gpg.ru(1)
NAME
gpg --
SYNOPSIS
gpg [--homedir name] [--options file] [options] command [args]
gpg GnuPG.
GnuPG. GnuPG GNU General Public License, Free Software Founda-
tion; 2, ( ) .
. GNU Privacy Handbook (GPH) , http://www.gnupg.org.
, , . , "--".
gpg , ( , , , ).
gpg :
-s, --sign
. --encrypt ( ), --symmetric ( ) --encrypt --sym-
metric ( , ).
--clearsign
.
-b, --detach-sign
.
-e, --encrypt
. --sign ( ), --symmetric ( , , ) --sign
--symmetric ( , , ).
-c, --symmetric
(). CAST5. --cipher-algo. --sign ( ),
--encrypt ( , , ) --sign --encrypt ( , , ).
--store RFC1991.
--decrypt [file]
file ( , ) ( --output). , . , .
--verify [[sigfile] [signed-files]]
, sigfile , . , . , , . ".sig"
".asc". , , . , - . , , .
--multifile
, . . . --multifile --verify,
--encrypt, --decrypt. , "--multifile --verify" .
--verify-files [files]
--multifile --verify.
--encrypt-files [files]
--multifile --encrypt.
--decrypt-files [files]
--multifile --decrypt.
--list-keys [names]
--list-public-keys [names]
, .
, .. GnuPG. --with-colons.
-K, --list-secret-keys [names]
, . '#' sec , (., --export-secret-subkeys).
--list-sigs [names]
, --list-keys, .
"sig" . . 1-3 (. --ask-cert-level), "L"
(. --lsign-key), "R" (. nrsign --edit-key), "P" URL
(. --cert-policy-url), "N" (. --cert-notation), "X"
. (. --ask-cert-expire), 1-9 "T" 10 , (. tsign
--edit-key).
--check-sigs [names]
, --list-sigs, .
--fingerprint [names]
. , --list-keys, , . --list-sigs
--check-sigs. , .
--list-packets
. , , .
--gen-key . , , .
, . doc/DETAILS .
--edit-key name
, :
sign name. ( -u), , . , -u.
lsign , "sign", . , .
nrsign , "sign", . .
nrlsign nrsign lsign, .
tsign . ( ) ( "trust"). , , .
, "l" ( / ), "nr" ( ) "t" ( ) "sign" .
revsig . GnuPG , .
trust . , .
disable
enable (disable) (enable). .
adduid .
addphoto . JPEG, . , . , , (GnuPG),
(PGP).
deluid .
delsig .
revuid .
addkey .
addcardkey
.
keytocard ( , ) . , save. . . ,
- , , .
delkey .
addrevoker [sensitive]
. : "sensitive". sensitive, (.
export-options).
revkey .
expire . , . , .
passwd , .
primary , . , . , .
uid n / n. 0 .
key n / n. 0 .
check (, ) .
showphoto .
pref . , - .
showpref , pref. , 3DES ( ), SHA-1 (-) Uncompressed
(), .
setpref string
string. string , "pref". , "none" .
"gpg --version". , (, updpref) , .
updpref ( ) . . , ( ), GnuPG , , , .
keyserver . , (. --keyserver-option honor-keyserver-
url). , PGP URL PGP/MIME . "none".
toggle .
save .
quit .
. . : , , . :
- / .
e ; - .
q .
n .
m /.
f /.
u /.
--sign-key name
. , "sign" --edit-key.
--lsign-key name
. , "lsign" --edit-key.
--delete-key name
. --yes, . .
--delete-secret-key name
. .
--delete-secret-and-public-key name
, --delete-key, , . .
--gen-revoke name
. --edit-key.
--desig-revoke name
. ( ) - .
--export [names]
( --keyring), , , . "output".
, --armor.
--send-keys [names]
, --export . --keyserver. - , .
--export-secret-keys [names]
--export-secret-subkeys [names]
, --export, . . , , ; GNU OpenPGP
.
--simple-sk-checksum, OpenPGP.
--import [files]
--fast-import [files]
/ . . --fast-import, --import.
, . - --keyserver-option --merge-only, , .
--recv-keys key IDs
. --keyserver.
--refresh-keys key IDs
, . , .. . --keyserver, , (. --key-
server-option honor-keyserver-url).
--search-keys [names]
. , , . --keyserver.
--update-trustdb
. (Web of Trust). , .. . () . ,
. --edit-key .
--check-trustdb
. , . GnuPG , --no-auto-check-trustdb. , .
, --update-trustdb, .
cron, --batch, . --yes.
--export-ownertrust
. , .. , .
--import-ownertrust [files]
files ( , ); .
--rebuild-keydb-caches
1.0.6 1.0.7 . .
--print-md algo [files]
--print-mds [files]
- ALGO . ( "*" algo ) -.
--gen-random 0|1|2 [count]
COUNT . COUNT , . ! ; !
--gen-prime mode bits [qbits]
. . .
--version .
--warranty
.
-h, --help
. , . , .
( "~/.gnupg/gpg.conf"). - , "armor" , "" . , .
"#" ( ) . , , , .
gpg :
-a, --armor
ASCII .
-o, --output file
file.
--max-output n
, . OpenPGP , , OpenPGP. GnuPG , .
0, .
--mangle-dos-filenames
--no-mangle-dos-filenames
Windows . --mangle-dos-filenames GnuPG , , .
Windows.
-u, --local-user name
name. , --default-key.
--default-key name
name . , . , -u --local-user .
-r, --recipient name
name. --hidden-recipient , --default-recipient,
GnuPG .
-R, --hidden-recipient name
name, . . --recipient , --default-recipient,
GnuPG .
--default-recipient name
name , --recipient name . name .
--default-recipient-self
, --recipient, . - , --default-key.
--no-default-recipient
--default-recipient --default-recipient-self.
--encrypt-to name
, --recipient, . , --recipient, . , .
--hidden-encrypt-to name
, --hidden-recipient, "encrypt-to-self". ,
--recipient, . , .
--no-encrypt-to
--encrypt-to --hidden-encrypt-to.
-v, --verbose
. , .
-q, --quiet
.
-z n
--compress-level n
--bzip2-compress-level n
--compress-level n ZIP ZLIB. zlib ( 6).
--bzip2-compress-level BZIP2 ( 6 ). BZIP2 , . -z .
0 .
--bzip2-decompress-lowmem
BZIP2. , . --bzip2-compress-level.
-t, --textmode
--no-textmode
, OpenPGP "CRLF". , , , . (UNIX - Mac, Mac
- Windows ..). --no-textmode . .
-t ( --textmode) --armor --sign, . PGP; --sign
--clearsign .
-n, --dry-run
( ).
-i, --interactive
.
--batch
--no-batch
. , . --no-batch .
--no-tty TTY () . , .. GnuPG TTY --batch.
--yes .
--no .
--ask-cert-level
--no-ask-cert-level
, . , --default-cert-level. . --default-cert-level
. --no-ask-cert-level . .
--min-cert-level
. 2, 1.
--default-cert-level n
.
0 , , .
1 , , . , .
2 , . , .
3 , . , , , , , , , ( ), , .
, 2 3 . , , .
0 ( ).
--trusted-key long key ID
, ( 8 ) , . ( ) , .
--trust-model pgp|classic|always
, GnuPG. :
pgp , PGP 5.x . .
classic PGP 2.x .
direct .
always , . , - . , , "[uncertain]" ,
, .
--always-trust
`--trust-model always'. .
--keyid-format short|0xshort|long|0xlong
. "short" -- 8- . "long" -- ( ) 16- . "0x"
"0x" , , 0x99242560.
--keyserver name
name. , --recv-keys, --send-keys --search-keys.
name URI: `scheme:[//]keyservername[:port]' -- : "hkp"
HTTP ( ) , "ldap" NAI LDAP , "mailto" Graf email key-
server. , GnuPG . .
, .. . "hkp://subkeys.pgp.net" .
--keyserver-options parameters
. `no-' . . :
include-revoked
--search-keys, , . , , . , ,
, , . .
include-disabled
--search-keys, , . , HKP .
honor-keyserver-url
--refresh-keys, , . .
include-subkeys
, . , HKP, .. .
use-temp-files
Unix- GnuPG , . GnuPG . ( Win32
RISC OS) .
keep-temp-files
, `use-temp-files' . .
verbose . .
timeout . , . , --recv-keys, . 30 .
http-proxy [=value]
HTTP ( HKP), -. , - "http_proxy".
auto-key-retrieve
, .
, . ; , ( ), IP , .
--import-options parameters
, , , . `no-' . :
import-local-sigs
, . , . .
repair-hkp-subkey-bug
PKS ( 0.9.6), . , , .. , .
--import --recv-keys.
merge-only
, . .
--export-options parameters
, , , . `no-' . :
export-local-sigs
, . , . .
export-attributes
( ). , OpenPGP, . .
export-sensitive-revkeys
, "sensitive". .
export-minimal
. , . .
--list-options parameters
, ( , --list-keys, --list-sigs, --list-public-
keys, --list-secret-keys --edit-key). `no-' . :
show-photos
--list-keys, --list-sigs, --list-public-keys
--list-secret-keys photo ID . . . --photo-
viewer.
show-policy-url
URL --list-sigs --check-sigs. .
show-notations
show-std-notations
show-user-notations
--list-sigs --check-sigs. , , IETF, .
.
show-keyserver-urls
URL --list-sigs --check-sigs. .
show-uid-validity
. .
show-unusable-uids
. .
show-unusable-subkeys
. .
show-keyring
, . .
show-sig-expire
--list-sigs --check-sigs. .
show-sig-subpackets
. , , . , . . --with-colons
--list-sigs --check-sigs.
--verify-options parameters
, . `no-' . :
show-photos
photo ID , . . . --photo-viewer.
show-policy-url
URL . .
show-notations
show-std-notations
show-user-notations
. , , IETF, . IETF.
show-keyserver-url
URL . .
show-uid-validity
. .
show-unusable-uids
. .
--show-photos
--no-show-photos
, --list-keys, --list-sigs, --list-public-keys, --list-
secret-keys , . . --photo-viewer. . `--list-
options [no-]show-photos' / `--verify-options [no-]show-pho-
tos'. --no-show-photos .
--photo-viewer string
, . "%i" , . "%I" , . "%k" , "%K" -- , "%f"
-- , "%t" -- (., "jpg"), "%T" -- MIME (.,
"image/jpeg"), "%%" -- . "%i", "%I", .
: "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" ,
, GnuPG .
--exec-path string
, . , , $PATH.
--show-keyring
, . . `--list-options [no-]show-keyring'
--keyring file
file . file , . , , GnuPG
("~/.gnupg" --homedir $GNUPGHOME).
, . , --no-default-keyring.
--secret-keyring file
, --keyring .
--primary-keyring file
file . , ( --import --recv-keys) .
--trustdb-name file
file . file , $HOME. , , GnuPG
("~/.gnupg", --homedir $GNUPGHOME).
--homedir directory
directory , "~/.gnupg". . $GNUPGHOME.
--display-charset name
. , , UTF-8. , . 3 -v . name:
iso-8859-1
Latin 1.
iso-8859-2
Latin 2.
iso-8859-15
Latin 1.
koi8-r (rfc1489).
utf-8 , OS UTF-8.
--utf8-strings
--no-utf8-strings
, UTF8. (--no-utf8-strings), --display-charset.
. .
--options file
file . .
--no-options
"--options /dev/null". . , , "~./gnupg".
--load-extension name
. name , ( "/usr/local/lib/gnupg"). , , ,
.
--debug flags
. OR flags C (., 0x0042).
--debug-all
.
--debug-ccid-driver
CCID . , .
--enable-progress-filter
. gpg . .
--status-fd n
n. . DETAILS .
--logger-fd n
n, .
--attribute-fd n
n. --status-fd, .. .
--sk-comments
--no-sk-comments
. GnuPG OpenPGP. . , ASCII . --no-sk-comments
.
--comment string
--no-comments
string , ASCII (. --armor). . --comment
. --no-comments .
--emit-version
--no-emit-version
ASCII . --no-emit-version .
--sig-notation name=value
--cert-notation name=value
-N, --set-notation name=value
- , . name , '@'. IETF . --expert
'@'. value ; UTF8, --display-charset. name
(!), (rfc2440:5.2.3.15). --sig-notation , --cert-
notation (), --set-notation .
, . "%k" , "%K" - , "%f" - , "%s" - ,
"%S" - , "%g" - () , "%p" - , "%c" - OpenPGP
, "%%" "%". %k, %K, %f (), %c OpenPGP .
--show-notation
--no-show-notation
--list-sigs --check-sigs , . . `--list-options
[no-]show-notation' / `--verify-options [no-]show-notation'.
--sig-policy-url string
--cert-policy-url string
--set-policy-url string
string URL (rfc2440:5.2.3.19). (!), URL .
--sig-policy-url URL , --cert-policy-url URL (), -set-
policy-url .
'%', .
--show-policy-url
--no-show-policy-url
URL --list-sigs --check-sigs , URL . . `--list-
options [no-]show-policy-url' / `--verify-options [no-]show-
policy-url'.
--sig-keyserver-url string
string URL . , URL .
'%', .
--set-filename string
string , . .
--for-your-eyes-only
--no-for-your-eyes-only
`for your eyes only'. , GnuPG --output, PGP "secure
viewer" . --set-filename. --no-for-your-eyes-only .
--use-embedded-filename
--no-use-embedded-filename
. , .. . .
--completes-needed n
, , ( 1).
--marginals-needed n
, , ( 3).
--max-cert-depth n
( 5).
--cipher-algo name
name. --version . , .
--digest-algo name
- name. --version -.
--compress-algo name
name. "zlib" ZLIB RFC1950. "zip" ZIP RFC-1951
PGP. "bzip2" , , . "uncompressed" "none" . ,
. , ZIP .
ZLIB , ZIP, .. 8. BZIP2 , , . , , PGP ( )
ZIP. ZIP "none" PGP.
--cert-digest-algo name
- name . --version -. , .. GnuPG, OpenPGP,
, .
--s2k-cipher-algo name
name. CAST5. , , , --personal-cipher-prefer-
ences --cipher-algo.
--s2k-digest-algo name
- name (). SHA-1.
--s2k-mode n
(). n 0, ( ), 1, "" ( ) 3 ( ), .
--rfc1991, .
--simple-sk-checksum
SHA-1. OpenPGP, GnuPG . , . . , , - (
).
--disable-cipher-algo name
name. , .
--disable-pubkey-algo name
name. , .
--no-sig-cache
. . , , . , - , .
--no-sig-create-check
GnuPG, , , . ( 115% DSA ). . , , .
--auto-check-trustdb
--no-auto-check-trustdb
GnuPG , , --check-trustdb. . --no-auto-check-
trustdb .
--throw-keyids
--no-throw-keyids
. . , GnuPG . --no-throw-keyids .
--not-dash-escaped
, . , .. . . , GnuPG .
--escape-from-lines
--no-escape-from-lines
"From " "<From ", . , PGP . . --no-escape-
from-lines .
--passphrase-fd n
n. 0 n, . . .
--command-fd n
IPC. , , . --status-fd. .
doc/DETAILS .
--use-agent
--no-use-agent
GnuPG-Agent. , . , GnuPG , , . --no-use-
agent .
--gpg-agent-info
GPG_AGENT_INFO. --use-agent.
GnuPG . . , . OPENPGP .
--gnupg GnuPG. , OpenPGP (. --openpgp), PGP.
, , , , gpg.conf.
--openpgp , - OpenPGP. , --rfc1991, --force-
v3-sigs, --s2k-*, --cipher-algo, --digest-algo
--compress-algo OpenPGP. PGP .
--rfc2440 , - RFC-2440. --openpgp.
--rfc1991 RFC1991 (PGP 2.x).
--pgp2 PGP 2.x. PGP 2.x (., RSA ), . ,
`PGP 2.x' 'MIT PGP 2.6.2'.
`--rfc1991 --disable-mdc --no-force-v4-certs --no-
sk-comment --escape-from-lines --force-v3-sigs
--no-ask-sig-expire --no-ask-cert-expire --cipher-
algo IDEA --digest-algo MD5 --compress-algo 1'. ,
, --textmode .
--pgp6 PGP 6. IDEA, 3DES CAST5, - MD5, SHA1
RIPEMD160 ZIP . , , --throw-keyids , .. PGP
6 .
`--disable-mdc --no-sk-comment --escape-from-lines
--force-v3-sigs --no-ask-sig-expire'.
--pgp7 PGP 7. --pgp6, , MDC AES128,
AES192, AES256, TWOFISH.
--pgp8 PGP 8. PGP 8 OpenPGP, PGP, -
--throw-keyids --escape-from-lines. , - SHA-384
SHA-512.
--force-v3-sigs
--no-force-v3-sigs
OpenPGP , v4, PGP 5, 6 7 . GnuPG v3. ,
--ask-sig-expire, .. v3 . --no-force-v3-sigs .
--force-v4-certs
--no-force-v4-certs
v4 , v3 . , , - v3 RSA MD5 SHA-1. --no-
force-v4-certs .
--force-mdc
GnuPG . ( 64 ) MDC.
--disable-mdc
. , .
--allow-non-selfsigned-uid
--no-allow-non-selfsigned-uid
. , .. . --no-allow-non-selfsigned-uid .
--allow-freeform-uid
. , .. - .
--ignore-time-conflict
GnuPG, , , . , - . . . --ignore-valid-from,
.
--ignore-valid-from
GnuPG, , . . . . --ignore-time-conflict .
--ignore-crc-error
ASCII , OpenPG CRC . , , ( OpenPGP) . .
--ignore-mdc-error
, MDC . , . , , MDC .
--lock-once
.
--lock-multiple
. --lock-once .
--lock-never
. , , . . .
--no-random-seed-file
GnuPG . ; . .
--no-verbose
0.
--no-greeting
.
--no-secmem-warning
.
--no-permission-warning
(--homedir). , , GnuPG, - , . , .
, , , .. gpg.conf . .
--no-mdc-warning
MDC.
--require-secmem
--no-require-secmem
GnuPG . (.. GnuPG , ).
--no-armor
, ASCII .
--no-default-keyring
. , GnuPG , --keyring --secret-keyring, .
--skip-verify
. .
--with-colons
. , UTF-8 --display-charset. , .. .
doc/DETAILS, GnuPG.
--with-key-data
( --with-colons) .
--with-fingerprint
, --fingerprint .
--fast-list-mode
; . . . .
--fixed-list-mode
--with-colon 1970-01-01.
--list-only
. --dry-run, . . .
--no-literal
. .
--set-filesize
. .
--show-session-key
, . . --override-session-key.
. , . , . .
--override-session-key string
, string. --show-session-key. , ; .
--ask-sig-expire
--no-ask-sig-expire
. , . --no-ask-sig-expire .
--ask-cert-expire
--no-ask-cert-expire
. , . --no-ask-cert-expire .
--expert
--no-expert
, , , , , . . , , . , , . --no-
expert .
--allow-secret-key-import
, .
--try-all-secrets
, , . ( --throw-keyids) .
--enable-special-filenames
-&n, n -- , n.
--no-expensive-trust-checks
.
--group name=value1 [value2 value3 ...]
, . (-r or --recipient), . , .
, , =, key IDs , . , . , , - . , ,
, .
--ungroup name
--group.
--no-groups
--group.
--preserve-permissions
/ . , .
--personal-cipher-preferences string
string, , , "pref" . . , , --symmetric.
--personal-digest-preferences string
- string, , , "pref" . . -, , (--clear-
sign --sign). "H2", SHA-1.
--personal-compress-preferences string
string, , , "pref" . . , , , (,
--symmetric).
--default-preference-list string
string, , , "pref" . "updpref" .
--list-config [names]
GnuPG. , GnuPG. . doc/DETAILS GnuPG. --list-
config --with-colons.
GnuPG; :
234567C4
0F34E556E
01347A56A
0xAB123456
.
234AABBCC34567C4
0F323456784E56EAB
01AB3FED1347A5612
0x234AABBCC34567C4
, OpenPGP ( --with-colons).
1234343434343434C434343434343434
123434343434343C3434343434343734349A3434
0E12343434343434343434EAB3484343434343434
0xE12343434343434343434EAB3484343434343434
-- . ( ).
=Heinrich Heine <heinrichh@uni-duesseldorf.de>
. .
<heinrichh@uni-duesseldorf.de>
. , .
+Heinrich Heine duesseldorf
( ) . , , 7- .
Heine
*Heine ( ). , .
, (!) . , GnuPG, - .
0 , 1 .
gpg -se -r Bob file
Bob
gpg --clearsign file
gpg -sb file
gpg --list-keys user_ID
gpg --fingerprint user_ID
gpg --verify pgpfile
gpg --verify sigfile [files]
, . , sigfile --- ( ASCII ), [files] ;
, (".sig" ".asc") sigfile .
HOME .
GNUPGHOME , "~/.gnupg".
GPG_AGENT_INFO
gpg-agent; --use-agent. 3 , . -- UNIX, --
gpg-agent, -- , 1. gpg-agent, , . --gpg-agent-
info .
http_proxy
--honor-http-proxy.
COLUMNS
LINES .
~/.gnupg/secring.gpg
~/.gnupg/secring.gpg.lock
~/.gnupg/pubring.gpg
~/.gnupg/pubring.gpg.lock
~/.gnupg/trustdb.gpg
~/.gnupg/trustdb.gpg.lock
~/.gnupg/random_seed
~/.gnupg/gpg.conf
~/.gnupg/options
. gpg.conf
/usr[/local]/share/gnupg/options.skel
/usr[/local]/lib/gnupg/
,
** ** . . , , "~/.gnupg/".
, (, telnet), ** !
, , ; , - .
OPENPGP
GnuPG OpenPGP. , GnuPG , - SHA-512 ZLIB BZIP2. ,
OpenPGP , --cipher-algo, --digest-algo, --cert-digest-algo --com-
press-algo GnuPG , , OpenPGP, , OpenPGP.
OpenPGP, . , , PGP BLOWFISH. PGP . GnuPG
OpenPGP, , , , OpenPGP . , , .
, , - , --pgp6, --pgp7 --pgp8. , .. -
OpenPGP, .
SUID. . ( ) . , , . , .
: <zwon@severodvinsk.ru>.
gpg(1)
Man(1) output converted with
man2html