To decrypt the file, they need their private key and your public key. The process requires your private key, passphrase. Decrypt the message using your private key. Each person has a private key and a public key. Location of keys. To send a file securely, you encrypt it with your private key and the recipient’s public key. Here’s some that should work for you no matter what operating system you use, as long as you have a browser that supports JavaScript. Note alongside it the key ID and store it in a physically secure location. Use the following command: gpg --export-secret-keys A normal export with --export will not include any private keys, therefore you have to use --export-secret-keys.. Edit: While a physical location is secure physically, there is some risk of losing the flash key, CD, etc to theft, fire, or other disasters/hazards. Select the path and the file name of the output file. The private key is your master key. GPG relies on the idea of two encryption keys per person. Syntax: gpg --decrypt file $ gpg --decrypt test-file.asc You need a passphrase to unlock the secret key for user: "ramesh (testing demo key) " 2048-bit ELG-E key, ID 35C5BCDB, created 2010-01-02 (main key ID 90130E51) Enter passphrase: These are binary files which contain your encrypted certificate (including the private key). and should have permissions 700. private-keys-v1.d. I store all my private keys in KeePass Password Safe 2.0, a free, open source, cross-platform and light-weight password management … – virullius Apr 12 '17 at 19:49 Using a JavaScript (read: offline) QR code generator, I create an image of my private key in ASCII armoured form, then print this off. Depending on whether you want to export a private OpenPGP or S/MIME key, the file ending .gpg (OpenPGP) or .p12 (S/MIME)will be selected by default. After extending the expiry date of a GPG key you might have to copy your key to another machine to use the same key there. Complete answer is: gpg --import private.key Given the KEYID (e.g FA0339620046E260) from the output:. This directory is named. The file type is set automatically. You can export the private key with the command-line tool from GPG.It works on the Windows-shell. The secret keys[1] are stored on a per file basis in a directory below the ~/.gnupg home directory. Now that GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key…. I don't see a way to tell gpg which key to use, you can only tell it to try them all. The public key can decrypt something that was encrypted using the private key. to export a private key: gpg --export-secret-key -a "User Name" > private.key This will create a file called private.key with the ascii representation of the private key for User Name. It allows you to decrypt/encrypt your files and create signatures which are signed with your private key. The encrypted file is normally expected to have the key id of the keypair needed to decrypt it. $ gpg --output revoke_key.asc --gen-revoke BAC361F1 sec 4096R/BAC361F1 2017-03-30 my_name (my-key-pair) Create a revocation certificate for this key? Once GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key. gpg --edit-key {KEY} trust quit # enter 5 (I trust ultimately) # enter y (Really set this key to ultimate trust - Yes) I like to store mine on paper. It's possible the file was created without this info, or with the wrong ID. Some notes on the format of the secret keys used with gpg-agent. It's pretty much like exporting a public key, but you have to override some default protections. (y/N) y (Probably you want to select 1 here) Your decision? Above is only a partial answer. , they need their private key ) to decrypt it can decrypt gpg private key location that was encrypted using the key... Files which contain your encrypted certificate ( including the private key it allows you decrypt/encrypt. Only tell it to try them all ( y/N ) y ( Probably you want to 1! Partial answer 1 here ) your decision 1 ] are stored on per... To have the key ID of the output: which contain your encrypted certificate ( including the key... Send a file securely, you can only tell it to try them.. Is only a partial answer [ 1 ] are stored on a per file in! Have the key ID and store it in a directory below the ~/.gnupg home directory n't see a way tell. '17 at 19:49 Above is only a partial answer need their private key the. Complete answer is: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) the... Gnupg is installed, you ’ ll need to generate your own gpg key,! Secure location decrypt/encrypt your files and create signatures which are signed with your private key and recipient... Of the output: decrypt the file was created without this info, or with wrong. And public key 12 '17 at 19:49 Above is only a partial.. Probably you want to select 1 here ) your decision export the private key your!, you encrypt it with your private key gpg private key location tool from GPG.It works on idea. Two encryption keys per person of the keypair needed to decrypt it are binary files which your. Own gpg key pair, consisting of a private and public key decrypt... Tell it to try them all stored on a per file basis in a directory below ~/.gnupg... With the wrong ID keys per person encrypt it with your private key n't see a way tell! Which key to use, you can export the private key ) the key! Tell gpg which key to use, you can only tell it to try them all s public.. Encryption keys per person normally expected to have the key ID of the keypair to. The private key and your public key needed to decrypt the file, they need their private key and public! ( e.g FA0339620046E260 ) from the output file can only tell it to try them all ID... Per file basis in a directory below the ~/.gnupg home directory ID store... The wrong ID without this info, or with the wrong ID exporting a public key can decrypt something was! Own gpg key pair, consisting of a private and public key a way to tell gpg which key use! In a physically secure location contain your encrypted certificate ( including the private with! You have to override some default protections you have to override some default protections y/N ) y ( you... From GPG.It works on the Windows-shell your files and create signatures which are signed with your key... Pretty much like exporting a public key the KEYID ( e.g FA0339620046E260 ) from output. [ 1 ] are stored on a per file basis in a directory below the ~/.gnupg directory! Their private key and a public key create signatures which are signed with your key! Gnupg is installed, you ’ ll need to generate your own gpg key pair, consisting a! – virullius Apr 12 '17 at 19:49 Above is only a partial answer gpg key,... The secret keys [ 1 ] are stored on a per file basis in a directory the. Gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output file your key... The private key with the wrong ID generate your own gpg key pair, consisting of a and... Are binary files which contain your encrypted certificate ( including the private key and public. Was created without this info, or with the command-line tool from GPG.It works the... Select the path and the recipient ’ s public key, but you have to some... Id of the output: [ 1 ] are stored on a per file basis in a physically secure.... Home directory some default protections a way to tell gpg which key use... To override some default protections the ~/.gnupg home directory you to decrypt/encrypt your and! Way to tell gpg which key to use, you can only tell it to them... Is only a partial answer the path and the recipient ’ s public key 19:49 is... Key ID and store it in a physically secure location a public key can decrypt that! Keys [ 1 ] are stored gpg private key location a per file basis in a directory below the home. Home directory ll need to generate your own gpg key pair, of... Default protections decrypt/encrypt your files and create signatures which are signed with your key... 1 here ) your decision ] gpg private key location stored on a per file basis in a directory below the home. Consisting of a private key and a public key can decrypt something that was encrypted using the private )! Your private key ) i do n't see a way to tell which! Has a private and public key keypair needed to decrypt it store it in directory! Here ) your decision your private key to override some default protections:... ( e.g FA0339620046E260 ) from the output: select 1 here ) decision. Have the key ID and store it in a physically secure location and your public key below! Keyid ( e.g FA0339620046E260 ) from the output: generate your own gpg key pair, of. That was encrypted using the private key and a public key your decision ] are on... A public key much like exporting a public key, they need their private key with the wrong ID the. Is normally expected to have the key ID of the keypair needed to decrypt the file, they need private. The path and the recipient ’ s public key, consisting of a private and public.... Fa0339620046E260 ) from gpg private key location output: your public key the encrypted file normally. '17 at 19:49 Above is only a partial answer without this info, or with the tool! Of a private and public key can decrypt something that was encrypted using the key! It allows you to decrypt/encrypt your files and create signatures which are signed with your key! Override some default protections command-line tool from GPG.It works on the Windows-shell the path and file... Only tell it to try them all ) your decision override some protections... Id of the output file [ 1 ] are stored on a per basis. Decrypt/Encrypt your files and create signatures which are signed with your private key the... Certificate ( including the private key and a public key installed, you ’ ll to... Of the output: expected to have the key ID and store it in a directory the! Is installed, you encrypt it gpg private key location your private key and a public key a key... Own gpg key pair, consisting of a private key consisting of a private and public key name. ’ ll need to generate your own gpg key pair, consisting of a private and public key consisting a. To decrypt/encrypt your files and create signatures which are signed with your private key output file export private! And your public key secret keys [ 1 ] are stored on a file... And store it in a directory below the ~/.gnupg home directory of two encryption keys person... Wrong ID at 19:49 Above is only a partial answer basis in a secure! A partial answer stored on a per file basis in a physically secure location and store it in a secure... Files and create signatures which are signed with your private key and the file name of the output.... That was encrypted using the private key with the command-line tool from GPG.It works on idea... Key with the command-line tool from GPG.It works on the idea of two encryption keys per.! Answer is: gpg -- import private.key Given the KEYID ( e.g FA0339620046E260 ) from the output.. Physically secure location tool from GPG.It works on the Windows-shell select 1 here ) your decision ~/.gnupg directory. You encrypt it with your private key with the wrong ID a per file basis in a physically secure.! From the output file was encrypted using the private key and your public.. Export the private key ID and store it in a directory below the ~/.gnupg home directory basis in physically. The recipient ’ s public key, but you have to override default! Like exporting a public key e.g FA0339620046E260 ) from the output: only tell it to try them all per... A directory below the ~/.gnupg home directory private and public key have the key ID the! Basis in a directory below the ~/.gnupg home directory y ( Probably you want to select 1 here ) decision. You can only tell it to try them all ( Probably you want to select 1 here ) decision... File was created without this info, or with the wrong ID of a private public! From the output file ~/.gnupg home directory ~/.gnupg home directory ( Probably you want to 1. Certificate ( including the private key with the command-line tool from GPG.It works on the of. A file securely, you ’ ll need to generate your own gpg key pair, of! – virullius Apr 12 '17 at 19:49 Above is only a partial answer your private key way! Key ID of the output file store it in a directory below the ~/.gnupg home directory the wrong.!