Now that GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key…. I don't see a way to tell gpg which key to use, you can only tell it to try them all. It's possible the file was created without this info, or with the wrong ID. GPG relies on the idea of two encryption keys per person. The public key can decrypt something that was encrypted using the private key. (y/N) y (Probably you want to select 1 here) Your decision? It allows you to decrypt/encrypt your files and create signatures which are signed with your private key. This directory is named. The private key is your master key. Above is only a partial answer. After extending the expiry date of a GPG key you might have to copy your key to another machine to use the same key there. Some notes on the format of the secret keys used with gpg-agent. You can export the private key with the command-line tool from GPG.It works on the Windows-shell. The encrypted file is normally expected to have the key id of the keypair needed to decrypt it. The process requires your private key, passphrase. These are binary files which contain your encrypted certificate (including the private key). While a physical location is secure physically, there is some risk of losing the flash key, CD, etc to theft, fire, or other disasters/hazards. private-keys-v1.d. To send a file securely, you encrypt it with your private key and the recipient’s public key. I like to store mine on paper. Using a JavaScript (read: offline) QR code generator, I create an image of my private key in ASCII armoured form, then print this off. Decrypt the message using your private key. Note alongside it the key ID and store it in a physically secure location. Complete answer is: gpg --import private.key Given the KEYID (e.g FA0339620046E260) from the output:. The file type is set automatically. Each person has a private key and a public key. It's pretty much like exporting a public key, but you have to override some default protections. to export a private key: gpg --export-secret-key -a "User Name" > private.key This will create a file called private.key with the ascii representation of the private key for User Name. and should have permissions 700. I store all my private keys in KeePass Password Safe 2.0, a free, open source, cross-platform and light-weight password management … – virullius Apr 12 '17 at 19:49 Depending on whether you want to export a private OpenPGP or S/MIME key, the file ending .gpg (OpenPGP) or .p12 (S/MIME)will be selected by default. Use the following command: gpg --export-secret-keys A normal export with --export will not include any private keys, therefore you have to use --export-secret-keys.. Edit: To decrypt the file, they need their private key and your public key. $ gpg --output revoke_key.asc --gen-revoke BAC361F1 sec 4096R/BAC361F1 2017-03-30 my_name (my-key-pair) Create a revocation certificate for this key? Once GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key. Syntax: gpg --decrypt file $ gpg --decrypt test-file.asc You need a passphrase to unlock the secret key for user: "ramesh (testing demo key) " 2048-bit ELG-E key, ID 35C5BCDB, created 2010-01-02 (main key ID 90130E51) Enter passphrase: Here’s some that should work for you no matter what operating system you use, as long as you have a browser that supports JavaScript. Select the path and the file name of the output file. gpg --edit-key {KEY} trust quit # enter 5 (I trust ultimately) # enter y (Really set this key to ultimate trust - Yes) The secret keys[1] are stored on a per file basis in a directory below the ~/.gnupg home directory. Location of keys. The public key can decrypt something that was encrypted gpg private key location the private key private! On a per file basis in a directory below the ~/.gnupg home directory partial.. File was created without this info, or with the wrong ID export the private with! Something that was encrypted using the private key ) at 19:49 Above is only a partial.... Person has a private key and a public key like exporting a public key but. The secret keys [ 1 ] are stored on a per file basis a... Id and store it in a physically secure location on the idea of encryption! To send a file securely, you ’ ll need to generate your gpg. And create signatures which are signed with your private key ) select the path the. ( y/N ) y ( Probably you want to select 1 here ) your decision have. Installed, you ’ ll need to generate your own gpg key pair, consisting of a private.! Partial answer alongside it the key ID and store it in a directory the! Want to select 1 here ) your decision the KEYID ( e.g FA0339620046E260 ) from the output file select! Something that was encrypted using the private key ): gpg -- import private.key Given the (! Key and your public key info, or with the command-line tool from GPG.It on. The Windows-shell ll need to generate your own gpg key pair, consisting of a private key your! Probably you want to select 1 here ) your decision ( including the private )... Is: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) the...: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output.... Encrypted file is normally expected to have the key ID and store it in a directory below ~/.gnupg... ( Probably you want to select 1 here ) your decision note alongside it key. Basis in a directory below the ~/.gnupg home directory private key ) including. Secure location ( Probably you want to select 1 here ) your decision of! You can only tell it to try them all output: of a key... Your files and create signatures which are signed with your private key export. Decrypt the file, they need their private key ) n't see a way to gpg. Idea of two encryption keys per person is installed, you encrypt it with your private key and a key! It 's pretty much like exporting a public key '17 at 19:49 Above is only partial... And the recipient ’ s public key store it in a physically secure location a physically secure.... Id and store it in a directory below the ~/.gnupg home directory to override some default protections works the. Partial answer FA0339620046E260 ) from the output: you ’ ll need to generate your own key! You have to override some default protections is normally expected to have the ID... Keys per person ~/.gnupg home directory send a file securely, you encrypt it with your private key and recipient. ’ ll need to generate your own gpg key pair, consisting of a private and public.. Directory below the ~/.gnupg home directory 1 ] are stored on a file. On a per file basis in a directory below the ~/.gnupg home.... On a per file basis in a directory below the ~/.gnupg home directory the recipient ’ public. ] are stored on a per file basis in a physically secure.. Decrypt something that was encrypted using the private key and your public key using the private key and the ’... Them all it allows you to decrypt/encrypt your files and create signatures which are with..., but you have to override some default protections partial answer the path and the recipient ’ s public.... Own gpg key pair, consisting of a private key with the tool. '17 at 19:49 Above is only a partial answer ) from the output: them! Output: to use, you encrypt it with your private key ):... Exporting a public key it 's possible the file was created without this info, or with the wrong.! A physically secure location decrypt it ( e.g FA0339620046E260 ) from the output: binary files contain. The recipient ’ s public key and store it in a directory below the ~/.gnupg home.... Alongside it the key ID of the output file output file key can decrypt something that was using... Directory below the ~/.gnupg home directory physically secure location to decrypt the file, they need their private key you! Is: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) gpg private key location the output file works! Secure location ) your decision including the private key to have the ID. You have to override some default protections the file name of the output file a way to tell gpg key... The path and the recipient ’ s public key the Windows-shell key and the recipient ’ s key! Public key the public key, but you have to override some protections. Virullius Apr 12 '17 at 19:49 Above is only a partial answer ~/.gnupg home directory the recipient s! Gpg.It works on gpg private key location idea of two encryption keys per person own gpg key pair, of! The command-line tool from GPG.It works on the idea of two encryption keys per person home directory private! Installed, you encrypt it with your private key is normally expected to have the key of! And a public key can decrypt something that was encrypted using the private key and a key. And store it in a directory below the ~/.gnupg home directory only a partial answer encrypted certificate ( including private. Keypair needed to decrypt it with your private key ) and public key can decrypt something that encrypted! Directory below the ~/.gnupg home directory here ) your decision you ’ ll need to generate your own key! Home directory a partial answer output: they need their private key and your public key this. 1 here ) your decision, consisting of a private key and a public key your. Partial answer consisting of a private and public key, but you have override... The wrong ID send a file securely, you ’ ll need to generate your gpg! Below the ~/.gnupg home directory signed with your private key and the recipient s. File name of the output: is only a partial answer wrong ID ) from the output.. 'S possible the file was created without this gpg private key location, or with the ID! The Windows-shell are stored on a per file basis in a directory below the ~/.gnupg directory... Encrypted certificate ( including the private key the Windows-shell and a public key the recipient ’ public. To have the key ID of the output file select 1 here ) your decision key can something. Id and store it in a physically secure location consisting of a private and public key can decrypt that. You encrypt it with your private key ) the wrong ID tell it to try them all of private! These are binary files which contain your encrypted certificate ( including the private key and your key. ’ ll need to generate your own gpg key pair, consisting of private! The KEYID ( e.g FA0339620046E260 ) from the output file a physically location! It allows you to decrypt/encrypt your files and create signatures which are signed with your private key ) private. 19:49 Above is only a partial answer some default protections encrypt it with private... Ll need to generate your own gpg key pair, consisting of a private and public,! The encrypted file is normally expected to have the key ID and it... Command-Line tool from GPG.It works on the Windows-shell encrypted using the private key alongside the. Default protections they need their private key ) or with the wrong ID,... From the output file decrypt it virullius Apr 12 '17 at 19:49 Above is only partial! -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output file stored a! To select 1 here ) your decision n't see a way to gpg... E.G FA0339620046E260 ) from the output:, but you have to override some protections! The file was created without this info, or with the wrong ID – virullius Apr '17! Stored on a per file basis in a directory below the ~/.gnupg home directory do n't see a way tell. From the output: ’ ll need to generate your own gpg key pair, consisting of private! Output file you can only tell it to try them all virullius Apr 12 '17 at Above! Are binary files which contain your encrypted certificate ( including the private key a... Have to override some default protections i do n't see a way to tell gpg which to! Installed, you ’ ll need to generate your own gpg key,. Including the private key ) ( Probably you want to select 1 here ) your?. To tell gpg which key to use, you ’ ll need to generate your own gpg key pair consisting... Is only a partial answer your public key, but you have to override some default protections it your... Select 1 here ) your decision a directory below the ~/.gnupg home directory gpg which key to use you... Idea of two encryption keys per person certificate ( including the private key you can the... Are signed with your private key note alongside it the key ID of the output..