While I need to use GPG pretty regularly, I always have to look up the commands - they just don’t stick :-)

Over the last couple of months I collected every command I had to use. Enjoy!

create a key

gpg --quick-generate-key user-id

# or

gpg --generate-key

# or

gpg --full-generate-key

delete a private key

gpg --delete-secret-keys key-id

delete a public key

gpg --delete-key key-id

encrypt a file

gpg --encrypt --recipient someone@example.com filename

Please note that you can repeat the --recipient option.

decrypt a file

gpg --decrypt -outfile filename filename.gpg

show all local keys

gpg --list-keys

show fingerprints

# show fingerprints for all keys
gpg --fingerprint

# or for a single key
gpg --fingerprint key-id

show signatures

# show sigs for all keys
gpg --list-sigs

# or for as single key
gpg --list-sigs key-id

search and add a new key

via key-id

gpg --keyserver keyserver.ubuntu.com --search-key some-key-id

via email address

gpg --keyserver keyserver.ubuntu.com --search-key someone@example.com

import a public key from the file system

gpg --import key.asc

upload a key

gpg --send-keys key-id
gpg --keyserver keys.openpgp.org --send-keys key-id

extend the key expiration date

gpg --edit me@example.com

revoke a key

# always do this and keep it safely
gpg --output revoke.asc --gen-revoke key-id

# do this when you actually need to revoke it
gpg --import revoke.asc
gpg --keyserver keys.openpgp.org --send-keys key-id


Did I miss anything? What commands do you regularly use?



  • added command to list signatures
  • added command to list fingerprints


  • add alternative way to request keys from a server (Thanks, Alex Murray)


  • added note that you can repeat the --recipient option
  • use keyserver.ubuntu.com


  • added command to create a new key
  • added commands to delete private and public keys
  • added commands to revoke a key