GnuPG CLI

Encrypt files

gpg --encrypt --recipient DEADBEEF file.pdf
gpg --encrypt --recipient 'john@example.com' file.pdf

Decrypt files

gpg --decrypt file.pdf.gpg > file.pdf

Verifying signatures

gpg --verify dl.zip.sig dl.zip

Import keys

curl https://example.com/key.asc | gpg --import
gpg --import key.asc

Trust levels

  • Ultimate — it’s your own key
  • Full — you’ve verified the identity of the key owner and signed their public key
  • Marginal — enough to make the key show up as “valid”