-key `name'
433
Remove key from the secret and public keyring. In batch mode the
434
key must be specified by fingerprint.
435
436
-delete-secret-and-public-key `name'
437
Same as -delete-key, but if a secret key exists, it will be removed
438
first. In batch mode the key must be specified by fingerprint.
439
440
-gen-revoke `name'
441
Generate a revocation certificate for the complete key. To revoke
442
a subkey or a signature, use the -edit command.
443
444
-desig-revoke `name'
445
Generate a designated revocation certificate for a key. This
446
allows a user (with the permission of the keyholder) to revoke
447
someone else's key.
448
449
-export
450
Either export all keys from all keyrings (default keyrings and
451
those registered via option -keyring), or if at least one name is
452
given, those of the given name. The new keyring is written to
453
stdout or to the file given with option "output". Use together
454
with -armor to mail those keys.
455
456
-send-keys
457
Same as -export but sends the keys to a keyserver. Option
458
-keyserver must be used to give the name of this keyserver. Don't
459
send your complete keyring to a keyserver - select only those keys
460
which are new or changed by you.
461
462
-export-secret-keys
463
-export-secret-subkeys
464
Same as -export, but exports the secret keys instead. This is
465
normally not very useful and a security risk. The second form of
466
the command has the special property to render the secret part of
467
the primary key useless; this is a GNU extension to OpenPGP and
468
other implementations can not be expected to successfully import
469
such a key. See the option -simple-sk-checksum if you want to
470
import such an exported key with an older OpenPGP implementation.
471
472
-import
473
-fast-import
474
Import/merge keys. This adds the given keys to the keyring. The
475
fast version is currently just a synonym.
476
477
There are a few other options which control how this command works.
478
Most notable here is the -keyserver-options merge-only option which
479
does not insert new keys but does only the merging of new
480
signatures, user-IDs and subkeys.
481
482
-recv-keys `key IDs'
483
Import the keys with the given key IDs from a keyserver. Option
484
-keyserver must be used to give the name of this keyserver.
485
486
-refresh-keys
487
Request updates from a keyserver for keys that already exist on the
488
local keyring. This is useful for updating a key with the latest
489
signatures, user IDs, etc. Calling this with no arguments will
490
refresh the entire keyring. Option -keyserver must be used to give
491
the name of the keyserver for all keys that do not have preferred
492
keyservers set (see -keyserver-options honor-keyserver-url).
493
494
-search-keys `names'
495
Search the keyserver for the given names. Multiple names given here
496
will be joined together to create the search string for the
497
keyserver. Option -keyserver must be used to give the name of
498
this keyserver. Keyservers that support different search methods
499
allow using the syntax specified in "How to specify a user ID"
500
below. Note that different keyserver types support different
501
search methods. Currently only LDAP supports them all.
502
503
-fetch-keys `URIs'
504
Retrieve keys located at the specified URIs. Note that different
505
installations of GnuPG may support different protocols (HTTP, FTP,
506
LDAP, etc.)
507
508
-update-trustdb
509
Do trust database maintenance. This command iterates over all keys
510
and builds the Web of Trust. This is an interactive command
511
because it may have to ask for the "ownertrust" values for keys.
512
The user has to give an estimation of how far she trusts the owner
513
of the displayed key to correctly certify (sign) other keys. GnuPG
514
only asks for the ownertrust value if it has not yet been assigned
515
to a key. Using the -edit-key menu, the assigned value can be
516
changed at any time.
517
518
-check-trustdb
519
Do trust database maintenance without user interaction. From time
520
to time the trust database must be updated so that expired keys or
521
signatures and the resulting changes in the Web of Trust can be
522
tracked. Normally, GnuPG will calculate when this is required and
523
do it automatically unless -no-auto-check-trustdb is set. This
524
command can be used to force a trust database check at any time.
525
The processing is identical to that of -update-trustdb but it
526
skips keys with a not yet defined "ownertrust".
527
528
For use with cron jobs, this command can be used together with
529
-batch in which case the trust database check is done only if a
530
check is needed. To force a run even in batch mode add the option
531
-yes.
532
533
-export-ownertrust
534
Send the ownertrust values to stdout. This is useful for backup
535
purposes as these values are the only ones which can't be
536
re-created from a corrupted trust DB.
537
538
-import-ownertrust
539
Update the trustdb with the ownertrust values stored in `files'
540
(or stdin if not given); existing values will be overwritten.
541
542
-rebuild-keydb-caches
543
When updating from version 1.0.6 to 1.0.7 this command should be
544
used to create signature caches in the keyring. It might be handy
545
in other situations too.
546
547
-print-md `algo'
548
-print-mds
549
Print message digest of algorithm ALGO for all given files or
550
stdin. With the second form (or a deprecated "*" as algo) digests
551
for all available algorithms are printed.
552
553
-gen-random `0|1|2'
554
Emit COUNT random bytes of the given quality level. If count is
555
not given or zero, an endless sequence of random bytes will be
556
emitted. PLEASE, don't use this command unless you know what you
557
are doing; it may remove precious entropy from the system!
558
559
-gen-prime `mode' `bits'
560
Use the source, Luke :-). The output format is still subject to
561
change.
562
563
-version
564
Print version information along with a list of supported
565
algorithms.
566
567
-warranty
568
Print warranty information.
569
570
-h, -help
571
Print usage information. This is a really long list even though it
572
doesn't list all options. For every option, consult this manual.
573
574
OPTIONS
575
*******
576
577
Long options can be put in an options file (default
578
"~/.gnupg/gpg.conf"). Short option names will not work - for example,
579
"armor" is a valid option for the options file, while "a" is not. Do
580
not write the 2 dashes, but simply the name of the option and any
581
required arguments. Lines with a hash ('#') as the first
582
non-white-space character are ignored. Commands may be put in this file
583
too, but that is not generally useful as the command will execute
584
automatically with every execution of gpg.
585
586
`gpg' recognizes these options:
587
588
-a, -armor
589
Create ASCII armored output.
590
591
-o, -output `file'
592
Write output to `file'.
593
594
-max-output `n'
595
This option sets a limit on the number of bytes that will be
596
generated when processing a file. Since OpenPGP supports various
597
levels of compression, it is possible that the plaintext of a
598
given message may be significantly larger than the original
599
OpenPGP message. While GnuPG works properly with such messages,
600
there is often a desire to set a maximum file size that will be
601
generated before processing is forced to stop by the OS limits.
602
Defaults to 0, which means "no limit".
603
604
-mangle-dos-filenames
605
-no-mangle-dos-filenames
606
Older version of Windows cannot handle filenames with more than one
607
dot. -mangle-dos-filenames causes GnuPG to replace (rather than add
608
to) the extension of an output filename to avoid this problem. This
609
option is off by default and has no effect on non-Windows
610
platforms.
611
612
-u, -local-user `name'
613
Use `name' as the key to sign with. Note that this option
614
overrides -default-key.
615
616
-default-key `name'
617
Use `name' as the default key to sign with. If this option is not
618
used, the default key is the first key found in the secret keyring.
619
Note that -u or -local-user overrides this option.
620
621
-r, -recipient `name'
622
Encrypt for user id `name'. If this option or -hidden-recipient is
623
not specified, GnuPG asks for the user-id unless
624
-default-recipient is given.
625
626
-R, -hidden-recipient `name'
627
Encrypt for user ID `name', but hide the key ID of this user's
628
key. This option helps to hide the receiver of the message and is a
629
limited countermeasure against traffic analysis. If this option or
630
-recipient is not specified, GnuPG asks for the user ID unless
631
-default-recipient is given.
632
633
-default-recipient `name'
634
Use `name' as default recipient if option -recipient is not used
635
and don't ask if this is a valid one. `name' must be non-empty.
636
637
-default-recipient-self
638
Use the default key as default recipient if option -recipient is
639
not used and don't ask if this is a valid one. The default key is
640
the first one from the secret keyring or the one set with
641
-default-key.
642
643
-no-default-recipient
644
Reset -default-recipient and -default-recipient-self.
645
646
-encrypt-to `name'
647
Same as -recipient but this one is intended for use in the options
648
file and may be used with your own user-id as an
649
"encrypt-to-self". These keys are only used when there are other
650
recipients given either by use of -recipient or by the asked user
651
id. No trust checking is performed for these user ids and even
652
disabled keys can be used.
653
654
-hidden-encrypt-to `name'
655
Same as -hidden-recipient but this one is intended for use in the
656
options file and may be used with your own user-id as a hidden
657
"encrypt-to-self". These keys are only used when there are other
658
recipients given either by use of -recipient or by the asked user
659
id. No trust checking is performed for these user ids and even
660
disabled keys can be used.
661
662
-no-encrypt-to
663
Disable the use of all -encrypt-to and -hidden-encrypt-to keys.
664
665
-v, -verbose
666
Give more information during processing. If used twice, the input
667
data is listed in detail.
668
669
-q, -quiet
670
Try to be as quiet as possible.
671
672
-z `n'
673
-compress-level `n'
674
-bzip2-compress-level `n'
675
Set compression level to `n' for the ZIP and ZLIB compression
676
algorithms. The default is to use the default compression level of
677
zlib (normally 6). -bzip2-compress-level sets the compression level
678
for the BZIP2 compression algorithm (defaulting to 6 as well). This
679
is a different option from -compress-level since BZIP2 uses a
680
significant amount of memory for each additional compression level.
681
-z sets both. A value of 0 for `n' disables compression.
682
683
-bzip2-decompress-lowmem
684
Use a different decompression method for BZIP2 compressed files.
685
This alternate method uses a bit more than half the memory, but
686
also runs at half the speed. This is useful under extreme low
687
memory circumstances when the file was originally compressed at a
688
high -bzip2-compress-level.
689
690
-t, -textmode
691
-no-textmode
692
Treat input files as text and store them in the OpenPGP canonical
693
text form with standard "CRLF" line endings. This also sets the
694
necessary flags to inform the recipient that the encrypted or
695
signed data is text and may need its line endings converted back
696
to whatever the local system uses. This option is useful when
697
communicating between two platforms that have different line
698
ending conventions (UNIX-like to Mac, Mac to Windows, etc).
699
-no-textmode disables this option, and is the default.
700
701
If -t (but not -textmode) is used together with armoring and
702
signing, this enables clearsigned messages. This kludge is needed
703
for command-line compatibility with command-line versions of PGP;
704
normally you would use -sign or -clearsign to select the type of
705
the signature.
706
707
-n, -dry-run
708
Don't make any changes (this is not completely implemented).
709
710
-i, -interactive
711
Prompt before overwriting any files.
712
713
-batch
714
-no-batch
715
Use batch mode. Never ask, do not allow interactive commands.
716
-no-batch disables this option.
717
718
-no-tty
719
Make sure that the TTY (terminal) is never used for any output.
720
This option is needed in some cases because GnuPG sometimes prints
721
warnings to the TTY if -batch is used.
722
723
-yes
724
Assume "yes" on most questions.
725
726
-no
727
Assume "no" on most questions.
728
729
-ask-cert-level
730
-no-ask-cert-level
731
When making a key signature, prompt for a certification level. If
732
this option is not specified, the certification level used is set
733
via -default-cert-level. See -default-cert-level for information
734
on the specific levels and how they are used. -no-ask-cert-level
735
disables this option. This option defaults to no.
736
737
-default-cert-level `n'
738
The default to use for the check level when signing a key.
739
740
0 means you make no particular claim as to how carefully you
741
verified the key.
742
743
1 means you believe the key is owned by the person who claims to
744
own it but you could not, or did not verify the key at all. This is
745
useful for a "persona" verification, where you sign the key of a
746
pseudonymous user.
747
748
2 means you did casual verification of the key. For example, this
749
could mean that you verified that the key fingerprint and checked
750
the user ID on the key against a photo ID.
751
752
3 means you did extensive verification of the key. For example,
753
this could mean that you verified the key fingerprint with the
754
owner of the key in person, and that you checked, by means of a
755
hard to forge document with a photo ID (such as a passport) that
756
the name of the key owner matches the name in the user ID on the
757
key, and finally that you verified (by exchange of email) that the
758
email address on the key belongs to the key owner.
759
760
Note that the examples given above for levels 2 and 3 are just
761
that: examples. In the end, it is up to you to decide just what
762
"casual" and "extensive" mean to you.
763
764
This option defaults to 0 (no particular claim).
765
766
-min-cert-level
767
When building the trust database, treat any signatures with a
768
certification level below this as invalid. Defaults to 2, which
769
disregards level 1 signatures. Note that level 0 "no particular
770
claim" signatures are always accepted.
771
772
-trusted-key `long key ID'
773
Assume that the specified key (which must be given as a full 8
774
byte key ID) is as trustworthy as one of your own secret keys.
775
This option is useful if you don't want to keep your secret keys
776
(or one of them) online but still want to be able to check the
777
validity of a given recipient's or signator's key.
778
779
-trust-model `pgp|classic|direct|always|auto'
780
Set what trust model GnuPG should follow. The models are:
781
782
pgp
783
This is the Web of Trust combined with trust signatures as
784
used in PGP 5.x and later. This is the default trust model
785
when creating a new trust database.
786
787
classic
788
This is the standard Web of Trust as used in PGP 2.x and
789
earlier.
790
791
direct
792
Key validity is set directly by the user and not calculated
793
via the Web of Trust.
794
795
always
796
Skip key validation and assume that used keys are always fully
797
trusted. You generally won't use this unless you are using
798
some external validation scheme. This option also suppresses
799
the "[uncertain]" tag printed with signature checks when
800
there is no evidence that the user ID is bound to the key.
801
802
auto
803
Select the trust model depending on whatever the internal
804
trust database says. This is the default model if such a
805
database already exists.
806
807
-always-trust
808
Identical to `-trust-model always'. This option is deprecated.
809
810
-auto-key-locate `parameters'
811
-no-auto-key-locate
812
GnuPG can automatically locate and retrieve keys as needed using
813
this option. This happens when encrypting to an email address (in
814
the "user@example.com" form), and there are no user@example.com
815
keys on the local keyring. This option takes any number of the
816
following arguments, in the order they are to be tried:
817
818
cert
819
locate a key using DNS CERT, as specified in 2538bis
820
(currently in draft): http://www.josefsson.org/rfc2538bis/
821
822
pka
823
locate a key using DNS PKA.
824
825
ldap
826
locate a key using the PGP Universal method of checking
827
"ldap://keys.(thedomain)".
828
829
keyserver
830
locate a key using whatever keyserver is defined using the
831
-keyserver option.
832
833
(keyserver URL)
834
In addition, a keyserver URL as used in the -keyserver option
835
may be used here to query that particular keyserver.
836
837
-keyid-format `short|0xshort|long|0xlong'
838
Select how to display key IDs. "short" is the traditional
839
8-character key ID. "long" is the more accurate (but less
840
convenient) 16-character key ID. Add an "0x" to either to include
841
an "0x" at the beginning of the key ID, as in 0x99242560.
842
843
-keyserver `name'
844
Use `name' as your keyserver. This is the server that -recv-keys,
845
-send-keys, and -search-keys will communicate with to receive keys
846
from, send keys to, and search for keys on. The format of the
847
`name' is a URI: `scheme:[//]keyservername[:port]' The scheme is
848
the type of keyserver: "hkp" for the HTTP (or compatible)
849
keyservers, "ldap" for the LDAP keyservers, or "mailto" for the
850
Graff email keyserver. Note that your particular installation of
851
GnuPG may have other keyserver types available as well. Keyserver
852
schemes are case-insensitive. After the keyserver name, optional
853
keyserver configuration options may be provided. These are the
854
same as the global -keyserver-options from below, but apply only
855
to this particular keyserver.
856
857
Most keyservers synchronize with each other, so there is generally
858
no need to send keys to more than one server. The keyserver
859
"hkp://subkeys.pgp.net" uses round robin DNS to give a different
860
keyserver each time you use it.
861
862
-keyserver-options `name=value1 '
863
This is a space or comma delimited string that gives options for
864
the keyserver. Options can be prepended with a `no-' to give the
865
opposite meaning. Valid import-options or export-options may be
866
used here as well to apply to importing (-recv-key) or exporting
867
(-send-key) a key from a keyserver. While not all options are
868
available for all keyserver types, some common options are:
869
870
include-revoked
871
When searching for a key with -search-keys, include keys that
872
are marked on the keyserver as revoked. Note that not all
873
keyservers differentiate between revoked and unrevoked keys,
874
and for such keyservers this option is meaningless. Note also
875
that most keyservers do not have cryptographic verification
876
of key revocations, and so turning this option off may result
877
in skipping keys that are incorrectly marked as revoked.
878
879
include-disabled
880
When searching for a key with -search-keys, include keys that
881
are marked on the keyserver as disabled. Note that this
882
option is not used with HKP keyservers.
883
884
auto-key-retrieve
885
This option enables the automatic retrieving of keys from a
886
keyserver when verifying signatures made by keys that are not
887
on the local keyring.
888
889
Note that this option makes a "web bug" like behavior
890
possible. Keyserver operators can see which keys you
891
request, so by sending you a message signed by a brand new
892
key (which you naturally will not have on your local
893
keyring), the operator can tell both your IP address and the
894
time when you verified the signature.
895
896
honor-keyserver-url
897
When using -refresh-keys, if the key in question has a
898
preferred keyserver URL, then use that preferred keyserver to
899
refresh the key from. In addition, if auto-key-retrieve is
900
set, and the signature being verified has a preferred
901
keyserver URL, then use that preferred keyserver to fetch the
902
key from. Defaults to yes.
903
904
honor-pka-record
905
If auto-key-retrieve is set, and the signature being verified
906
has a PKA record, then use the PKA information to fetch the
907
key. Defaults to yes.
908
909
include-subkeys
910
When receiving a key, include subkeys as potential targets.
911
Note that this option is not used with HKP keyservers, as
912
they do not support retrieving keys by subkey id.
913
914
use-temp-files
915
On most Unix-like platforms, GnuPG communicates with the
916
keyserver helper program via pipes, which is the most
917
efficient method. This option forces GnuPG to use temporary
918
files to communicate. On some platforms (such as Win32 and
919
RISC OS), this option is always enabled.
920
921
keep-temp-files
922
If using `use-temp-files', do not delete the temp files after
923
using them. This option is useful to learn the keyserver
924
communication protocol by reading the temporary files.
925
926
verbose
927
Tell the keyserver helper program to be more verbose. This
928
option can be repeated multiple times to increase the
929
verbosity level.
930
931
timeout
932
Tell the keyserver helper program how long (in seconds) to
933
try and perform a keyserver action before giving up. Note
934
that performing multiple actions at the same time uses this
935
timeout value per action. For example, when retrieving
936
multiple keys via -recv-keys, the timeout applies separately
937
to each key retrieval, and not to the -recv-keys command as a
938
whole. Defaults to 30 seconds.
939
940
http-proxy
941
For HTTP-like keyserver schemes that (such as HKP and HTTP
942
itself), try to access the keyserver over a proxy. If a
943
`value' is specified, use this as the HTTP proxy. If no
944
`value' is specified, the value of the environment variable
945
"http_proxy", if any, will be used.
946
947
max-cert-size
948
When retrieving a key via DNS CERT, only accept keys up to
949
this size. Defaults to 16384 bytes.
950
951
-import-options `parameters'
952
This is a space or comma delimited string that gives options for
953
importing keys. Options can be prepended with a `no-' to give the
954
opposite meaning. The options are:
955
956
import-local-sigs
957
Allow importing key signatures marked as "local". This is not
958
generally useful unless a shared keyring scheme is being used.
959
Defaults to no.
960
961
repair-pks-subkey-bug
962
During import, attempt to repair the damage caused by the PKS
963
keyserver bug (pre version 0.9.6) that mangles keys with
964
multiple subkeys. Note that this cannot completely repair the
965
damaged key as some crucial data is removed by the keyserver,
966
but it does at least give you back one subkey. Defaults to no
967
for regular -import and to yes for keyserver -recv-keys.
968
969
merge-only
970
During import, allow key updates to existing keys, but do not
971
allow any new keys to be imported. Defaults to no.
972
973
import-clean
974
After import, compact (remove all signatures except the
975
self-signature) any user IDs from the new key that are not
976
usable. Then, remove any signatures from the new key that
977
are not usable. This includes signatures that were issued by
978
keys that are not present on the keyring. This option is the
979
same as running the -edit-key command "clean" after import.
980
Defaults to no.
981
982
import-minimal
983
Import the smallest key possible. This removes all signatures
984
except the most recent self-signature on each user ID. This
985
option is the same as running the -edit-key command
986
"minimize" after import. Defaults to no.
987
988
-export-options `parameters'
989
This is a space or comma delimited string that gives options for
990
exporting keys. Options can be prepended with a `no-' to give the
991
opposite meaning. The options are:
992
993
export-local-sigs
994
Allow exporting key signatures marked as "local". This is not
995
generally useful unless a shared keyring scheme is being used.
996
Defaults to no.
997
998
export-attributes
999
Include attribute user IDs (photo IDs) while exporting. This
1000
is useful to export keys if they are going to be used by an
1001
OpenPGP program that does not accept attribute user IDs.
1002
Defaults to yes.
1003
1004
export-sensitive-revkeys
1005
Include designated revoker information that was marked as
1006
"sensitive". Defaults to no.
1007
1008
export-reset-subkey-passwd
1009
When using the "-export-secret-subkeys" command, this option
1010
resets the passphrases for all exported subkeys to empty.
1011
This is useful when the exported subkey is to be used on an
1012
unattended machine where a passphrase doesn't necessarily
1013
make sense. Defaults to no.
1014
1015
export-clean
1016
Compact (remove all signatures from) user IDs on the key being
1017
exported if the user IDs are not usable. Also, do not export
1018
any signatures that are not usable. This includes signatures
1019
that were issued by keys that are not present on the keyring.
1020
This option is the same as running the -edit-key command
1021
"clean" before export except that the local copy of the key
1022
is not modified. Defaults to no.
1023
1024
export-minimal
1025
Export the smallest key possible. This removes all signatures
1026
except the most recent self-signature on each user ID. This
1027
option is the same as running the -edit-key command
1028
"minimize" before export except that the local copy of the
1029
key is not modified. Defaults to no.
1030
1031
-list-options `parameters'
1032
This is a space or comma delimited string that gives options used
1033
when listing keys and signatures (that is, -list-keys, -list-sigs,
1034
-list-public-keys, -list-secret-keys, and the -edit-key functions).
1035
Options can be prepended with a `no-' to give the opposite meaning.
1036
The options are:
1037
1038
show-photos
1039
Causes -list-keys, -list-sigs, -list-public-keys, and
1040
-list-secret-keys to display any photo IDs attached to the
1041
key. Defaults to no. See also -photo-viewer.
1042
1043
show-policy-urls
1044
Show policy URLs in the -list-sigs or -check-sigs listings.
1045
Defaults to no.
1046
1047
show-notations
1048
show-std-notations
1049
show-user-notations
1050
Show all, IETF standard, or user-defined signature notations
1051
in the -list-sigs or -check-sigs listings. Defaults to no.
1052
1053
show-keyserver-urls
1054
Show any preferred keyserver URL in the -list-sigs or
1055
-check-sigs listings. Defaults to no.
1056
1057
show-uid-validity
1058
Display the calculated validity of user IDs during key
1059
listings. Defaults to no.
1060
1061
show-unusable-uids
1062
Show revoked and expired user IDs in key listings. Defaults
1063
to no.
1064
1065
show-unusable-subkeys
1066
Show revoked and expired subkeys in key listings. Defaults to
1067
no.
1068
1069
show-keyring
1070
Display the keyring name at the head of key listings to show
1071
which keyring a given key resides on. Defaults to no.
1072
1073
show-sig-expire
1074
Show signature expiration dates (if any) during -list-sigs or
1075
-check-sigs listings. Defaults to no.
1076
1077
show-sig-subpackets
1078
Include signature subpackets in the key listing. This option
1079
can take an optional argument list of the subpackets to list.
1080
If no argument is passed, list all subpackets. Defaults to
1081
no. This option is only meaningful when using -with-colons
1082
along with -list-sigs or -check-sigs.
1083
1084
-verify-options `parameters'
1085
This is a space or comma delimited string that gives options used
1086
when verifying signatures. Options can be prepended with a `no-'
1087
to give the opposite meaning. The options are:
1088
1089
show-photos
1090
Display any photo IDs present on the key that issued the
1091
signature. Defaults to no. See also -photo-viewer.
1092
1093
show-policy-urls
1094
Show policy URLs in the signature being verified. Defaults to
1095
no.
1096
1097
show-notations
1098
show-std-notations
1099
show-user-notations
1100
Show all, IETF standard, or user-defined signature notations
1101
in the signature being verified. Defaults to IETF standard.
1102
1103
show-keyserver-urls
1104
Show any preferred keyserver URL in the signature being
1105
verified. Defaults to no.
1106
1107
show-uid-validity
1108
Display the calculated validity of the user IDs on the key
1109
that issued the signature. Defaults to no.
1110
1111
show-unusable-uids
1112
Show revoked and expired user IDs during signature
1113
verification. Defaults to no.
1114
1115
pka-lookups
1116
Enable PKA lookups to verify sender addresses. Note that PKA
1117
is based on DNS, and so enabling this option may disclose
1118
information on when and what signatures are verified or to
1119
whom data is encrypted. This is similar to the "web bug"
1120
described for the auto-key-retrieve feature.
1121
1122
pka-trust-increase
1123
Raise the trust in a signature to full if the signature
1124
passes PKA validation. This option is only meaningful if
1125
pka-lookups is set.
1126
1127
-enable-dsa2
1128
-disable-dsa2
1129
Enables new-style DSA keys which (unlike the old style) may be
1130
larger than 1024 bit and use hashes other than SHA-1 and
1131
RIPEMD/160. Note that very few programs currently support these
1132
keys and signatures from them.
1133
1134
-show-photos
1135
-no-show-photos
1136
Causes -list-keys, -list-sigs, -list-public-keys,
1137
-list-secret-keys, and verifying a signature to also display the
1138
photo ID attached to the key, if any. See also -photo-viewer. These
1139
options are deprecated. Use `-list-options [no-]show-photos' and/or
1140
`-verify-options [no-]show-photos' instead.
1141
1142
-photo-viewer `string'
1143
This is the command line that should be run to view a photo ID.
1144
"%i" will be expanded to a filename containing the photo. "%I"
1145
does the same, except the file will not be deleted once the viewer
1146
exits. Other flags are "%k" for the key ID, "%K" for the long key
1147
ID, "%f" for the key fingerprint, "%t" for the extension of the
1148
image type (e.g. "jpg"), "%T" for the MIME type of the image (e.g.
1149
"image/jpeg"), and "%%" for an actual percent sign. If neither %i
1150
or %I are present, then the photo will be supplied to the viewer
1151
on standard input.
1152
1153
The default viewer is "xloadimage -fork -quiet -title 'KeyID 0x%k'
1154
stdin". Note that if your image viewer program is not secure, then
1155
executing it from GnuPG does not make it secure.
1156
1157
-exec-path `string'
1158
Sets a list of directories to search for photo viewers and
1159
keyserver helpers. If not provided, keyserver helpers use the
1160
compiled-in default directory, and photo viewers use the $PATH
1161
environment variable. Note, that on W32 system this value is
1162
ignored when searching for keyserver helpers.
1163
1164
-show-keyring
1165
Display the keyring name at the head of key listings to show which
1166
keyring a given key resides on. This option is deprecated: use
1167
`-list-options [no-]show-keyring' instead.
1168
1169
-keyring `file'
1170
Add `file' to the current list of keyrings. If `file' begins with
1171
a tilde and a slash, these are replaced by the $HOME directory. If
1172
the filename does not contain a slash, it is assumed to be in the
1173
GnuPG home directory ("~/.gnupg" if -homedir or $GNUPGHOME is not
1174
used).
1175
1176
Note that this adds a keyring to the current list. If the intent is
1177
to use the specified keyring alone, use -keyring along with
1178
-no-default-keyring.
1179
1180
-secret-keyring `file'
1181
Same as -keyring but for the secret keyrings.
1182
1183
-primary-keyring `file'
1184
Designate `file' as the primary public keyring. This means that
1185
newly imported keys (via -import or keyserver -recv-from) will go
1186
to this keyring.
1187
1188
-trustdb-name `file'
1189
Use `file' instead of the default trustdb. If `file' begins with a
1190
tilde and a slash, these are replaced by the $HOME directory. If
1191
the filename does not contain a slash, it is assumed to be in the
1192
GnuPG home directory ("~/.gnupg" if -homedir or $GNUPGHOME is not
1193
used).
1194
1195
-homedir `directory'
1196
Set the name of the home directory to `directory' If this option
1197
is not used it defaults to "~/.gnupg". It does not make sense to
1198
use this in a options file. This also overrides the environment
1199
variable $GNUPGHOME.
1200
1201
-pcsc-driver `file'
1202
Use `file' to access the smartcard reader. The current default is
1203
`libpcsclite.so.1' for GLIBC based systems,
1204
`/System/Library/Frameworks/PCSC.framework/PCSC' for MAC OS X,
1205
`winscard.dll' for Windows and `libpcsclite.so' for other systems.
1206
1207
-ctapi-driver `file'
1208
Use `file' to access the smartcard reader. The current default is
1209
`libtowitoko.so'. Note that the use of this interface is
1210
deprecated; it may be removed in future releases.
1211
1212
-disable-ccid
1213
Disable the integrated support for CCID compliant readers. This
1214
allows to fall back to one of the other drivers even if the
1215
internal CCID driver can handle the reader. Note, that CCID
1216
support is only available if libusb was available at build time.
1217
1218
-reader-port `number_or_string'
1219
This option may be used to specify the port of the card terminal. A
1220
value of 0 refers to the first serial device; add 32768 to access
1221
USB devices. The default is 32768 (first USB device). PC/SC or CCID
1222
readers might need a string here; run the program in verbose mode
1223
to get a list of available readers. The default is then the first
1224
reader found.
1225
1226
-display-charset `name'
1227
Set the name of the native character set. This is used to convert
1228
some informational strings like user IDs to the proper UTF-8
1229
encoding. Note that this has nothing to do with the character set
1230
of data to be encrypted or signed; GnuPG does not recode user
1231
supplied data. If this option is not used, the default character
1232
set is determined from the current locale. A verbosity level of 3
1233
shows the chosen set. Valid values for `name' are:
1234
1235
iso-8859-1
1236
This is the Latin 1 set.
1237
1238
iso-8859-2
1239
The Latin 2 set.
1240
1241
iso-8859-15
1242
This is currently an alias for the Latin 1 set.
1243
1244
koi8-r
1245
The usual Russian set (rfc1489).
1246
1247
utf-8
1248
Bypass all translations and assume that the OS uses native
1249
UTF-8 encoding.
1250
1251
-utf8-strings
1252
-no-utf8-strings
1253
Assume that command line arguments are given as UTF8 strings. The
1254
default (-no-utf8-strings) is to assume that arguments are encoded
1255
in the character set as specified by -display-charset. These
1256
options affect all following arguments. Both options may be used
1257
multiple times.
1258
1259
-options `file'
1260
Read options from `file' and do not try to read them from the
1261
default options file in the homedir (see -homedir). This option is
1262
ignored if used in an options file.
1263
1264
-no-options
1265
Shortcut for "-options /dev/null". This option is detected before
1266
an attempt to open an option file. Using this option will also
1267
prevent the creation of a "~./gnupg" homedir.
1268
1269
-load-extension `name'
1270
Load an extension module. If `name' does not contain a slash it is
1271
searched for in the directory configured when GnuPG was built
1272
(generally "/usr/local/lib/gnupg"). Extensions are not generally
1273
useful anymore, and the use of this option is deprecated.
1274
1275
-debug `flags'
1276
Set debugging flags. All flags are or-ed and `flags' may be given
1277
in C syntax (e.g. 0x0042).
1278
1279
-debug-all
1280
Set all useful debugging flags.
1281
1282
-debug-ccid-driver
1283
Enable debug output from the included CCID driver for smartcards.
1284
Note that this option is only available on some system.
1285
1286
-enable-progress-filter
1287
Enable certain PROGRESS status outputs. This option allows
1288
frontends to display a progress indicator while gpg is processing
1289
larger files. There is a slight performance overhead using it.
1290
1291
-status-fd `n'
1292
Write special status strings to the file descriptor `n'. See the
1293
file DETAILS in the documentation for a listing of them.
1294
1295
-status-file `file'
1296
Same as -status-fd, except the status data is written to file
1297
`file'.
1298
1299
-logger-fd `n'
1300
Write log output to file descriptor `n' and not to stderr.
1301
1302
-logger-file `file'
1303
Same as -logger-fd, except the logger data is written to file
1304
`file'.
1305
1306
-attribute-fd `n'
1307
Write attribute subpackets to the file descriptor `n'. This is
1308
most useful for use with -status-fd, since the status messages are
1309
needed to separate out the various subpackets from the stream
1310
delivered to the file descriptor.
1311
1312
-attribute-file `file'
1313
Same as -attribute-fd, except the attribute data is written to file
1314
`file'.
1315
1316
-comment `string'
1317
-no-comments
1318
Use `string' as a comment string in clear text signatures and
1319
ASCII armored messages or keys (see -armor). The default behavior
1320
is not to use a comment string. -comment may be repeated multiple
1321
times to get multiple comment strings. -no-comments removes all
1322
comments. It is a good idea to keep the length of a single
1323
comment below 60 characters to avoid problems with mail programs
1324
wrapping such lines. Note that comment lines, like all other
1325
header lines, are not protected by the signature.
1326
1327
-emit-version
1328
-no-emit-version
1329
Force inclusion of the version string in ASCII armored output.
1330
-no-emit-version disables this option.
1331
1332
-sig-notation `name=value'
1333
-cert-notation `name=value'
1334
-N, -set-notation `name=value'
1335
Put the name value pair into the signature as notation data.
1336
`name' must consist only of printable characters or spaces, and
1337
must contain a '@' character in the form keyname@domain.example.com
1338
(substituting the appropriate keyname and domain name, of course).
1339
This is to help prevent pollution of the IETF reserved notation
1340
namespace. The -expert flag overrides the '@' check. `value' may
1341
be any printable string; it will be encoded in UTF8, so you should
1342
check that your -display-charset is set correctly. If you prefix
1343
`name' with an exclamation mark (!), the notation data will be
1344
flagged as critical (rfc2440:5.2.3.15). -sig-notation sets a
1345
notation for data signatures. -cert-notation sets a notation for
1346
key signatures (certifications). -set-notation sets both.
1347
1348
There are special codes that may be used in notation names. "%k"
1349
will be expanded into the key ID of the key being signed, "%K"
1350
into the long key ID of the key being signed, "%f" into the
1351
fingerprint of the key being signed, "%s" into the key ID of the
1352
key making the signature, "%S" into the long key ID of the key
1353
making the signature, "%g" into the fingerprint of the key making
1354
the signature (which might be a subkey), "%p" into the fingerprint
1355
of the primary key of the key making the signature, "%c" into the
1356
signature count from the OpenPGP smartcard, and "%%" results in a
1357
single "%". %k, %K, and %f are only meaningful when making a key
1358
signature (certification), and %c is only meaningful when using
1359
the OpenPGP smartcard.
1360
1361
-show-notation
1362
-no-show-notation
1363
Show signature notations in the -list-sigs or -check-sigs listings
1364
as well as when verifying a signature with a notation in it. These
1365
options are deprecated. Use `-list-options [no-]show-notation'
1366
and/or `-verify-options [no-]show-notation' instead.
1367
1368
-sig-policy-url `string'
1369
-cert-policy-url `string'
1370
-set-policy-url `string'
1371
Use `string' as a Policy URL for signatures (rfc2440:5.2.3.19).
1372
If you prefix it with an exclamation mark (!), the policy URL
1373
packet will be flagged as critical. -sig-policy-url sets a policy
1374
url for data signatures. -cert-policy-url sets a policy url for key
1375
signatures (certifications). -set-policy-url sets both.
1376
1377
The same %-expandos used for notation data are available here as
1378
well.
1379
1380
-show-policy-url
1381
-no-show-policy-url
1382
Show policy URLs in the -list-sigs or -check-sigs listings as well
1383
as when verifying a signature with a policy URL in it. These
1384
options are deprecated. Use `-list-options [no-]show-policy-url'
1385
and/or `-verify-options [no-]show-policy-url' instead.
1386
1387
-sig-keyserver-url `string'
1388
Use `string' as a preferred keyserver URL for data signatures. If
1389
you prefix it with an exclamation mark, the keyserver URL packet
1390
will be flagged as critical.
1391
1392
The same %-expandos used for notation data are available here as
1393
well.
1394
1395
-set-filename `string'
1396
Use `string' as the filename which is stored inside messages.
1397
This overrides the default, which is to use the actual filename of
1398
the file being encrypted.
1399
1400
-for-your-eyes-only
1401
-no-for-your-eyes-only
1402
Set the `for your eyes only' flag in the message. This causes GnuPG
1403
to refuse to save the file unless the -output option is given, and
1404
PGP to use the "secure viewer" with a Tempest-resistant font to
1405
display the message. This option overrides -set-filename.
1406
-no-for-your-eyes-only disables this option.
1407
1408
-use-embedded-filename
1409
-no-use-embedded-filename
1410
Try to create a file with a name as embedded in the data. This can
1411
be a dangerous option as it allows to overwrite files. Defaults to
1412
no.
1413
1414
-completes-needed `n'
1415
Number of completely trusted users to introduce a new key signer
1416
(defaults to 1).
1417
1418
-marginals-needed `n'
1419
Number of marginally trusted users to introduce a new key signer
1420
(defaults to 3)
1421
1422
-max-cert-depth `n'
1423
Maximum depth of a certification chain (default is 5).
1424
1425
-cipher-algo `name'
1426
Use `name' as cipher algorithm. Running the program with the
1427
command -version yields a list of supported algorithms. If this is
1428
not used the cipher algorithm is selected from the preferences
1429
stored with the key. In general, you do not want to use this
1430
option as it allows you to violate the OpenPGP standard.
1431
-personal-cipher-preferences is the safe way to accomplish the same
1432
thing.
1433
1434
-digest-algo `name'
1435
Use `name' as the message digest algorithm. Running the program
1436
with the command -version yields a list of supported algorithms. In
1437
general, you do not want to use this option as it allows you to
1438
violate the OpenPGP standard. -personal-digest-preferences is the
1439
safe way to accomplish the same thing.
1440
1441
-compress-algo `name'
1442
Use compression algorithm `name'. "zlib" is RFC-1950 ZLIB
1443
compression. "zip" is RFC-1951 ZIP compression which is used by
1444
PGP. "bzip2" is a more modern compression scheme that can
1445
compress some things better than zip or zlib, but at the cost of
1446
more memory used during compression and decompression.
1447
"uncompressed" or "none" disables compression. If this option is
1448
not used, the default behavior is to examine the recipient key
1449
preferences to see which algorithms the recipient supports. If all
1450
else fails, ZIP is used for maximum compatibility.
1451
1452
ZLIB may give better compression results than ZIP, as the
1453
compression window size is not limited to 8k. BZIP2 may give even
1454
better compression results than that, but will use a significantly
1455
larger amount of memory while compressing and decompressing. This
1456
may be significant in low memory situations. Note, however, that
1457
PGP (all versions) only supports ZIP compression. Using any
1458
algorithm other than ZIP or "none" will make the message
1459
unreadable with PGP. In general, you do not want to use this
1460
option as it allows you to violate the OpenPGP standard.
1461
-personal-compress-preferences is the safe way to accomplish the
1462
same thing.
1463
1464
-cert-digest-algo `name'
1465
Use `name' as the message digest algorithm used when signing a
1466
key. Running the program with the command -version yields a list of
1467
supported algorithms. Be aware that if you choose an algorithm that
1468
GnuPG supports but other OpenPGP implementations do not, then some
1469
users will not be able to use the key signatures you make, or quite
1470
possibly your entire key.
1471
1472
-s2k-cipher-algo `name'
1473
Use `name' as the cipher algorithm used to protect secret keys.
1474
The default cipher is CAST5. This cipher is also used for
1475
conventional encryption if -personal-cipher-preferences and
1476
-cipher-algo is not given.
1477
1478
-s2k-digest-algo `name'
1479
Use `name' as the digest algorithm used to mangle the passphrases.
1480
The default algorithm is SHA-1.
1481
1482
-s2k-mode `n'
1483
Selects how passphrases are mangled. If `n' is 0 a plain
1484
passphrase (which is not recommended) will be used, a 1 adds a
1485
salt to the passphrase and a 3 (the default) iterates the whole
1486
process a couple of times. Unless -rfc1991 is used, this mode is
1487
also used for conventional encryption.
1488
1489
-simple-sk-checksum
1490
Secret keys are integrity protected by using a SHA-1 checksum. This
1491
method is part of the upcoming enhanced OpenPGP specification but
1492
GnuPG already uses it as a countermeasure against certain attacks.
1493
Old applications don't understand this new format, so this option
1494
may be used to switch back to the old behaviour. Using this option
1495
bears a security risk. Note that using this option only takes
1496
effect when the secret key is encrypted - the simplest way to make
1497
this happen is to change the passphrase on the key (even changing
1498
it to the same value is acceptable).
1499
1500
-disable-cipher-algo `name'
1501
Never allow the use of `name' as cipher algorithm. The given name
1502
will not be checked so that a later loaded algorithm will still
1503
get disabled.
1504
1505
-disable-pubkey-algo `name'
1506
Never allow the use of `name' as public key algorithm. The given
1507
name will not be checked so that a later loaded algorithm will
1508
still get disabled.
1509
1510
-no-sig-cache
1511
Do not cache the verification status of key signatures. Caching
1512
gives a much better performance in key listings. However, if you
1513
suspect that your public keyring is not save against write
1514
modifications, you can use this option to disable the caching. It
1515
probably does not make sense to disable it because all kind of
1516
damage can be done if someone else has write access to your public
1517
keyring.
1518
1519
-no-sig-create-check
1520
GnuPG normally verifies each signature right after creation to
1521
protect against bugs and hardware malfunctions which could leak
1522
out bits from the secret key. This extra verification needs some
1523
time (about 115% for DSA keys), and so this option can be used to
1524
disable it. However, due to the fact that the signature creation
1525
needs manual interaction, this performance penalty does not matter
1526
in most settings.
1527
1528
-auto-check-trustdb
1529
-no-auto-check-trustdb
1530
If GnuPG feels that its information about the Web of Trust has to
1531
be updated, it automatically runs the -check-trustdb command
1532
internally. This may be a time consuming process.
1533
-no-auto-check-trustdb disables this option.
1534
1535
-throw-keyids
1536
-no-throw-keyids
1537
Do not put the recipient key IDs into encrypted messages. This
1538
helps to hide the receivers of the message and is a limited
1539
countermeasure against traffic analysis. On the receiving side, it
1540
may slow down the decryption process because all available secret
1541
keys must be tried. -no-throw-keyids disables this option. This
1542
option is essentially the same as using -hidden-recipient for all
1543
recipients.
1544
1545
-not-dash-escaped
1546
This option changes the behavior of cleartext signatures so that
1547
they can be used for patch files. You should not send such an
1548
armored file via email because all spaces and line endings are
1549
hashed too. You can not use this option for data which has 5
1550
dashes at the beginning of a line, patch files don't have this. A
1551
special armor header line tells GnuPG about this cleartext
1552
signature option.
1553
1554
-escape-from-lines
1555
-no-escape-from-lines
1556
Because some mailers change lines starting with "From " to ">From
1557
" it is good to handle such lines in a special way when creating
1558
cleartext signatures to prevent the mail system from breaking the
1559
signature. Note that all other PGP versions do it this way too.
1560
Enabled by default. -no-escape-from-lines disables this option.
1561
1562
-passphrase-fd `n'
1563
Read the passphrase from file descriptor `n'. Only the first line
1564
will be read from file descriptor `n'. If you use 0 for `n', the
1565
passphrase will be read from stdin. This can only be used if only
1566
one passphrase is supplied.
1567
1568
-passphrase-file `file'
1569
Read the passphrase from file `file'. Only the first line will be
1570
read from file `file'. This can only be used if only one
1571
passphrase is supplied. Obviously, a passphrase stored in a file is
1572
of questionable security if other users can read this file. Don't
1573
use this option if you can avoid it.
1574
1575
-passphrase `string'
1576
Use `string' as the passphrase. This can only be used if only one
1577
passphrase is supplied. Obviously, this is of very questionable
1578
security on a multi-user system. Don't use this option if you can
1579
avoid it.
1580
1581
-command-fd `n'
1582
This is a replacement for the deprecated shared-memory IPC mode.
1583
If this option is enabled, user input on questions is not expected
1584
from the TTY but from the given file descriptor. It should be used
1585
together with -status-fd. See the file doc/DETAILS in the source
1586
distribution for details on how to use it.
1587
1588
-command-file `file'
1589
Same as -command-fd, except the commands are read out of file
1590
`file'
1591
1592
-use-agent
1593
-no-use-agent
1594
Try to use the GnuPG-Agent. Please note that this agent is still
1595
under development. With this option, GnuPG first tries to connect
1596
to the agent before it asks for a passphrase. -no-use-agent
1597
disables this option.
1598
1599
-gpg-agent-info
1600
Override the value of the environment variable `GPG_AGENT_INFO'.
1601
This is only used when -use-agent has been given
1602
1603
Compliance options
1604
These options control what GnuPG is compliant to. Only one of these
1605
options may be active at a time. Note that the default setting of
1606
this is nearly always the correct one. See the INTEROPERABILITY
1607
WITH OTHER OPENPGP PROGRAMS section below before using one of these
1608
options.
1609
1610
-gnupg
1611
Use standard GnuPG behavior. This is essentially OpenPGP
1612
behavior (see -openpgp), but with some additional workarounds
1613
for common compatibility problems in different versions of
1614
PGP. This is the default option, so it is not generally
1615
needed, but it may be useful to override a different
1616
compliance option in the gpg.conf file.
1617
1618
-openpgp
1619
Reset all packet, cipher and digest options to strict OpenPGP
1620
behavior. Use this option to reset all previous options like
1621
-rfc1991, -force-v3-sigs, -s2k-*, -cipher-algo, -digest-algo
1622
and -compress-algo to OpenPGP compliant values. All PGP
1623
workarounds are disabled.
1624
1625
-rfc2440
1626
Reset all packet, cipher and digest options to strict RFC-2440
1627
behavior. Note that this is currently the same thing as
1628
-openpgp.
1629
1630
-rfc1991
1631
Try to be more RFC-1991 (PGP 2.x) compliant.
1632
1633
-pgp2
1634
Set up all options to be as PGP 2.x compliant as possible,
1635
and warn if an action is taken (e.g. encrypting to a non-RSA
1636
key) that will create a message that PGP 2.x will not be able
1637
to handle. Note that `PGP 2.x' here means `MIT PGP 2.6.2'.
1638
There are other versions of PGP 2.x available, but the MIT
1639
release is a good common baseline.
1640
1641
This option implies `-rfc1991 -disable-mdc -no-force-v4-certs
1642
-no-sk-comment -escape-from-lines -force-v3-sigs
1643
-no-ask-sig-expire -no-ask-cert-expire -cipher-algo IDEA
1644
-digest-algo MD5 -compress-algo 1'. It also disables -textmode
1645
when encrypting.
1646
1647
-pgp6
1648
Set up all options to be as PGP 6 compliant as possible. This
1649
restricts you to the ciphers IDEA (if the IDEA plugin is
1650
installed), 3DES, and CAST5, the hashes MD5, SHA1 and
1651
RIPEMD160, and the compression algorithms none and ZIP. This
1652
also disables -throw-keyids, and making signatures with
1653
signing subkeys as PGP 6 does not understand signatures made
1654
by signing subkeys.
1655
1656
This option implies `-disable-mdc -no-sk-comment
1657
-escape-from-lines -force-v3-sigs -no-ask-sig-expire'
1658
1659
-pgp7
1660
Set up all options to be as PGP 7 compliant as possible. This
1661
is identical to -pgp6 except that MDCs are not disabled, and
1662
the list of allowable ciphers is expanded to add AES128,
1663
AES192, AES256, and TWOFISH.
1664
1665
-pgp8
1666
Set up all options to be as PGP 8 compliant as possible. PGP
1667
8 is a lot closer to the OpenPGP standard than previous
1668
versions of PGP, so all this does is disable -throw-keyids
1669
and set -escape-from-lines. All algorithms are allowed
1670
except for the SHA224, SHA384, and SHA512 digests.
1671
1672
-force-v3-sigs
1673
-no-force-v3-sigs
1674
OpenPGP states that an implementation should generate v4 signatures
1675
but PGP versions 5 through 7 only recognize v4 signatures on key
1676
material. This option forces v3 signatures for signatures on data.
1677
Note that this option overrides -ask-sig-expire, as v3 signatures
1678
cannot have expiration dates. -no-force-v3-sigs disables this
1679
option.
1680
1681
-force-v4-certs
1682
-no-force-v4-certs
1683
Always use v4 key signatures even on v3 keys. This option also
1684
changes the default hash algorithm for v3 RSA keys from MD5 to
1685
SHA-1. -no-force-v4-certs disables this option.
1686
1687
-force-mdc
1688
Force the use of encryption with a modification detection code.
1689
This is always used with the newer ciphers (those with a blocksize
1690
greater than 64 bits), or if all of the recipient keys indicate
1691
MDC support in their feature flags.
1692
1693
-disable-mdc
1694
Disable the use of the modification detection code. Note that by
1695
using this option, the encrypted message becomes vulnerable to a
1696
message modification attack.
1697
1698
-allow-non-selfsigned-uid
1699
-no-allow-non-selfsigned-uid
1700
Allow the import and use of keys with user IDs which are not
1701
self-signed. This is not recommended, as a non self-signed user ID
1702
is trivial to forge. -no-allow-non-selfsigned-uid disables.
1703
1704
-allow-freeform-uid
1705
Disable all checks on the form of the user ID while generating a
1706
new one. This option should only be used in very special
1707
environments as it does not ensure the de-facto standard format of
1708
user IDs.
1709
1710
-ignore-time-conflict
1711
GnuPG normally checks that the timestamps associated with keys and
1712
signatures have plausible values. However, sometimes a signature
1713
seems to be older than the key due to clock problems. This option
1714
makes these checks just a warning. See also -ignore-valid-from for
1715
timestamp issues on subkeys.
1716
1717
-ignore-valid-from
1718
GnuPG normally does not select and use subkeys created in the
1719
future. This option allows the use of such keys and thus exhibits
1720
the pre-1.0.7 behaviour. You should not use this option unless you
1721
there is some clock problem. See also -ignore-time-conflict for
1722
timestamp issues with signatures.
1723
1724
-ignore-crc-error
1725
The ASCII armor used by OpenPGP is protected by a CRC checksum
1726
against transmission errors. Occasionally the CRC gets mangled
1727
somewhere on the transmission channel but the actual content
1728
(which is protected by the OpenPGP protocol anyway) is still okay.
1729
This option allows GnuPG to ignore CRC errors.
1730
1731
-ignore-mdc-error
1732
This option changes a MDC integrity protection failure into a
1733
warning. This can be useful if a message is partially corrupt,
1734
but it is necessary to get as much data as possible out of the
1735
corrupt message. However, be aware that a MDC protection failure
1736
may also mean that the message was tampered with intentionally by
1737
an attacker.
1738
1739
-lock-once
1740
Lock the databases the first time a lock is requested and do not
1741
release the lock until the process terminates.
1742
1743
-lock-multiple
1744
Release the locks every time a lock is no longer needed. Use this
1745
to override a previous -lock-once from a config file.
1746
1747
-lock-never
1748
Disable locking entirely. This option should be used only in very
1749
special environments, where it can be assured that only one process
1750
is accessing those files. A bootable floppy with a stand-alone
1751
encryption system will probably use this. Improper usage of this
1752
option may lead to data and key corruption.
1753
1754
-exit-on-status-write-error
1755
This option will cause write errors on the status FD to immediately
1756
terminate the process. That should in fact be the default but it
1757
never worked this way and thus we need an option to enable this, so
1758
that the change won't break applications which close their end of a
1759
status fd connected pipe too early. Using this option along with
1760
-enable-progress-filter may be used to cleanly cancel long running
1761
gpg operations.
1762
1763
-limit-card-insert-tries `n'
1764
With `n' greater than 0 the number of prompts asking to insert a
1765
smartcard gets limited to N-1. Thus with a value of 1 gpg won't at
1766
all ask to insert a card if none has been inserted at startup. This
1767
option is useful in the configuration file in case an application
1768
does not know about the smartcard support and waits ad infinitum
1769
for an inserted card.
1770
1771
-no-random-seed-file
1772
GnuPG uses a file to store its internal random pool over
1773
invocations. This makes random generation faster; however
1774
sometimes write operations are not desired. This option can be
1775
used to achieve that with the cost of slower random generation.
1776
1777
-no-verbose
1778
Reset verbose level to 0.
1779
1780
-no-greeting
1781
Suppress the initial copyright message.
1782
1783
-no-secmem-warning
1784
Suppress the warning about "using insecure memory".
1785
1786
-no-permission-warning
1787
Suppress the warning about unsafe file and home directory
1788
(-homedir) permissions. Note that the permission checks that GnuPG
1789
performs are not intended to be authoritative, but rather they
1790
simply warn about certain common permission problems. Do not
1791
assume that the lack of a warning means that your system is secure.
1792
1793
Note that the warning for unsafe -homedir permissions cannot be
1794
suppressed in the gpg.conf file, as this would allow an attacker to
1795
place an unsafe gpg.conf file in place, and use this file to
1796
suppress warnings about itself. The -homedir permissions warning
1797
may only be suppressed on the command line.
1798
1799
-no-mdc-warning
1800
Suppress the warning about missing MDC integrity protection.
1801
1802
-require-secmem
1803
-no-require-secmem
1804
Refuse to run if GnuPG cannot get secure memory. Defaults to no
1805
(i.e. run, but give a warning).
1806
1807
-no-armor
1808
Assume the input data is not in ASCII armored format.
1809
1810
-no-default-keyring
1811
Do not add the default keyrings to the list of keyrings. Note that
1812
GnuPG will not operate without any keyrings, so if you use this
1813
option and do not provide alternate keyrings via -keyring or
1814
-secret-keyring, then GnuPG will still use the default public or
1815
secret keyrings.
1816
1817
-skip-verify
1818
Skip the signature verification step. This may be used to make the
1819
decryption faster if the signature verification is not needed.
1820
1821
-with-colons
1822
Print key listings delimited by colons. Note that the output will
1823
be encoded in UTF-8 regardless of any -display-charset setting.
1824
This format is useful when GnuPG is called from scripts and other
1825
programs as it is easily machine parsed. The details of this
1826
format are documented in the file doc/DETAILS, which is included
1827
in the GnuPG source distribution.
1828
1829
-with-key-data
1830
Print key listings delimited by colons (like -with-colons) and
1831
print the public key data.
1832
1833
-with-fingerprint
1834
Same as the command -fingerprint but changes only the format of
1835
the output and may be used together with another command.
1836
1837
-fast-list-mode
1838
Changes the output of the list commands to work faster; this is
1839
achieved by leaving some parts empty. Some applications don't need
1840
the user ID and the trust information given in the listings. By
1841
using this options they can get a faster listing. The exact
1842
behaviour of this option may change in future versions.
1843
1844
-fixed-list-mode
1845
Do not merge primary user ID and primary key in -with-colon listing
1846
mode and print all timestamps as seconds since 1970-01-01.
1847
1848
-list-only
1849
Changes the behaviour of some commands. This is like -dry-run but
1850
different in some cases. The semantic of this command may be
1851
extended in the future. Currently it only skips the actual
1852
decryption pass and therefore enables a fast listing of the
1853
encryption keys.
1854
1855
-no-literal
1856
This is not for normal use. Use the source to see for what it
1857
might be useful.
1858
1859
-set-filesize
1860
This is not for normal use. Use the source to see for what it
1861
might be useful.
1862
1863
-show-session-key
1864
Display the session key used for one message. See
1865
-override-session-key for the counterpart of this option.
1866
1867
We think that Key Escrow is a Bad Thing; however the user should
1868
have the freedom to decide whether to go to prison or to reveal
1869
the content of one specific message without compromising all
1870
messages ever encrypted for one secret key. DON'T USE IT UNLESS
1871
YOU ARE REALLY FORCED TO DO SO.
1872
1873
-override-session-key `string'
1874
Don't use the public key but the session key `string'. The format
1875
of this string is the same as the one printed by
1876
-show-session-key. This option is normally not used but comes
1877
handy in case someone forces you to reveal the content of an
1878
encrypted message; using this option you can do this without
1879
handing out the secret key.
1880
1881
-require-cross-certification
1882
-no-require-certification
1883
When verifying a signature made from a subkey, ensure that the
1884
cross certification "back signature" on the subkey is present and
1885
valid. This protects against a subtle attack against subkeys that
1886
can sign. Currently defaults to -no-require-cross-certification,
1887
but will be changed to -require-cross-certification in the future.
1888
1889
-ask-sig-expire
1890
-no-ask-sig-expire
1891
When making a data signature, prompt for an expiration time. If
1892
this option is not specified, the expiration time set via
1893
-default-sig-expire is used. -no-ask-sig-expire disables this
1894
option. Note that by default, -force-v3-sigs is set which also
1895
disables this option. If you want signature expiration, you must
1896
set -no-force-v3-sigs as well as turning -ask-sig-expire on.
1897
1898
-default-sig-expire
1899
The default expiration time to use for signature expiration. Valid
1900
values are "0" for no expiration, a number followed by the letter d
1901
(for days), w (for weeks), m (for months), or y (for years) (for
1902
example "2m" for two months, or "5y" for five years), or an
1903
absolute date in the form YYYY-MM-DD. Defaults to "0".
1904
1905
-ask-cert-expire
1906
-no-ask-cert-expire
1907
When making a key signature, prompt for an expiration time. If this
1908
option is not specified, the expiration time set via
1909
-default-cert-expire is used. -no-ask-cert-expire disables this
1910
option.
1911
1912
-default-cert-expire
1913
The default expiration time to use for key signature expiration.
1914
Valid values are "0" for no expiration, a number followed by the
1915
letter d (for days), w (for weeks), m (for months), or y (for
1916
years) (for example "2m" for two months, or "5y" for five years),
1917
or an absolute date in the form YYYY-MM-DD. Defaults to "0".
1918
1919
-expert
1920
-no-expert
1921
Allow the user to do certain nonsensical or "silly" things like
1922
signing an expired or revoked key, or certain potentially
1923
incompatible things like generating unusual key types. This also
1924
disables certain warning messages about potentially incompatible
1925
actions. As the name implies, this option is for experts only. If
1926
you don't fully understand the implications of what it allows you
1927
to do, leave this off. -no-expert disables this option.
1928
1929
-allow-secret-key-import
1930
This is an obsolete option and is not used anywhere.
1931
1932
-try-all-secrets
1933
Don't look at the key ID as stored in the message but try all
1934
secret keys in turn to find the right decryption key. This option
1935
forces the behaviour as used by anonymous recipients (created by
1936
using -throw-keyids) and might come handy in case where an
1937
encrypted message contains a bogus key ID.
1938
1939
-allow-multisig-verification
1940
Allow verification of concatenated signed messages. This will run a
1941
signature verification for each data+signature block. There are
1942
some security issues with this option and thus it is off by
1943
default. Note that versions of GPG prior to version 1.4.3
1944
implicitly allowed this.
1945
1946
-enable-special-filenames
1947
This options enables a mode in which filenames of the form `-&n',
1948
where n is a non-negative decimal number, refer to the file
1949
descriptor n and not to a file with that name.
1950
1951
-no-expensive-trust-checks
1952
Experimental use only.
1953
1954
-group `name=value1 '
1955
Sets up a named group, which is similar to aliases in email
1956
programs. Any time the group name is a recipient (-r or
1957
-recipient), it will be expanded to the values specified. Multiple
1958
groups with the same name are automatically merged into a single
1959
group.
1960
1961
The values are `key IDs' or fingerprints, but any key description
1962
is accepted. Note that a value with spaces in it will be treated as
1963
two different values. Note also there is only one level of
1964
expansion - you cannot make an group that points to another group.
1965
When used from the command line, it may be necessary to quote the
1966
argument to this option to prevent the shell from treating it as
1967
multiple arguments.
1968
1969
-ungroup `name'
1970
Remove a given entry from the -group list.
1971
1972
-no-groups
1973
Remove all entries from the -group list.
1974
1975
-preserve-permissions
1976
Don't change the permissions of a secret keyring back to user
1977
read/write only. Use this option only if you really know what you
1978
are doing.
1979
1980
-personal-cipher-preferences `string'
1981
Set the list of personal cipher preferences to `string', this list
1982
should be a string similar to the one printed by the command
1983
"pref" in the edit menu. This allows the user to factor in their
1984
own preferred algorithms when algorithms are chosen via recipient
1985
key preferences. The most highly ranked cipher in this list is
1986
also used for the -symmetric encryption command.
1987
1988
-personal-digest-preferences `string'
1989
Set the list of personal digest preferences to `string', this list
1990
should be a string similar to the one printed by the command
1991
"pref" in the edit menu. This allows the user to factor in their
1992
own preferred algorithms when algorithms are chosen via recipient
1993
key preferences. The most highly ranked digest algorithm in this
1994
list is algo used when signing without encryption (e.g. -clearsign
1995
or -sign). The default value is SHA-1.
1996
1997
-personal-compress-preferences `string'
1998
Set the list of personal compression preferences to `string', this
1999
list should be a string similar to the one printed by the command
2000
"pref" in the edit menu. This allows the user to factor in their
2001
own preferred algorithms when algorithms are chosen via recipient
2002
key preferences. The most highly ranked algorithm in this list is
2003
also used when there are no recipient keys to consider (e.g.
2004
-symmetric).
2005
2006
-default-preference-list `string'
2007
Set the list of default preferences to `string'. This preference
2008
list is used for new keys and becomes the default for "setpref" in
2009
the edit menu.
2010
2011
-default-keyserver-url `name'
2012
Set the default keyserver URL to `name'. This keyserver will be
2013
used as the keyserver URL when writing a new self-signature on a
2014
key, which includes key generation and changing preferences.
2015
2016
-list-config
2017
Display various internal configuration parameters of GnuPG. This
2018
option is intended for external programs that call GnuPG to perform
2019
tasks, and is thus not generally useful. See the file
2020
`doc/DETAILS' in the source distribution for the details of which
2021
configuration items may be listed. -list-config is only usable
2022
with -with-colons set.
2023
2024
How to specify a user ID
2025
************************
2026
2027
There are different ways to specify a user ID to GnuPG; here are some
2028
examples:
2029
2030
2031
2032
234567C4
2033
0F34E556E
2034
01347A56A
2035
0xAB123456
2036
Here the key ID is given in the usual short form.
2037
2038
234AABBCC34567C4
2039
0F323456784E56EAB
2040
01AB3FED1347A5612
2041
0x234AABBCC34567C4
2042
Here the key ID is given in the long form as used by OpenPGP (you
2043
can get the long key ID using the option -with-colons).
2044
2045
1234343434343434C434343434343434
2046
123434343434343C3434343434343734349A3434
2047
0E12343434343434343434EAB3484343434343434
2048
0xE12343434343434343434EAB3484343434343434
2049
The best way to specify a key ID is by using the fingerprint of
2050
the key. This avoids any ambiguities in case that there are
2051
duplicated key IDs (which are really rare for the long key IDs).
2052
2053
=Heinrich Heine <heinrichh@uni-duesseldorf.de>
2054
Using an exact to match string. The equal sign indicates this.
2055
2056
<heinrichh@uni-duesseldorf.de>
2057
Using the email address part which must match exactly. The left
2058
angle bracket indicates this email address mode.
2059
2060
@heinrichh
2061
Match within the <email.address> part of a user ID. The at sign
2062
indicates this email address mode.
2063
2064
Heine
2065
*Heine
2066
By case insensitive substring matching. This is the default mode
2067
but applications may want to explicitly indicate this by putting
2068
the asterisk in front.
2069
2070
Note that you can append an exclamation mark (!) to key IDs or
2071
fingerprints. This flag tells GnuPG to use the specified primary or
2072
secondary key and not to try and calculate which primary or secondary
2073
key to use.
2074
2075
RETURN VALUE
2076
************
2077
2078
The program returns 0 if everything was fine, 1 if at least a signature
2079
was bad, and other error codes for fatal errors.
2080
2081
EXAMPLES
2082
********
2083
2084
gpg -se -r `Bob' `file'
2085
sign and encrypt for user Bob
2086
2087
gpg -clearsign `file'
2088
make a clear text signature
2089
2090
gpg -sb `file'
2091
make a detached signature
2092
2093
gpg -list-keys `user_ID'
2094
show keys
2095
2096
gpg -fingerprint `user_ID'
2097
show fingerprint
2098
2099
gpg -verify `pgpfile'
2100
gpg -verify `sigfile'
2101
Verify the signature of the file but do not output the data. The
2102
second form is used for detached signatures, where `sigfile' is
2103
the detached signature (either ASCII armored or binary) and are
2104
the signed data; if this is not given, the name of the file
2105
holding the signed data is constructed by cutting off the
2106
extension (".asc" or ".sig") of `sigfile' or by asking the user
2107
for the filename.
2108
2109
ENVIRONMENT
2110
***********
2111
2112
HOME
2113
Used to locate the default home directory.
2114
2115
GNUPGHOME
2116
If set directory used instead of "~/.gnupg".
2117
2118
GPG_AGENT_INFO
2119
Used to locate the gpg-agent; only honored when -use-agent is set.
2120
The value consists of 3 colon delimited fields: The first is the
2121
path to the Unix Domain Socket, the second the PID of the
2122
gpg-agent and the protocol version which should be set to 1. When
2123
starting the gpg-agent as described in its documentation, this
2124
variable is set to the correct value. The option -gpg-agent-info
2125
can be used to override it.
2126
2127
COLUMNS
2128
LINES
2129
Used to size some displays to the full size of the screen.
2130
2131
FILES
2132
*****
2133
2134
~/.gnupg/secring.gpg
2135
The secret keyring
2136
2137
~/.gnupg/secring.gpg.lock
2138
and the lock file
2139
2140
~/.gnupg/pubring.gpg
2141
The public keyring
2142
2143
~/.gnupg/pubring.gpg.lock
2144
and the lock file
2145
2146
~/.gnupg/trustdb.gpg
2147
The trust database
2148
2149
~/.gnupg/trustdb.gpg.lock
2150
and the lock file
2151
2152
~/.gnupg/random_seed
2153
used to preserve the internal random pool
2154
2155
~/.gnupg/gpg.conf
2156
Default configuration file
2157
2158
~/.gnupg/options
2159
Old style configuration file; only used when gpg.conf is not found
2160
2161
/usr[/local]/share/gnupg/options.skel
2162
Skeleton options file
2163
2164
/usr[/local]/lib/gnupg/
2165
Default location for extensions
2166
2167
WARNINGS
2168
********
2169
2170
Use a *good* password for your user account and a *good* passphrase to
2171
protect your secret key. This passphrase is the weakest part of the
2172
whole system. Programs to do dictionary attacks on your secret keyring
2173
are very easy to write and so you should protect your "~/.gnupg/"
2174
directory very well.
2175
2176
Keep in mind that, if this program is used over a network (telnet),
2177
it is *very* easy to spy out your passphrase!
2178
2179
If you are going to verify detached signatures, make sure that the
2180
program knows about it; either give both filenames on the command line
2181
or use `-' to specify stdin.
2182
2183
INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS
2184
********************************************
2185
2186
GnuPG tries to be a very flexible implementation of the OpenPGP
2187
standard. In particular, GnuPG implements many of the optional parts of
2188
the standard, such as the SHA-512 hash, and the ZLIB and BZIP2
2189
compression algorithms. It is important to be aware that not all
2190
OpenPGP programs implement these optional algorithms and that by
2191
forcing their use via the -cipher-algo, -digest-algo,
2192
-cert-digest-algo, or -compress-algo options in GnuPG, it is possible
2193
to create a perfectly valid OpenPGP message, but one that cannot be
2194
read by the intended recipient.
2195
2196
There are dozens of variations of OpenPGP programs available, and
2197
each supports a slightly different subset of these optional algorithms.
2198
For example, until recently, no (unhacked) version of PGP supported the
2199
BLOWFISH cipher algorithm. A message using BLOWFISH simply could not be
2200
read by a PGP user. By default, GnuPG uses the standard OpenPGP
2201
preferences system that will always do the right thing and create
2202
messages that are usable by all recipients, regardless of which OpenPGP
2203
program they use. Only override this safe default if you really know
2204
what you are doing.
2205
2206
If you absolutely must override the safe default, or if the
2207
preferences on a given key are invalid for some reason, you are far
2208
better off using the -pgp6, -pgp7, or -pgp8 options. These options are
2209
safe as they do not force any particular algorithms in violation of
2210
OpenPGP, but rather reduce the available algorithms to a "PGP-safe"
2211
list.
2212
2213
BUGS
2214
****
2215
2216
On many systems this program should be installed as setuid(root). This
2217
is necessary to lock memory pages. Locking memory pages prevents the
2218
operating system from writing memory pages (which may contain
2219
passphrases or other sensitive material) to disk. If you get no warning
2220
message about insecure memory your operating system supports locking
2221
without being root. The program drops root privileges as soon as locked
2222
memory is allocated.
2223
2224
2225
2226
Tag Table:
2227
Node: Top204
2228
2229
End Tag Table
Loggerhead is a web-based interface for Breezy
Version: 2.0.1