26 lines
1.2 KiB
Markdown
26 lines
1.2 KiB
Markdown
+++
|
|
title = "Using GPG Public Key"
|
|
+++
|
|
|
|
GNU Privacy Guart (GPG) is an pupular two factor encrytpion system often used for signing or encrypting emails, files or even git commits.
|
|
This post foruces on using provided public key to check signature validity for files signed using complementary public key.
|
|
|
|
## Importing Key
|
|
One way to keep prublic keys is by using a keyserver such as _hkps://keyserver.ubuntu.com_.
|
|
To import key with ID **3BDD542C9B0BE180D5802DFF020C42B7A9ABA3E2** from _hkps://keyserver.ubuntu.com_ keyserver
|
|
issue command:
|
|
```bash
|
|
$ gpg2 --keyserver hkps://keyserver.ubuntu.com --recv-key 3BDD542C9B0BE180D5802DFF020C42B7A9ABA3E2
|
|
```
|
|
It's also possible to use "short" ID by using only the last 8 digits of hexadecimal
|
|
ID representation, in our case **A9ABA3E2** - but it's discourages because of possible ID collisions.
|
|
|
|
To search and import a key using email, example _asmir.abdulahovic@gmail.com_ issue command:
|
|
```bash
|
|
$ gpg2 --keyserver hkps://keyserver.ubuntu.com \
|
|
--search-keys "asmir.abdulahovic@gmail.com"
|
|
```
|
|
|
|
Note **hkps** protocol selection acts simmilary as **https** for **http**,
|
|
prefferably use it to avoid **MITM** and other attacks.
|