361 lines
14 KiB
Markdown
361 lines
14 KiB
Markdown
[Source](https://www.gnupg.org/gph/en/manual/book1.html "Permalink to ")
|
||
|
||
# The GNU Privacy Handbook
|
||
|
||
Copyright 1999 by The Free Software Foundation
|
||
|
||
Please direct questions, bug reports, or suggesstions concerning this manual to the maintainer, Mike Ashley (`<[jashley@acm.org][1]>`). Contributors to this manual also include Matthew Copeland, Joergen Grahn, and David A. Wheeler. J Horacio MG has translated the manual to Spanish.
|
||
|
||
This manual may be redistributed under the terms of the [GNU General Public License][2].
|
||
|
||
* * *
|
||
|
||
**Table of Contents**
|
||
1\. [Getting Started][3]
|
||
:
|
||
|
||
[Generating a new keypair][4]
|
||
:
|
||
|
||
[Generating a revocation certificate][5]
|
||
|
||
[Exchanging keys][6]
|
||
:
|
||
|
||
[Exporting a public key][7]
|
||
[Importing a public key][8]
|
||
|
||
[Encrypting and decrypting documents][9]
|
||
[Making and verifying signatures][10]
|
||
:
|
||
|
||
[Clearsigned documents][11]
|
||
[Detached signatures][12]
|
||
|
||
2\. [Concepts][13]
|
||
:
|
||
|
||
[Symmetric ciphers][14]
|
||
[Public-key ciphers][15]
|
||
[Hybrid ciphers][16]
|
||
[Digital signatures][17]
|
||
|
||
3\. [Key Management][18]
|
||
:
|
||
|
||
[Managing your own keypair][19]
|
||
:
|
||
|
||
[Key integrity][20]
|
||
[Adding and deleting key components][21]
|
||
[Revoking key components][22]
|
||
[Updating a key's expiration time][23]
|
||
|
||
[Validating other keys on your public keyring][24]
|
||
:
|
||
|
||
[Trust in a key's owner][25]
|
||
[Using trust to validate keys][26]
|
||
|
||
[Distributing keys][27]
|
||
|
||
4\. [Daily use of GnuPG][28]
|
||
:
|
||
|
||
[Defining your security needs][29]
|
||
:
|
||
|
||
[Choosing a key size][30]
|
||
[Protecting your private key][31]
|
||
[Selecting expiration dates and using subkeys][32]
|
||
[Managing your web of trust][33]
|
||
|
||
[Building your web of trust][34]
|
||
[Using GnuPG legally][35]
|
||
|
||
5\. [Topics][36]
|
||
:
|
||
|
||
[Writing user interfaces][37]
|
||
|
||
I. [Command Reference][38]
|
||
:
|
||
|
||
[sign][39] — sign a document
|
||
[detach-signature][40] — make a detached signature
|
||
[encrypt][41] — encrypt a document
|
||
[symmetric][42] — encrypt a document using only a symmetric encryption algorithm
|
||
[decrypt][43] — decrypt an encrypted document
|
||
[clearsign][44] — make a cleartext signature
|
||
[verify][45] — verify a signed document
|
||
[gen-key][46] — generate a new keypair
|
||
[gen-revoke][47] — generate a revocation certificate for a public/private keypair
|
||
[send-keys][48] — send keys to a key server
|
||
[recv-keys][49] — retrieve keys from a key server
|
||
[list-keys][50] — list information about keys
|
||
[list-public-keys][51] — list keys on public keyrings
|
||
[list-secret-keys][52] — list keys on secret keyrings
|
||
[list-sigs][53] — list information about keys including signatures
|
||
[check-sigs][54] — list information about keys including validated signatures
|
||
[fingerprint][55] — display key fingerprints
|
||
[import][56] — import keys to a local keyring
|
||
[fast-import][57] — import/merge keys
|
||
[export][58] — export keys from a local keyring
|
||
[export-all][59] — export all public keys
|
||
[export-secret-keys][60] — export secret keys
|
||
[edit-key][61] — presents a menu for operating on keys
|
||
[sign-key][62] — sign a public key with a private key
|
||
[lsign-key][63] — locally sign a public key with a private key
|
||
[delete-key][64] — remove a public key
|
||
[delete-secret-key][65] — remove a public and private key
|
||
[store][66] — make only simple rfc1991 packets
|
||
[export-ownertrust][67] — export assigned owner-trust values
|
||
[import-ownertrust][68] — import owner-trust values
|
||
[update-trustdb][69] — update the trust database
|
||
[print-md][70] — display message digests
|
||
[gen-random][71] — generate random data
|
||
[gen-prime][72] — ?
|
||
[version][73] — display version information
|
||
[warranty][74] — display warranty information
|
||
[help][75] — display usage information
|
||
|
||
II. [Options Reference][76]
|
||
:
|
||
|
||
[keyserver][77] — specify the keyserver to use to locate keys
|
||
[output][78] — specify the file in which to place output
|
||
[recipient][79] — specify the recipient of a public-key encrypted document
|
||
[default-recipient][80] — specify the default recipient of a public-key encrypted document
|
||
[default-recipient-self][81] — use the default key user ID as the default recipient of a public-key encrypted document
|
||
[no-default-recipient][82] — ignore the options default-recipient and default-recipient-self
|
||
[encrypt-to][83] — specify an additional recipient of a public-key encrypted document
|
||
[no-encrypt-to][84] — ignore the option encrypt-to
|
||
[armor][85] — ASCII-armor encrypted or signed output
|
||
[no-armor][86] — assume input data is not ASCII armored
|
||
[no-greeting][87] — suppress the opening copyright notice but do not enter batch mode
|
||
[no-secmem-warning][88] — suppress warnings if insecure memory is used
|
||
[batch][89] — use batch mode
|
||
[no-batch][90] — disable batch mode
|
||
[local-user][91] — specifies a user id to use for signing
|
||
[default-key][92] — specifies a user ID as a default user ID for signatures
|
||
[completes-needed][93] — specifies the number of fully-trusted people needed to validate a new key.
|
||
[marginals-needed][94] — specifies the number of marginally-trusted people needed to validate a new key.
|
||
[load-extension][95] — specifies an extension to load.
|
||
[rfc1991][96] — try to be more RFC1991 (PGP 2.x) compliant
|
||
[allow-non-selfsigned-uid][97] — allow the import of keys with user IDs which are not self-signed
|
||
[cipher-algo][98] — use a specified algorithm as the symmetric cipher
|
||
[compress-algo][99] — use a specified compression algorithm
|
||
[z][100] — set compression level
|
||
[verbose][101] — provide additional information during processing
|
||
[no-verbose][102] — resets verbosity to none
|
||
[quiet][103] — supress informational output
|
||
[textmode][104] — use canonical text mode
|
||
[dry-run][105] — do not make changes
|
||
[interactive][106] — prompt before overwriting files
|
||
[yes][107] — assume ``yes'' to most questions
|
||
[no][108] — assume ``no'' to most questions
|
||
[always-trust][109] — skip key validation
|
||
[skip-verify][110] — skip signature verification
|
||
[keyring][111] — add a keyring to the list of keyrings
|
||
[secret-keyring][112] — add a secret keyring
|
||
[no-default-keyring][113] — do not add the default keyrings to the list of keyrings
|
||
[homedir][114] — set the home directory
|
||
[charset][115] — set the name of the native character set.
|
||
[no-literal][116] — ?
|
||
[set-filesize][117] — ?
|
||
[with-fingerprint][118] — modifies key listing output
|
||
[with-colons][119] — modifies key listing output
|
||
[with-key-data][120] — modifies key listing output
|
||
[lock-once][121] — locks the databases once
|
||
[lock-multiple][122] — locks the databases each time they are used
|
||
[passphrase-fd][123] — read the passphrase from a different input stream
|
||
[force-mdc][124] — force the use of encryption with appended manipulation code
|
||
[force-v3-sigs][125] — force the use of v3 signatures on data
|
||
[openpgp][126] — reset all packet, cipher, and digest options to the OpenPGP specification
|
||
[utf8-strings][127] — assume that arguments are provided as UTF8 strings
|
||
[no-utf8-strings][128] — assume that arguments are not provided as UTF8 strings
|
||
[no-options][129] — use no options file
|
||
[debug][130] — set debug flags
|
||
[debug-all][131] — set all useful debugging flags
|
||
[status-fd][132] — write status messages to an alternative output stream
|
||
[logger-fd][133] — write log messages to an alternative output stream
|
||
[no-comment][134] — do not write comment packets
|
||
[comment][135] — set the comment string to use in cleartext signatures
|
||
[default-comment][136] — use the standard comment string in cleartext signatures
|
||
[no-version][137] — omit the version string in clear text signatures
|
||
[emit-version][138] — emit the version string in cleartext signatures
|
||
[notation-data][139] — add data to a signature as notation data
|
||
[set-policy-url][140] — set the policy URL for signatures
|
||
[set-filename][141] — sets the filename stored in encrypted or signed messages
|
||
[use-embedded-filename][142] — use the filename embedded in a message for storing its plaintext or verified version
|
||
[max-cert-depth][143] — set the maximum depth of a certification chain
|
||
[digest-algo][144] — set the message digest algorithm
|
||
[s2k-cipher-algo][145] — use a specified algorithm as the symmetric cipher for encrypting private keys
|
||
[s2k-digest-algo][146] — set the message digest algorithm for mangling passphrases protecting private keys
|
||
[s2k-mode][147] — sets how passphrases are mangled
|
||
[disable-cipher-algo][148] — prevents a symmetric cipher from being used
|
||
[disable-pubkey-algo][149] — prevents a public key cipher from being used
|
||
[throw-keyid][150] — do not put key IDs into encrypted packets
|
||
[not-dash-escaped][151] — changes the format of cleartext signatures
|
||
[escape-from-lines][152] — modifies messages beginning with ``From'' when cleartext signing
|
||
|
||
* * *
|
||
|
||
| ----- |
|
||
| | | [Next][3] |
|
||
| | | Getting Started |
|
||
|
||
[1]: mailto:jashley%40acm.org
|
||
[2]: http://www.gnu.org/copyleft/gpl.html
|
||
[3]: https://www.gnupg.org/c14.html
|
||
[4]: https://www.gnupg.org/c14.html#AEN25
|
||
[5]: https://www.gnupg.org/c14.html#REVOCATION
|
||
[6]: https://www.gnupg.org/x56.html
|
||
[7]: https://www.gnupg.org/x56.html#AEN64
|
||
[8]: https://www.gnupg.org/x56.html#AEN83
|
||
[9]: https://www.gnupg.org/x110.html
|
||
[10]: https://www.gnupg.org/x135.html
|
||
[11]: https://www.gnupg.org/x135.html#AEN152
|
||
[12]: https://www.gnupg.org/x135.html#AEN160
|
||
[13]: https://www.gnupg.org/c173.html
|
||
[14]: https://www.gnupg.org/c173.html#AEN184
|
||
[15]: https://www.gnupg.org/x195.html
|
||
[16]: https://www.gnupg.org/x209.html
|
||
[17]: https://www.gnupg.org/x215.html
|
||
[18]: https://www.gnupg.org/c235.html
|
||
[19]: https://www.gnupg.org/c235.html#AEN243
|
||
[20]: https://www.gnupg.org/c235.html#AEN266
|
||
[21]: https://www.gnupg.org/c235.html#AEN281
|
||
[22]: https://www.gnupg.org/c235.html#AEN304
|
||
[23]: https://www.gnupg.org/c235.html#AEN328
|
||
[24]: https://www.gnupg.org/x334.html
|
||
[25]: https://www.gnupg.org/x334.html#AEN345
|
||
[26]: https://www.gnupg.org/x334.html#AEN384
|
||
[27]: https://www.gnupg.org/x457.html
|
||
[28]: https://www.gnupg.org/c481.html
|
||
[29]: https://www.gnupg.org/c481.html#AEN487
|
||
[30]: https://www.gnupg.org/c481.html#AEN501
|
||
[31]: https://www.gnupg.org/c481.html#AEN506
|
||
[32]: https://www.gnupg.org/c481.html#AEN519
|
||
[33]: https://www.gnupg.org/c481.html#AEN526
|
||
[34]: https://www.gnupg.org/x547.html
|
||
[35]: https://www.gnupg.org/x557.html
|
||
[36]: https://www.gnupg.org/c562.html
|
||
[37]: https://www.gnupg.org/c562.html#AEN567
|
||
[38]: https://www.gnupg.org/r590.html
|
||
[39]: https://www.gnupg.org/r606.html
|
||
[40]: https://www.gnupg.org/r622.html
|
||
[41]: https://www.gnupg.org/r636.html
|
||
[42]: https://www.gnupg.org/r656.html
|
||
[43]: https://www.gnupg.org/r669.html
|
||
[44]: https://www.gnupg.org/r684.html
|
||
[45]: https://www.gnupg.org/r697.html
|
||
[46]: https://www.gnupg.org/r711.html
|
||
[47]: https://www.gnupg.org/r721.html
|
||
[48]: https://www.gnupg.org/r733.html
|
||
[49]: https://www.gnupg.org/r747.html
|
||
[50]: https://www.gnupg.org/r762.html
|
||
[51]: https://www.gnupg.org/r774.html
|
||
[52]: https://www.gnupg.org/r786.html
|
||
[53]: https://www.gnupg.org/r798.html
|
||
[54]: https://www.gnupg.org/r810.html
|
||
[55]: https://www.gnupg.org/r822.html
|
||
[56]: https://www.gnupg.org/r836.html
|
||
[57]: https://www.gnupg.org/r848.html
|
||
[58]: https://www.gnupg.org/r861.html
|
||
[59]: https://www.gnupg.org/r875.html
|
||
[60]: https://www.gnupg.org/r887.html
|
||
[61]: https://www.gnupg.org/r899.html
|
||
[62]: https://www.gnupg.org/r1007.html
|
||
[63]: https://www.gnupg.org/r1020.html
|
||
[64]: https://www.gnupg.org/r1033.html
|
||
[65]: https://www.gnupg.org/r1045.html
|
||
[66]: https://www.gnupg.org/r1057.html
|
||
[67]: https://www.gnupg.org/r1067.html
|
||
[68]: https://www.gnupg.org/r1078.html
|
||
[69]: https://www.gnupg.org/r1090.html
|
||
[70]: https://www.gnupg.org/r1100.html
|
||
[71]: https://www.gnupg.org/r1114.html
|
||
[72]: https://www.gnupg.org/r1129.html
|
||
[73]: https://www.gnupg.org/r1142.html
|
||
[74]: https://www.gnupg.org/r1152.html
|
||
[75]: https://www.gnupg.org/r1162.html
|
||
[76]: https://www.gnupg.org/r1172.html
|
||
[77]: https://www.gnupg.org/r1182.html
|
||
[78]: https://www.gnupg.org/r1197.html
|
||
[79]: https://www.gnupg.org/r1208.html
|
||
[80]: https://www.gnupg.org/r1223.html
|
||
[81]: https://www.gnupg.org/r1235.html
|
||
[82]: https://www.gnupg.org/r1248.html
|
||
[83]: https://www.gnupg.org/r1261.html
|
||
[84]: https://www.gnupg.org/r1278.html
|
||
[85]: https://www.gnupg.org/r1290.html
|
||
[86]: https://www.gnupg.org/r1300.html
|
||
[87]: https://www.gnupg.org/r1310.html
|
||
[88]: https://www.gnupg.org/r1320.html
|
||
[89]: https://www.gnupg.org/r1330.html
|
||
[90]: https://www.gnupg.org/r1341.html
|
||
[91]: https://www.gnupg.org/r1353.html
|
||
[92]: https://www.gnupg.org/r1365.html
|
||
[93]: https://www.gnupg.org/r1377.html
|
||
[94]: https://www.gnupg.org/r1390.html
|
||
[95]: https://www.gnupg.org/r1403.html
|
||
[96]: https://www.gnupg.org/r1414.html
|
||
[97]: https://www.gnupg.org/r1424.html
|
||
[98]: https://www.gnupg.org/r1434.html
|
||
[99]: https://www.gnupg.org/r1449.html
|
||
[100]: https://www.gnupg.org/r1460.html
|
||
[101]: https://www.gnupg.org/r1472.html
|
||
[102]: https://www.gnupg.org/r1482.html
|
||
[103]: https://www.gnupg.org/r1494.html
|
||
[104]: https://www.gnupg.org/r1504.html
|
||
[105]: https://www.gnupg.org/r1514.html
|
||
[106]: https://www.gnupg.org/r1524.html
|
||
[107]: https://www.gnupg.org/r1534.html
|
||
[108]: https://www.gnupg.org/r1544.html
|
||
[109]: https://www.gnupg.org/r1554.html
|
||
[110]: https://www.gnupg.org/r1564.html
|
||
[111]: https://www.gnupg.org/r1574.html
|
||
[112]: https://www.gnupg.org/r1593.html
|
||
[113]: https://www.gnupg.org/r1606.html
|
||
[114]: https://www.gnupg.org/r1616.html
|
||
[115]: https://www.gnupg.org/r1627.html
|
||
[116]: https://www.gnupg.org/r1655.html
|
||
[117]: https://www.gnupg.org/r1665.html
|
||
[118]: https://www.gnupg.org/r1676.html
|
||
[119]: https://www.gnupg.org/r1690.html
|
||
[120]: https://www.gnupg.org/r1702.html
|
||
[121]: https://www.gnupg.org/r1714.html
|
||
[122]: https://www.gnupg.org/r1724.html
|
||
[123]: https://www.gnupg.org/r1736.html
|
||
[124]: https://www.gnupg.org/r1748.html
|
||
[125]: https://www.gnupg.org/r1758.html
|
||
[126]: https://www.gnupg.org/r1768.html
|
||
[127]: https://www.gnupg.org/r1794.html
|
||
[128]: https://www.gnupg.org/r1804.html
|
||
[129]: https://www.gnupg.org/r1817.html
|
||
[130]: https://www.gnupg.org/r1827.html
|
||
[131]: https://www.gnupg.org/r1873.html
|
||
[132]: https://www.gnupg.org/r1885.html
|
||
[133]: https://www.gnupg.org/r1898.html
|
||
[134]: https://www.gnupg.org/r1910.html
|
||
[135]: https://www.gnupg.org/r1920.html
|
||
[136]: https://www.gnupg.org/r1931.html
|
||
[137]: https://www.gnupg.org/r1943.html
|
||
[138]: https://www.gnupg.org/r1953.html
|
||
[139]: https://www.gnupg.org/r1965.html
|
||
[140]: https://www.gnupg.org/r1983.html
|
||
[141]: https://www.gnupg.org/r1995.html
|
||
[142]: https://www.gnupg.org/r2007.html
|
||
[143]: https://www.gnupg.org/r2017.html
|
||
[144]: https://www.gnupg.org/r2029.html
|
||
[145]: https://www.gnupg.org/r2044.html
|
||
[146]: https://www.gnupg.org/r2059.html
|
||
[147]: https://www.gnupg.org/r2071.html
|
||
[148]: https://www.gnupg.org/r2086.html
|
||
[149]: https://www.gnupg.org/r2098.html
|
||
[150]: https://www.gnupg.org/r2110.html
|
||
[151]: https://www.gnupg.org/r2120.html
|
||
[152]: https://www.gnupg.org/r2130.html
|
||
|