$Id$ Many commands and options require a key specifier. A key specifier is the key ID or any portion of ther user ID of a key. Consider the following example. alice% gpg --list-keys chloe pub 1024D/B87DBA93 1999-06-28 Chloe (Jester) <chloe@cyb.org> uid Chloe (Plebian) <chloe@tel.net> sub 2048g/B7934539 1999-06-28 For this key, 0xB87DBA93, Chloe, Plebian, and oe@tel are all examples of key specifiers that match the above key. send-keys send keys to a key server send-keys key This command sends a public key to a keyserver. The parameter key specifies the public key that should be uploaded. The command requires the option keyserver to specify to which keyserver &gpg; should send the keys. recv-keys retrieve keys from a key server recv-keys key-id key-id ... This command downloads one or more public keys from a keyserver. Each key-id is a key ID. The command requires the option keyserver to specify from which keyserver &gpg; should download the keys. encrypt encrypt a document encrypt filename This command encrypts the document filename to recipients specified using the option recipient. If the parameter filename is omitted, then the document to encrypt is taken from standard input. If the option recipient is omitted, &gpg; will prompt for a recipient. If the option output is used, &gpg; will output the encrypted information to the specified file. decrypt decrypt an encrypted document decrypt filename This command decrypts filename and puts the result on standard output. If the parameter filename is omitted, then the document to decrypt is taken from standard input. Use the option output to output the decrypted message to a file instead. clearsign make a cleartext signature clearsign filename This command signs a message that can be verified to ensure that the original message has not been changed. Verification of the signed message is done using the command verify. fingerprint display key fingerprints fingerprint name ... This command prints the fingerprints of the specified public keys. The parameter name is a key specifier. If no parameter name is provided, &gpg; will print the fingerprints of all the keys on your public keyring. detach-sig make a detached signature detach-sig filename This command creates a signature file that can be used to verify that the orginal file filename has not been changed. Verification of the file using a detached signature is done using the command verify. gen-key generate a new keypair gen-key This command generates a private/public key pair for use in encrypting, decrypting, and signing of messages. You will br prompted for the kind of key you wish to create, the key size, and the key's expiration date. symmetric encrypt a document using only a symmetric encryption algorithm symmetric filename This command encrypts a document using a symmetric algorithm with a key derived from a passphrase supplied by you during execution. The key should be selected to make it difficult to randomly guess the key. To decrypt a document encrypted in this manner use the command. decrypt. list-keys list information about the specified keys list-keys key ... This command lists the public key specified by the key specifiers on the command line. If no key specifier is given, &gpg; will print all of the keys on the public keyring. import import keys to a local keyring import filename This command imports one or more public keys onto the user's public keyring from the file filename. verify verify a signed document verify signature document This command verifies a document against a signature to ensure that the document has not been altered since the signature was created. If signature is omitted, &gpg; will look in document for a clearsign signature. gen-revoke generate a revocation certificate for a public/private keypair gen-revoke key This command generates a revocation certificate for a public/private key pair. The parameter key is a key specifier. export export keys from a local keyring export key key ... This command exports the public keys components of the keys specified by the key specifiers key key .... The export command by default sends its output to standard output. This key file can later be imported into another keyring using the command import. edit-key presents a menu for operating on keys edit-key key This command presents a menu which enables you to perform key-related taskes. The key specifier key specifies the key pair to be edited. If the specifier matches more than one key pair, &gpg; issues an error and exits. Key listings displayed during key editing show the key with its secondary keys and all user ids. Selected keys or user ids are indicated by an asterisk. The trust and validity values are displayed with the primary key: the first is the assigned trust and the second is the calculated validity. Letters are used for the values: Letter Meaning - No ownertrust assigned / not yet calculated. e Trust calculation has failed. q Not enough information for calculation. n Never trust this key. m Marginally trusted. f Fully trusted. u Ultimately trusted. The following lists each key editing command and a description of its behavior. Makes a signature on the current key. If th key is not yet signed by the default user or the user given with the option local-user, the program displays the information of the key again, together with its fingerprint and asks whether it should be signed. This question is repeated for all users specified with the option local-user. Same as sign, but the signature is marked as non-exportable and will therefore never be used by others. This may be used to make keys valid only in the local environment. Revoke a signature. Asks for each signature makde by a one of the private keys whether a revocation certificate should be generated. Change the owner trust value. This updates the trust database immediately and no save is required. Disable the key. A disabled key cannot normally be used for encryption. Enable a key that has been previously disabled. Add a new user id to the current key. Delete a user id from the current key. Add a new subkey to the current key. Delete a subkey from the current key. Revoke a subkey of the current key. Change a key expiration time. If a subkey is selected, the time of that key will be changed. With no selection the expiration time of the current primary key is changed. Toggle selection of subkey with index n. Use 0 to deselect all. Toggle selection of user id with index n. Use 0 to deselect all. Change the passphrase of the private key of the selected key pair. Toggle between public and private key listings. Check all selected user ids. List preferences. Save all changes to the current key and quit. Quit without updating the current key.