Some useful gpg commands
I recently ran into a problem with some gpg encrypted file, where the files were encrypted with another key than they were supposed to. Therefore I had to reencrypt them with another key. Every time I run into an unusual task with OpenGPG I find myself banging my head into a wall of useless documentation. Here’s some of the useful commands I found which let me resolve the issue:
First I had to find out what keys the file was actually encrypted with.
gpg --list-packets file.gpg - lists contents of a gpg encrypted package - including the key IDs used for encrypting the file. (The man page is of course less useful, since it only says “List only the sequence of packets. This command is only useful for debugging.” - but I haven’t found another way to do what I want)
% gpg --pinentry-mode cancel --list-packets <file>.gpg 2>&1 - if you only want to see which keys a file is encrypted with. (note, it will list the keys to STDERR, so therefor I added the redirect to STDOUT so I could grep for the key I was looking for)
% gpg -k --keyid-format short and % gpg -k --keyid-format long - There is a long and short format for GPG keys. If you want to see the short or long format for the keyid when listing keys, add the —-keyid-format option.
Note: if you always want to print for instance long format, you could add keyid-format long to ~/.gnupg/gpg.conf
Want to know the fingerprint of the subkeys? Use gpg -K --with-subkey-fingerprint --keyid-format none
A few useful links: