gpg Command
Advanced Firewall & Security man(1)GNU Privacy Guard - encrypt and sign data
👁 11 views
📅 Updated: Mar 15, 2026
SYNTAX
gpg [OPTION]... [FILE]
What Does gpg Do?
gpg (GNU Privacy Guard) provides encryption, digital signatures, and key management using public-key cryptography. It implements the OpenPGP standard for secure communication and file protection.
gpg is used for encrypting files, signing documents, verifying software signatures, secure email, and managing PGP keys. It is the standard tool for verifying the authenticity of downloaded software.
gpg uses a web of trust model where users sign each other keys to establish authenticity. Each user has a public key (shared) and a private key (kept secret).
gpg is used for encrypting files, signing documents, verifying software signatures, secure email, and managing PGP keys. It is the standard tool for verifying the authenticity of downloaded software.
gpg uses a web of trust model where users sign each other keys to establish authenticity. Each user has a public key (shared) and a private key (kept secret).
Options & Flags
| Option | Description | Example |
|---|---|---|
| -c | Symmetric encryption (password only) | gpg -c secret.txt |
| -e | Encrypt for a recipient | gpg -e -r alice@example.com file.txt |
| -d | Decrypt | gpg -d file.txt.gpg |
| -s | Sign a file | gpg -s document.txt |
| --verify | Verify a signature | gpg --verify file.sig file |
| --gen-key | Generate a key pair | gpg --gen-key |
| --list-keys | List public keys | gpg --list-keys |
| --import | Import a key | gpg --import pubkey.asc |
Practical Examples
#1 Encrypt with password
Encrypts with a symmetric password. Creates sensitive_data.tar.gz.gpg.
$ gpg -c sensitive_data.tar.gz#2 Decrypt file
Decrypts a file using the password or your private key.
$ gpg -d backup.tar.gz.gpg > backup.tar.gz#3 Generate key pair
Creates a new PGP key pair with interactive prompts.
$ gpg --full-gen-key#4 Verify downloaded file
Verifies that a downloaded file signature is valid.
$ gpg --verify file.sig file.tar.gz
Output:
gpg: Good signature from "Author Name"
#5 Export public key
Exports your public key in ASCII format for sharing.
$ gpg --armor --export alice@example.com > alice_public.asc#6 Import public key
Imports a public key to your keyring for encryption or verification.
$ gpg --import someone_public.ascTips & Best Practices
Use -c for simple encryption: gpg -c file uses symmetric encryption with a password. No key management needed. Good for personal backups.
Backup your private key: If you lose your private key, encrypted data is unrecoverable. Export with gpg --export-secret-keys > backup.gpg.
Verifying software: Many Linux downloads include .sig files. Import the developer key, then gpg --verify file.sig file to verify authenticity.
Frequently Asked Questions
How do I encrypt a file with a password?
gpg -c filename. You will be prompted for a password. Decrypt with gpg -d filename.gpg.
How do I verify a software download?
Download the .sig file and the developer public key. Import the key with gpg --import, then gpg --verify file.sig file.
What is the difference between GPG and SSH keys?
GPG keys are for encryption and signing. SSH keys are for authentication. They serve different purposes and use different formats.
Related Commands
More Firewall & Security Commands
Master Linux with Professional eBooks
Curated IT eBooks covering Linux, DevOps, Cloud, and more
Browse Books →