====== GnuPG/GPG ======

  * key server: http://keyserver.pgp.com
  * My keybase: https://keybase.io/dcai

===== backup and restore gpg =====
<code bash>

# https://medium.com/@chasinglogic/the-definitive-guide-to-password-store-c337a8f023a1

# backup
gpg --export-secret-keys --armor > secret.asc

# restore
gpg --import /path/to/secret.asc

</code>


===== CheatSheet =====

<code bash>

# export public key
gpg --armor --export {useremail@dcai.me}

# export private key
gpg --armor --export-secret-key

# Import other people's key
curl https://keybase.io/dcai/key.asc | gpg --import

# list keys
gpg -k

# show keyid
gpg --keyid-format LONG -k 0xDEADBEEF {useremail@dongsheng.org}
# key id is after rsa4096/

# fingerprint
gpg --list-keys --fingerprint

# edit the key
gpg --edit-key {keyid} # the keyid is email address
gpg --send-key {keyid} # Similar to --export but sends the keys to a keyserver. 
# gpg --keyserver search.keyserver.net --send-key you@example.com

# revoke key
gpg2 --gen-revoke PUB_KEY_ID > revocert.asc

# encrypt
echo "test" | gpg --encrypt --armor

# decrypt
echo "[gpg encrypted contents here]" | gpg --decrypt

# Sign (encrypted by private), generate signature
# read this: https://www.gnupg.org/gph/en/manual/x135.html
echo -n | gpg -s --armor

# verify the signed message
# read this: https://www.gnupg.org/gph/en/manual/x135.html
echo '[gpg signature]' | gpg --verify

</code>