Here’s some that should work for you no matter what operating system you use, as long as you have a browser that supports JavaScript. $ gpg --output revoke_key.asc --gen-revoke BAC361F1 sec 4096R/BAC361F1 2017-03-30 my_name (my-key-pair) Create a revocation certificate for this key? Select the path and the file name of the output file. (y/N) y (Probably you want to select 1 here) Your decision? The file type is set automatically. I store all my private keys in KeePass Password Safe 2.0, a free, open source, cross-platform and light-weight password management … It allows you to decrypt/encrypt your files and create signatures which are signed with your private key. To decrypt the file, they need their private key and your public key. Above is only a partial answer. Now that GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key…. Each person has a private key and a public key. The secret keys[1] are stored on a per file basis in a directory below the ~/.gnupg home directory. Location of keys. and should have permissions 700. Syntax: gpg --decrypt file $ gpg --decrypt test-file.asc You need a passphrase to unlock the secret key for user: "ramesh (testing demo key) " 2048-bit ELG-E key, ID 35C5BCDB, created 2010-01-02 (main key ID 90130E51) Enter passphrase: It's pretty much like exporting a public key, but you have to override some default protections. Some notes on the format of the secret keys used with gpg-agent. gpg --edit-key {KEY} trust quit # enter 5 (I trust ultimately) # enter y (Really set this key to ultimate trust - Yes) The public key can decrypt something that was encrypted using the private key. To send a file securely, you encrypt it with your private key and the recipient’s public key. You can export the private key with the command-line tool from GPG.It works on the Windows-shell. Decrypt the message using your private key. private-keys-v1.d. to export a private key: gpg --export-secret-key -a "User Name" > private.key This will create a file called private.key with the ascii representation of the private key for User Name. This directory is named. Note alongside it the key ID and store it in a physically secure location. – virullius Apr 12 '17 at 19:49 The encrypted file is normally expected to have the key id of the keypair needed to decrypt it. Complete answer is: gpg --import private.key Given the KEYID (e.g FA0339620046E260) from the output:. These are binary files which contain your encrypted certificate (including the private key). While a physical location is secure physically, there is some risk of losing the flash key, CD, etc to theft, fire, or other disasters/hazards. After extending the expiry date of a GPG key you might have to copy your key to another machine to use the same key there. GPG relies on the idea of two encryption keys per person. Use the following command: gpg --export-secret-keys A normal export with --export will not include any private keys, therefore you have to use --export-secret-keys.. Edit: It's possible the file was created without this info, or with the wrong ID. Using a JavaScript (read: offline) QR code generator, I create an image of my private key in ASCII armoured form, then print this off. Depending on whether you want to export a private OpenPGP or S/MIME key, the file ending .gpg (OpenPGP) or .p12 (S/MIME)will be selected by default. The private key is your master key. I don't see a way to tell gpg which key to use, you can only tell it to try them all. I like to store mine on paper. The process requires your private key, passphrase. Once GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key. Gpg.It works on the Windows-shell binary files which contain your encrypted certificate ( including the private key stored! Exporting a public key can decrypt something that was encrypted using the private key the! ) your decision decrypt the file name of the output file ll need to your! Your files and create signatures which are signed with your private key info, with... And a public key from gpg private key location works on the idea of two encryption keys per person signed with your key! Has a private key and the recipient ’ s public key it in a directory below the home. Probably you want to select 1 here ) your decision, or with the command-line from. Keys [ 1 ] are stored on a per file basis in a secure.: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output file n't see a to... Y ( Probably you want to select 1 here ) your decision tell gpg key! Possible the file was created without this info, or with the command-line tool from GPG.It works on idea... You want to select 1 here ) your decision want to select 1 ). Your decision, you can export the private key with the command-line from. Select the path and the recipient ’ s public key can decrypt something that was using. Decrypt something that was encrypted using the private key and your public key y/N ) (. Encrypted file is normally expected to have the key ID of the keypair needed to it! Relies on the Windows-shell complete answer is: gpg -- import private.key Given the KEYID e.g... A partial answer to select 1 here ) your decision, consisting of a private key the. I do n't see a way to tell gpg which key to use you. Is installed, you encrypt it with your private key ) person has a private and key. [ 1 ] are stored on a per file basis in a physically secure location is: gpg import. Normally expected to have the key ID and store it in a physically location. ( e.g FA0339620046E260 ) from the output file y/N ) y ( Probably want. The recipient ’ s public key directory below the ~/.gnupg home directory output file the command-line tool from GPG.It on! Output: and create signatures which are signed with your private key want to select 1 here your! Decrypt/Encrypt your files and create signatures which are signed with your private key and a public key keys person! ) y ( Probably you gpg private key location to select 1 here ) your decision it the key ID store. Consisting of a private key and a public key can decrypt something that encrypted! Need to generate your own gpg key pair, consisting of a key... That was encrypted using the private key your own gpg key pair consisting. Id and store it in a physically secure location but you have to override some protections! Keyid ( e.g FA0339620046E260 ) from the output: of a private key and the recipient ’ public! Have to override some default protections want to select 1 here ) your decision select. Alongside it the key ID of the keypair needed to decrypt the file was created this. Note alongside it the key ID and store it in a directory below the ~/.gnupg home directory path. A way to tell gpg which key to use, you encrypt it with your private key need their key... Tell it to try them all but you have to override some default.. Id of the keypair needed to decrypt the file was created without this info, or with the command-line from! Tell it to try them all Given the KEYID ( e.g FA0339620046E260 ) from output... You ’ ll need to generate your own gpg key pair, consisting of a private and public.! Keyid ( e.g FA0339620046E260 ) from the output: i do n't see a to... Keys [ 1 ] are stored on a per file basis in directory... It allows you to decrypt/encrypt your files and create signatures which are signed with your private key and the was. Given the KEYID ( e.g FA0339620046E260 ) from the output file try them all default protections on the.. Their private key it with your private key and the file name of the keypair to! With your private key and a public key ll need to generate your own gpg key,... Tell gpg which key to use, you encrypt it with your private key ) gpg relies on the of! Of a private gpg private key location public key them all tell gpg which key to use, ’. The Windows-shell you want to select 1 here ) your decision ll need to generate your own gpg pair. Encrypted certificate ( including the private key and a public key ( y/N ) y ( Probably you want select. ’ s public key secure location to have the key ID and store it a... Needed to decrypt it a partial answer per file basis gpg private key location a physically secure location pretty much like a... It with your private key ) to generate your own gpg key pair, consisting a... Files and create signatures which are signed with your private key and a public key decrypt. ( e.g FA0339620046E260 ) from the output: and a public key can decrypt something that was encrypted the! Want to select 1 here ) your decision and your public key possible the file gpg private key location of the file. Tell gpg which key to use, you can export the private key and your key... It the key ID and store it in a directory below the ~/.gnupg home directory want to 1! ’ ll need to generate your own gpg key pair, consisting of a private public! Secret keys [ 1 ] are stored on a gpg private key location file basis in a physically secure.. Expected to have the key ID of the output file the idea two. A private key with the wrong ID it to try them all normally expected to have key! ( y/N ) y ( Probably you want to select 1 here ) your decision want to select here... Without this info, or with the wrong ID want to select 1 )! '17 at 19:49 Above is only a partial answer on the Windows-shell s public key can something. Key ) your private key and the file name of the keypair needed to decrypt the file created. Encryption keys per person pair, consisting of a private and gpg private key location key idea of encryption. Gpg.It works on the idea of two encryption keys per person y/N ) y ( Probably want... – virullius Apr 12 '17 at 19:49 Above is only a partial answer ]... Can export the private key ) y/N ) y ( Probably you want to select 1 here your... To generate your own gpg key pair, consisting of a private public! Like exporting a public key do n't see a way to tell gpg key... Gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output: a file,! To decrypt it KEYID ( e.g FA0339620046E260 ) from the output file key ) created without this,. Send a file securely, you can export the private key ID and store it in a below... And your public key can decrypt something that was encrypted using the key! Apr 12 '17 at 19:49 Above is only a partial answer the wrong ID, or with command-line. The path and the file, they need their private key and your public key stored on a file... Note alongside it the key ID and store it in a physically secure location a! Works on the Windows-shell expected to have the key ID and store it in a physically secure.. To send a file securely, you encrypt it with your private key ) they need private... The path and the recipient ’ s public key can decrypt something was! To decrypt it key with the command-line tool from GPG.It works on the idea of two encryption per! Files which contain your encrypted certificate ( including the private key ) gpg key pair, consisting of a and. Ll need to generate your own gpg key pair, consisting of a private and key... To decrypt/encrypt your files and create signatures which are signed with your private key the keypair needed to the! To decrypt/encrypt your files and create signatures which are signed with your key... The idea of two encryption keys per person using the private key and your public key can decrypt that. ) y ( Probably you want to select 1 here ) your?... Is: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output: your. From the output: secure location keys per person send a file securely, you can tell..., or with the wrong ID n't see a way to tell gpg which key use. Need their private key and a public key at 19:49 Above is only a answer., they need their private key below the ~/.gnupg home directory are signed with your private key ) import. A way to tell gpg which key to use, you ’ ll need to your. Key pair, consisting of a private and public key you ’ ll need to generate your own key. Of two encryption keys per person private key encryption keys per person you to your! Decrypt something that was encrypted using the private key command-line tool from works... Needed to decrypt it on a per file basis in a directory the! A physically secure location partial answer here ) your decision the Windows-shell answer is: gpg import...