361 lines
14 KiB
Markdown
361 lines
14 KiB
Markdown
|
[Source](https://www.gnupg.org/gph/en/manual/book1.html "Permalink to ")
|
|||
|
|
|||
|
# The GNU Privacy Handbook
|
|||
|
|
|||
|
Copyright 1999 by The Free Software Foundation
|
|||
|
|
|||
|
Please direct questions, bug reports, or suggesstions concerning this manual to the maintainer, Mike Ashley (`<[jashley@acm.org][1]>`). Contributors to this manual also include Matthew Copeland, Joergen Grahn, and David A. Wheeler. J Horacio MG has translated the manual to Spanish.
|
|||
|
|
|||
|
This manual may be redistributed under the terms of the [GNU General Public License][2].
|
|||
|
|
|||
|
* * *
|
|||
|
|
|||
|
**Table of Contents**
|
|||
|
1\. [Getting Started][3]
|
|||
|
:
|
|||
|
|
|||
|
[Generating a new keypair][4]
|
|||
|
:
|
|||
|
|
|||
|
[Generating a revocation certificate][5]
|
|||
|
|
|||
|
[Exchanging keys][6]
|
|||
|
:
|
|||
|
|
|||
|
[Exporting a public key][7]
|
|||
|
[Importing a public key][8]
|
|||
|
|
|||
|
[Encrypting and decrypting documents][9]
|
|||
|
[Making and verifying signatures][10]
|
|||
|
:
|
|||
|
|
|||
|
[Clearsigned documents][11]
|
|||
|
[Detached signatures][12]
|
|||
|
|
|||
|
2\. [Concepts][13]
|
|||
|
:
|
|||
|
|
|||
|
[Symmetric ciphers][14]
|
|||
|
[Public-key ciphers][15]
|
|||
|
[Hybrid ciphers][16]
|
|||
|
[Digital signatures][17]
|
|||
|
|
|||
|
3\. [Key Management][18]
|
|||
|
:
|
|||
|
|
|||
|
[Managing your own keypair][19]
|
|||
|
:
|
|||
|
|
|||
|
[Key integrity][20]
|
|||
|
[Adding and deleting key components][21]
|
|||
|
[Revoking key components][22]
|
|||
|
[Updating a key's expiration time][23]
|
|||
|
|
|||
|
[Validating other keys on your public keyring][24]
|
|||
|
:
|
|||
|
|
|||
|
[Trust in a key's owner][25]
|
|||
|
[Using trust to validate keys][26]
|
|||
|
|
|||
|
[Distributing keys][27]
|
|||
|
|
|||
|
4\. [Daily use of GnuPG][28]
|
|||
|
:
|
|||
|
|
|||
|
[Defining your security needs][29]
|
|||
|
:
|
|||
|
|
|||
|
[Choosing a key size][30]
|
|||
|
[Protecting your private key][31]
|
|||
|
[Selecting expiration dates and using subkeys][32]
|
|||
|
[Managing your web of trust][33]
|
|||
|
|
|||
|
[Building your web of trust][34]
|
|||
|
[Using GnuPG legally][35]
|
|||
|
|
|||
|
5\. [Topics][36]
|
|||
|
:
|
|||
|
|
|||
|
[Writing user interfaces][37]
|
|||
|
|
|||
|
I. [Command Reference][38]
|
|||
|
:
|
|||
|
|
|||
|
[sign][39] — sign a document
|
|||
|
[detach-signature][40] — make a detached signature
|
|||
|
[encrypt][41] — encrypt a document
|
|||
|
[symmetric][42] — encrypt a document using only a symmetric encryption algorithm
|
|||
|
[decrypt][43] — decrypt an encrypted document
|
|||
|
[clearsign][44] — make a cleartext signature
|
|||
|
[verify][45] — verify a signed document
|
|||
|
[gen-key][46] — generate a new keypair
|
|||
|
[gen-revoke][47] — generate a revocation certificate for a public/private keypair
|
|||
|
[send-keys][48] — send keys to a key server
|
|||
|
[recv-keys][49] — retrieve keys from a key server
|
|||
|
[list-keys][50] — list information about keys
|
|||
|
[list-public-keys][51] — list keys on public keyrings
|
|||
|
[list-secret-keys][52] — list keys on secret keyrings
|
|||
|
[list-sigs][53] — list information about keys including signatures
|
|||
|
[check-sigs][54] — list information about keys including validated signatures
|
|||
|
[fingerprint][55] — display key fingerprints
|
|||
|
[import][56] — import keys to a local keyring
|
|||
|
[fast-import][57] — import/merge keys
|
|||
|
[export][58] — export keys from a local keyring
|
|||
|
[export-all][59] — export all public keys
|
|||
|
[export-secret-keys][60] — export secret keys
|
|||
|
[edit-key][61] — presents a menu for operating on keys
|
|||
|
[sign-key][62] — sign a public key with a private key
|
|||
|
[lsign-key][63] — locally sign a public key with a private key
|
|||
|
[delete-key][64] — remove a public key
|
|||
|
[delete-secret-key][65] — remove a public and private key
|
|||
|
[store][66] — make only simple rfc1991 packets
|
|||
|
[export-ownertrust][67] — export assigned owner-trust values
|
|||
|
[import-ownertrust][68] — import owner-trust values
|
|||
|
[update-trustdb][69] — update the trust database
|
|||
|
[print-md][70] — display message digests
|
|||
|
[gen-random][71] — generate random data
|
|||
|
[gen-prime][72] — ?
|
|||
|
[version][73] — display version information
|
|||
|
[warranty][74] — display warranty information
|
|||
|
[help][75] — display usage information
|
|||
|
|
|||
|
II. [Options Reference][76]
|
|||
|
:
|
|||
|
|
|||
|
[keyserver][77] — specify the keyserver to use to locate keys
|
|||
|
[output][78] — specify the file in which to place output
|
|||
|
[recipient][79] — specify the recipient of a public-key encrypted document
|
|||
|
[default-recipient][80] — specify the default recipient of a public-key encrypted document
|
|||
|
[default-recipient-self][81] — use the default key user ID as the default recipient of a public-key encrypted document
|
|||
|
[no-default-recipient][82] — ignore the options default-recipient and default-recipient-self
|
|||
|
[encrypt-to][83] — specify an additional recipient of a public-key encrypted document
|
|||
|
[no-encrypt-to][84] — ignore the option encrypt-to
|
|||
|
[armor][85] — ASCII-armor encrypted or signed output
|
|||
|
[no-armor][86] — assume input data is not ASCII armored
|
|||
|
[no-greeting][87] — suppress the opening copyright notice but do not enter batch mode
|
|||
|
[no-secmem-warning][88] — suppress warnings if insecure memory is used
|
|||
|
[batch][89] — use batch mode
|
|||
|
[no-batch][90] — disable batch mode
|
|||
|
[local-user][91] — specifies a user id to use for signing
|
|||
|
[default-key][92] — specifies a user ID as a default user ID for signatures
|
|||
|
[completes-needed][93] — specifies the number of fully-trusted people needed to validate a new key.
|
|||
|
[marginals-needed][94] — specifies the number of marginally-trusted people needed to validate a new key.
|
|||
|
[load-extension][95] — specifies an extension to load.
|
|||
|
[rfc1991][96] — try to be more RFC1991 (PGP 2.x) compliant
|
|||
|
[allow-non-selfsigned-uid][97] — allow the import of keys with user IDs which are not self-signed
|
|||
|
[cipher-algo][98] — use a specified algorithm as the symmetric cipher
|
|||
|
[compress-algo][99] — use a specified compression algorithm
|
|||
|
[z][100] — set compression level
|
|||
|
[verbose][101] — provide additional information during processing
|
|||
|
[no-verbose][102] — resets verbosity to none
|
|||
|
[quiet][103] — supress informational output
|
|||
|
[textmode][104] — use canonical text mode
|
|||
|
[dry-run][105] — do not make changes
|
|||
|
[interactive][106] — prompt before overwriting files
|
|||
|
[yes][107] — assume ``yes'' to most questions
|
|||
|
[no][108] — assume ``no'' to most questions
|
|||
|
[always-trust][109] — skip key validation
|
|||
|
[skip-verify][110] — skip signature verification
|
|||
|
[keyring][111] — add a keyring to the list of keyrings
|
|||
|
[secret-keyring][112] — add a secret keyring
|
|||
|
[no-default-keyring][113] — do not add the default keyrings to the list of keyrings
|
|||
|
[homedir][114] — set the home directory
|
|||
|
[charset][115] — set the name of the native character set.
|
|||
|
[no-literal][116] — ?
|
|||
|
[set-filesize][117] — ?
|
|||
|
[with-fingerprint][118] — modifies key listing output
|
|||
|
[with-colons][119] — modifies key listing output
|
|||
|
[with-key-data][120] — modifies key listing output
|
|||
|
[lock-once][121] — locks the databases once
|
|||
|
[lock-multiple][122] — locks the databases each time they are used
|
|||
|
[passphrase-fd][123] — read the passphrase from a different input stream
|
|||
|
[force-mdc][124] — force the use of encryption with appended manipulation code
|
|||
|
[force-v3-sigs][125] — force the use of v3 signatures on data
|
|||
|
[openpgp][126] — reset all packet, cipher, and digest options to the OpenPGP specification
|
|||
|
[utf8-strings][127] — assume that arguments are provided as UTF8 strings
|
|||
|
[no-utf8-strings][128] — assume that arguments are not provided as UTF8 strings
|
|||
|
[no-options][129] — use no options file
|
|||
|
[debug][130] — set debug flags
|
|||
|
[debug-all][131] — set all useful debugging flags
|
|||
|
[status-fd][132] — write status messages to an alternative output stream
|
|||
|
[logger-fd][133] — write log messages to an alternative output stream
|
|||
|
[no-comment][134] — do not write comment packets
|
|||
|
[comment][135] — set the comment string to use in cleartext signatures
|
|||
|
[default-comment][136] — use the standard comment string in cleartext signatures
|
|||
|
[no-version][137] — omit the version string in clear text signatures
|
|||
|
[emit-version][138] — emit the version string in cleartext signatures
|
|||
|
[notation-data][139] — add data to a signature as notation data
|
|||
|
[set-policy-url][140] — set the policy URL for signatures
|
|||
|
[set-filename][141] — sets the filename stored in encrypted or signed messages
|
|||
|
[use-embedded-filename][142] — use the filename embedded in a message for storing its plaintext or verified version
|
|||
|
[max-cert-depth][143] — set the maximum depth of a certification chain
|
|||
|
[digest-algo][144] — set the message digest algorithm
|
|||
|
[s2k-cipher-algo][145] — use a specified algorithm as the symmetric cipher for encrypting private keys
|
|||
|
[s2k-digest-algo][146] — set the message digest algorithm for mangling passphrases protecting private keys
|
|||
|
[s2k-mode][147] — sets how passphrases are mangled
|
|||
|
[disable-cipher-algo][148] — prevents a symmetric cipher from being used
|
|||
|
[disable-pubkey-algo][149] — prevents a public key cipher from being used
|
|||
|
[throw-keyid][150] — do not put key IDs into encrypted packets
|
|||
|
[not-dash-escaped][151] — changes the format of cleartext signatures
|
|||
|
[escape-from-lines][152] — modifies messages beginning with ``From'' when cleartext signing
|
|||
|
|
|||
|
* * *
|
|||
|
|
|||
|
| ----- |
|
|||
|
| | | [Next][3] |
|
|||
|
| | | Getting Started |
|
|||
|
|
|||
|
[1]: mailto:jashley%40acm.org
|
|||
|
[2]: http://www.gnu.org/copyleft/gpl.html
|
|||
|
[3]: https://www.gnupg.org/c14.html
|
|||
|
[4]: https://www.gnupg.org/c14.html#AEN25
|
|||
|
[5]: https://www.gnupg.org/c14.html#REVOCATION
|
|||
|
[6]: https://www.gnupg.org/x56.html
|
|||
|
[7]: https://www.gnupg.org/x56.html#AEN64
|
|||
|
[8]: https://www.gnupg.org/x56.html#AEN83
|
|||
|
[9]: https://www.gnupg.org/x110.html
|
|||
|
[10]: https://www.gnupg.org/x135.html
|
|||
|
[11]: https://www.gnupg.org/x135.html#AEN152
|
|||
|
[12]: https://www.gnupg.org/x135.html#AEN160
|
|||
|
[13]: https://www.gnupg.org/c173.html
|
|||
|
[14]: https://www.gnupg.org/c173.html#AEN184
|
|||
|
[15]: https://www.gnupg.org/x195.html
|
|||
|
[16]: https://www.gnupg.org/x209.html
|
|||
|
[17]: https://www.gnupg.org/x215.html
|
|||
|
[18]: https://www.gnupg.org/c235.html
|
|||
|
[19]: https://www.gnupg.org/c235.html#AEN243
|
|||
|
[20]: https://www.gnupg.org/c235.html#AEN266
|
|||
|
[21]: https://www.gnupg.org/c235.html#AEN281
|
|||
|
[22]: https://www.gnupg.org/c235.html#AEN304
|
|||
|
[23]: https://www.gnupg.org/c235.html#AEN328
|
|||
|
[24]: https://www.gnupg.org/x334.html
|
|||
|
[25]: https://www.gnupg.org/x334.html#AEN345
|
|||
|
[26]: https://www.gnupg.org/x334.html#AEN384
|
|||
|
[27]: https://www.gnupg.org/x457.html
|
|||
|
[28]: https://www.gnupg.org/c481.html
|
|||
|
[29]: https://www.gnupg.org/c481.html#AEN487
|
|||
|
[30]: https://www.gnupg.org/c481.html#AEN501
|
|||
|
[31]: https://www.gnupg.org/c481.html#AEN506
|
|||
|
[32]: https://www.gnupg.org/c481.html#AEN519
|
|||
|
[33]: https://www.gnupg.org/c481.html#AEN526
|
|||
|
[34]: https://www.gnupg.org/x547.html
|
|||
|
[35]: https://www.gnupg.org/x557.html
|
|||
|
[36]: https://www.gnupg.org/c562.html
|
|||
|
[37]: https://www.gnupg.org/c562.html#AEN567
|
|||
|
[38]: https://www.gnupg.org/r590.html
|
|||
|
[39]: https://www.gnupg.org/r606.html
|
|||
|
[40]: https://www.gnupg.org/r622.html
|
|||
|
[41]: https://www.gnupg.org/r636.html
|
|||
|
[42]: https://www.gnupg.org/r656.html
|
|||
|
[43]: https://www.gnupg.org/r669.html
|
|||
|
[44]: https://www.gnupg.org/r684.html
|
|||
|
[45]: https://www.gnupg.org/r697.html
|
|||
|
[46]: https://www.gnupg.org/r711.html
|
|||
|
[47]: https://www.gnupg.org/r721.html
|
|||
|
[48]: https://www.gnupg.org/r733.html
|
|||
|
[49]: https://www.gnupg.org/r747.html
|
|||
|
[50]: https://www.gnupg.org/r762.html
|
|||
|
[51]: https://www.gnupg.org/r774.html
|
|||
|
[52]: https://www.gnupg.org/r786.html
|
|||
|
[53]: https://www.gnupg.org/r798.html
|
|||
|
[54]: https://www.gnupg.org/r810.html
|
|||
|
[55]: https://www.gnupg.org/r822.html
|
|||
|
[56]: https://www.gnupg.org/r836.html
|
|||
|
[57]: https://www.gnupg.org/r848.html
|
|||
|
[58]: https://www.gnupg.org/r861.html
|
|||
|
[59]: https://www.gnupg.org/r875.html
|
|||
|
[60]: https://www.gnupg.org/r887.html
|
|||
|
[61]: https://www.gnupg.org/r899.html
|
|||
|
[62]: https://www.gnupg.org/r1007.html
|
|||
|
[63]: https://www.gnupg.org/r1020.html
|
|||
|
[64]: https://www.gnupg.org/r1033.html
|
|||
|
[65]: https://www.gnupg.org/r1045.html
|
|||
|
[66]: https://www.gnupg.org/r1057.html
|
|||
|
[67]: https://www.gnupg.org/r1067.html
|
|||
|
[68]: https://www.gnupg.org/r1078.html
|
|||
|
[69]: https://www.gnupg.org/r1090.html
|
|||
|
[70]: https://www.gnupg.org/r1100.html
|
|||
|
[71]: https://www.gnupg.org/r1114.html
|
|||
|
[72]: https://www.gnupg.org/r1129.html
|
|||
|
[73]: https://www.gnupg.org/r1142.html
|
|||
|
[74]: https://www.gnupg.org/r1152.html
|
|||
|
[75]: https://www.gnupg.org/r1162.html
|
|||
|
[76]: https://www.gnupg.org/r1172.html
|
|||
|
[77]: https://www.gnupg.org/r1182.html
|
|||
|
[78]: https://www.gnupg.org/r1197.html
|
|||
|
[79]: https://www.gnupg.org/r1208.html
|
|||
|
[80]: https://www.gnupg.org/r1223.html
|
|||
|
[81]: https://www.gnupg.org/r1235.html
|
|||
|
[82]: https://www.gnupg.org/r1248.html
|
|||
|
[83]: https://www.gnupg.org/r1261.html
|
|||
|
[84]: https://www.gnupg.org/r1278.html
|
|||
|
[85]: https://www.gnupg.org/r1290.html
|
|||
|
[86]: https://www.gnupg.org/r1300.html
|
|||
|
[87]: https://www.gnupg.org/r1310.html
|
|||
|
[88]: https://www.gnupg.org/r1320.html
|
|||
|
[89]: https://www.gnupg.org/r1330.html
|
|||
|
[90]: https://www.gnupg.org/r1341.html
|
|||
|
[91]: https://www.gnupg.org/r1353.html
|
|||
|
[92]: https://www.gnupg.org/r1365.html
|
|||
|
[93]: https://www.gnupg.org/r1377.html
|
|||
|
[94]: https://www.gnupg.org/r1390.html
|
|||
|
[95]: https://www.gnupg.org/r1403.html
|
|||
|
[96]: https://www.gnupg.org/r1414.html
|
|||
|
[97]: https://www.gnupg.org/r1424.html
|
|||
|
[98]: https://www.gnupg.org/r1434.html
|
|||
|
[99]: https://www.gnupg.org/r1449.html
|
|||
|
[100]: https://www.gnupg.org/r1460.html
|
|||
|
[101]: https://www.gnupg.org/r1472.html
|
|||
|
[102]: https://www.gnupg.org/r1482.html
|
|||
|
[103]: https://www.gnupg.org/r1494.html
|
|||
|
[104]: https://www.gnupg.org/r1504.html
|
|||
|
[105]: https://www.gnupg.org/r1514.html
|
|||
|
[106]: https://www.gnupg.org/r1524.html
|
|||
|
[107]: https://www.gnupg.org/r1534.html
|
|||
|
[108]: https://www.gnupg.org/r1544.html
|
|||
|
[109]: https://www.gnupg.org/r1554.html
|
|||
|
[110]: https://www.gnupg.org/r1564.html
|
|||
|
[111]: https://www.gnupg.org/r1574.html
|
|||
|
[112]: https://www.gnupg.org/r1593.html
|
|||
|
[113]: https://www.gnupg.org/r1606.html
|
|||
|
[114]: https://www.gnupg.org/r1616.html
|
|||
|
[115]: https://www.gnupg.org/r1627.html
|
|||
|
[116]: https://www.gnupg.org/r1655.html
|
|||
|
[117]: https://www.gnupg.org/r1665.html
|
|||
|
[118]: https://www.gnupg.org/r1676.html
|
|||
|
[119]: https://www.gnupg.org/r1690.html
|
|||
|
[120]: https://www.gnupg.org/r1702.html
|
|||
|
[121]: https://www.gnupg.org/r1714.html
|
|||
|
[122]: https://www.gnupg.org/r1724.html
|
|||
|
[123]: https://www.gnupg.org/r1736.html
|
|||
|
[124]: https://www.gnupg.org/r1748.html
|
|||
|
[125]: https://www.gnupg.org/r1758.html
|
|||
|
[126]: https://www.gnupg.org/r1768.html
|
|||
|
[127]: https://www.gnupg.org/r1794.html
|
|||
|
[128]: https://www.gnupg.org/r1804.html
|
|||
|
[129]: https://www.gnupg.org/r1817.html
|
|||
|
[130]: https://www.gnupg.org/r1827.html
|
|||
|
[131]: https://www.gnupg.org/r1873.html
|
|||
|
[132]: https://www.gnupg.org/r1885.html
|
|||
|
[133]: https://www.gnupg.org/r1898.html
|
|||
|
[134]: https://www.gnupg.org/r1910.html
|
|||
|
[135]: https://www.gnupg.org/r1920.html
|
|||
|
[136]: https://www.gnupg.org/r1931.html
|
|||
|
[137]: https://www.gnupg.org/r1943.html
|
|||
|
[138]: https://www.gnupg.org/r1953.html
|
|||
|
[139]: https://www.gnupg.org/r1965.html
|
|||
|
[140]: https://www.gnupg.org/r1983.html
|
|||
|
[141]: https://www.gnupg.org/r1995.html
|
|||
|
[142]: https://www.gnupg.org/r2007.html
|
|||
|
[143]: https://www.gnupg.org/r2017.html
|
|||
|
[144]: https://www.gnupg.org/r2029.html
|
|||
|
[145]: https://www.gnupg.org/r2044.html
|
|||
|
[146]: https://www.gnupg.org/r2059.html
|
|||
|
[147]: https://www.gnupg.org/r2071.html
|
|||
|
[148]: https://www.gnupg.org/r2086.html
|
|||
|
[149]: https://www.gnupg.org/r2098.html
|
|||
|
[150]: https://www.gnupg.org/r2110.html
|
|||
|
[151]: https://www.gnupg.org/r2120.html
|
|||
|
[152]: https://www.gnupg.org/r2130.html
|
|||
|
|