18
Many commands and options require a <firstterm>key specifier</firstterm>.
19
A key specifier is the key ID or any portion of ther user ID of
21
Consider the following example.
24
<prompt>alice%</prompt> <userinput>gpg --list-keys chloe</userinput>
25
pub 1024D/B87DBA93 1999-06-28 Chloe (Jester) <chloe@cyb.org>
26
uid Chloe (Plebian) <chloe@tel.net>
27
sub 2048g/B7934539 1999-06-28
30
For this key, <literal>0xB87DBA93</literal>,
31
<literal>Chloe</literal>,
32
<literal>Plebian</literal>, and
33
<literal>oe@tel</literal>
34
are all examples of key specifiers that match the above key.
39
<refentry id="send-keys">
45
send keys to a key server
52
send-keys <replaceable class="parameter">key</replaceable>
62
This command sends a public key to a keyserver.
63
The parameter <replaceable class="parameter">key</replaceable> specifies
64
the public key that should be uploaded.
65
The command requires the option
66
<link linkend="keyserver"><option>keyserver</option></link> to specify
67
to which keyserver &gpg; should send the keys.
72
<refentry id="recv-keys">
78
retrieve keys from a key server
83
<option>recv-keys</option> <replaceable class="parameter">key-id key-id ...</replaceable>
93
This command downloads one or more public keys from a keyserver.
94
Each <replaceable class="parameter">key-id</replaceable> is a key ID.
95
The command requires the option
96
<link linkend="keyserver"><option>keyserver</option></link> to
97
specify from which keyserver &gpg; should download the keys.
102
<refentry id="encrypt">
113
<option>encrypt</option> <replaceable class="parameter">filename</replaceable>
123
This command encrypts the document
124
<replaceable class="parameter">filename</replaceable> to
125
recipients specified using the
126
option <link linkend="recipient"><option>recipient</option></link>.
127
If the parameter <replaceable class="parameter">filename</replaceable>
128
is omitted, then the document to encrypt is taken from standard input.
129
If the option <option>recipient</option> is omitted,
130
&gpg; will prompt for a recipient.
131
If the option <link linkend="output"><option>output</option></link> is used,
132
&gpg; will output the encrypted information to the specified file.
137
<refentry id="decrypt">
143
decrypt an encrypted document
148
<option>decrypt</option> <replaceable class="parameter">filename</replaceable>
158
This command decrypts <replaceable class="parameter">filename</replaceable>
159
and puts the result on standard output.
160
If the parameter <replaceable class="parameter">filename</replaceable>
161
is omitted, then the document to decrypt is taken from standard input.
162
Use the option <link linkend="output"><option>output</option></link>
163
to output the decrypted message to a file instead.
169
<refentry id="clearsign">
175
make a cleartext signature
180
<option>clearsign</option> <replaceable class="parameter">filename</replaceable>
190
This command signs a message that can be verified to ensure that the
191
original message has not been changed.
192
Verification of the signed message is done using the command
193
<link linkend="verify"><option>verify</option></link>.
199
<refentry id="fingerprint">
205
display key fingerprints
210
<option>fingerprint</option> <replaceable class="parameter">name ...</replaceable>
220
This command prints the fingerprints of the specified public keys.
221
The parameter <replaceable class="parameter">name</replaceable> is a
223
If no parameter <replaceable class="parameter">name</replaceable> is
224
provided, &gpg; will print the fingerprints of all the keys on
230
<refentry id="detach-sig">
236
make a detached signature
241
<option>detach-sig</option> <replaceable class="parameter">filename</replaceable>
251
This command creates a signature file that can be used
252
to verify that the orginal file
253
<replaceable class="parameter">filename</replaceable> has not
255
Verification of the file using a detached signature is done using the
256
command <link linkend="verify"><option>verify</option></link>.
261
<refentry id="gen-key">
267
generate a new keypair
272
<option>gen-key</option>
282
This command generates a private/public key pair for use in encrypting,
283
decrypting, and signing of messages.
284
You will br prompted for the kind of key you wish to create, the key
285
size, and the key's expiration date.
290
<refentry id="symmetric">
296
encrypt a document using only a symmetric encryption algorithm
301
<option>symmetric</option> <replaceable class="parameter">filename</replaceable>
311
This command encrypts a document using a symmetric algorithm with
312
a key derived from a passphrase supplied by you during execution.
313
The key should be selected to make it difficult to randomly guess the key.
314
To decrypt a document encrypted in this manner use the command.
315
<link linkend="decrypt"><option>decrypt</option></link>.
320
<refentry id="list-keys">
326
list information about the specified keys
331
<option>list-keys</option> <replaceable class="parameter">key ...</replaceable>
341
This command lists the public key specified by the key specifiers on the
343
If no key specifier is given, &gpg; will print all of the keys on the
349
<refentry id="import">
355
import keys to a local keyring
360
<option>import</option> <replaceable class="parameter">filename</replaceable>
370
This command imports one or more public keys onto the user's public
371
keyring from the file <replaceable class="parameter">filename</replaceable>.
376
<refentry id="verify">
382
verify a signed document
387
<option>verify</option> <replaceable class="parameter">signature document</replaceable>
397
This command verifies a document against a signature
398
to ensure that the document has not been altered since the signature
400
If <replaceable class="parameter">signature</replaceable> is omitted,
401
&gpg; will look in <replaceable class="parameter">document</replaceable>
402
for a clearsign signature.
407
<refentry id="gen-revoke">
413
generate a revocation certificate for a public/private keypair
418
<option>gen-revoke</option> <replaceable class="parameter">key</replaceable>
428
This command generates a revocation certificate for a public/private
430
The parameter <replaceable class="parameter">key</replaceable> is
436
<refentry id="export">
442
export keys from a local keyring
447
<option>export</option> <replaceable class="parameter">key key ...</replaceable>
457
This command exports the public keys components of the keys specified
458
by the key specifiers <replaceable class="parameter">key key ...</replaceable>.
459
The export command by default sends its output to standard output.
460
This key file can later be imported into another keyring using the command
461
<link linkend="import"><option>import</option></link>.
466
<refentry id="edit-key">
472
presents a menu for operating on keys
477
<option>edit-key</option> <replaceable class="parameter">key</replaceable>
487
This command presents a menu which enables you to perform
489
The key specifier <replaceable class="parameter">key</replaceable>
490
specifies the key pair to be edited.
491
If the specifier matches more than one key pair, &gpg; issues
496
Key listings displayed during key editing show the key with its
497
secondary keys and all user ids.
498
Selected keys or user ids are indicated by an asterisk.
499
The trust and validity values are displayed with the primary key:
500
the first is the assigned trust and the second is the
502
Letters are used for the values:
505
<tgroup cols="2" rowsep="1" colsep="1">
508
<entry>Letter</entry>
509
<entry>Meaning</entry>
518
No ownertrust assigned / not yet calculated.
526
Trust calculation has failed.
535
Not enough information for calculation.
544
Never trust this key.
580
The following lists each key editing command and a description
590
Makes a signature on the current key.
591
If th key is not yet signed by the default user or the user
592
given with the option
593
<link linkend="local-user"><option>local-user</option></link>,
594
the program displays the information of the key again, together with
595
its fingerprint and asks whether it should be signed.
596
This question is repeated for all users specified with the option
597
<option>local-user</option>.
601
<refsect2 id="lsign">
607
Same as <link linkend="sign">sign</link>, but the signature is
608
marked as non-exportable and will therefore never be used by others.
609
This may be used to make keys valid only in the local environment.
613
<refsect2 id="revsig">
620
Asks for each signature makde by a one of the private keys whether
621
a revocation certificate should be generated.
625
<refsect2 id="trust">
631
Change the owner trust value.
632
This updates the trust database immediately and no save is required.
636
<refsect2 id="disable">
643
A disabled key cannot normally be used for encryption.
647
<refsect2 id="enable">
653
Enable a key that has been previously
654
<link linkend="disable">disabled</link>.
658
<refsect2 id="adduid">
664
Add a new user id to the current key.
668
<refsect2 id="deluid">
674
Delete a user id from the current key.
678
<refsect2 id="addkey">
684
Add a new subkey to the current key.
688
<refsect2 id="delkey">
694
Delete a subkey from the current key.
698
<refsect2 id="revkey">
704
Revoke a subkey of the current key.
708
<refsect2 id="expire">
714
Change a key expiration time.
715
If a subkey is selected, the time of that key will be changed.
716
With no selection the expiration time of the current primary key is changed.
726
Toggle selection of subkey with index n.
727
Use 0 to deselect all.
737
Toggle selection of user id with index n.
738
Use 0 to deselect all.
742
<refsect2 id="passwd">
748
Change the passphrase of the private key of the selected key pair.
752
<refsect2 id="toggle">
758
Toggle between public and private key listings.
762
<refsect2 id="check">
768
Check all selected user ids.
788
Save all changes to the current key and quit.
798
Quit without updating the current key.