# Generate new GPG keys for Encryption in expert mode
gpg --expert --full-gen-key
# Generate a new key pair, for options:
# - Kind of key: ECC and ECC (Elliptic curve cryptography)
# - elliptic curve: Cure 25519 (ed25519)
# - Key expiry date (good practice): 2 years
## List keys with Key ID with --list-keys
gpg --list-keys --keyid-format LONG
# List long form of GPG keys
gpg --list-secret-keys --keyid-format=long
# Set home directory of GNUPG, for example on Windows to different directory, then list keys
gpg --homedir ~/.gnupg --list-keys
gpg --homedir d/.gnupg --list-keys
## Get fingerprint with a key ID
gpg --fingerprint <keyID>
# Prints the GPG key ID, in ASCII armor format using key's ID
gpg --armor --export 3AA5C34371567BD2
# Export your public key, give this file to people you want to communicate with
gpg --armor --export user-id-or-email > pubkey.asc
## Export an ascii armored version of the public key
gpg --output public.pgp --armor --export username@email
## Export Secret Key - export an ascii armored version of the secret key:
gpg --output private.pgp --armor --export-secret-key username@email
# Export public key for a person
gpg --export --armor alice@example.com
# Sign a file without encryption
# Encrypt and sign a document for multiple people
gpg --output doc.txt.gpg --encrypt --sign --recipient alice@example.com --recipient bob@example.com doc.txt
# --output : encrypted file after command
# --encrypt : encrypt a file
# --receipient : email corresponding to the GPG key of the receiver imported previously
# --sign : sign with your key
gpg --output doc.txt --decrypt doc.txt.gpg
# Encrypt file with only passphrase
# Decrypt file to output -o files doc.txt
gpg -o 'doc.txt' -d 'doc.txt.gpg'
## Sign someone's public because you know it is from them and trust them locally