Skip to content


Generate Key

gpg --full-generate-key


lpass show gpg --attach=8017296795546256342-55097 -q | gpg --import
gpg --import secret.asc

Trust Own Key

gpg --edit-key [email protected]

gpg> trust

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 5
gpg> save

Sign Others' Keys

wget -O- | gpg --import
gpg --list-keys
gpg --sign-key [email protected]


# Secret keys
gpg --list-secret-keys --keyid-format LONG
# All keys
gpg --list-keys --keyid-format LONG

Submit to Keyserver

gpg --keyid-format LONG --list-keys [email protected]
pub   rsa4096/ABCDEF0123456789 2018-01-01 [SCEA] [expires: 2021-01-01]
uid              [ ultimate ] John Doe
gpg --keyserver --send-keys ABCDEF0123456789

Revokation Certificate

gpg --output revoke.asc --gen-revoke [email protected]


gpg --export-secret-keys --armor [email protected] > /path/to/secret-key-backup.asc

Keygrip to match *.key filenames in ~/.gnupg/private-keys-v1.d directory

gpg --list-secret-keys --with-keygrip
gpg --list-keys --with-keygrip

Get Key ID

key=$(gpg --list-keys | sed -n '/^\s/s/\s*//p') && echo "0x"${key:(-8)}
# 0x08B7D7A3

Restart Agent on Windows

gpg-connect-agent reloadagent /bye

Refresh Keys

gpg --refresh-keys --keyserver