Commands using gpg (38)

  • Generate a random password 30 characters long

    According to the gpg(1) manual: --gen-random 0|1|2 count Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system! If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as: du -s / This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password). Show Sample Output


    11
    gpg --gen-random --armor 1 30
    atoponce · 2011-07-20 15:32:49 8
  • Auto Get Missing Launchpad Keys

    You can choose these mirror servers to get gpg keys, if the official one ever goes offline keyserver.ubuntu.com pool.sks-keyservers.net subkeys.pgp.net pgp.mit.edu keys.nayr.net keys.gnupg.net wwwkeys.en.pgp.net #(replace with your country code fr, en, de,etc)


    6
    sudo apt-get update 2> /tmp/keymissing; for key in $(grep "NO_PUBKEY" /tmp/keymissing |sed "s/.*NO_PUBKEY //"); do echo -e "\nProcessing key: $key"; gpg --keyserver pool.sks-keyservers.net --recv $key && gpg --export --armor $key |sudo apt-key add -; done
    Bonster · 2011-03-30 08:18:54 8
  • Encrypt and password-protect execution of any bash script, Version 2

    (Please see sample output for usage) Use any script name (the read command gets it) and it will be encrypted with the extension .crypt, i.e.: myscript --> myscript.crypt You can execute myscript.crypt only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Sorry for the chmod on parentheses, I dont like "-" at the end. Thanks flatcap for the subshell abbreviation to /dev/null Show Sample Output


    6
    read -p 'Script: ' S && C=$S.crypt H='eval "$((dd if=$0 bs=1 skip=//|gpg -d)2>/dev/null)"; exit;' && gpg -c<$S|cat >$C <(echo $H|sed s://:$(echo "$H"|wc -c):) - <(chmod +x $C)
    rodolfoap · 2013-03-10 08:59:45 13
  • gpg decrypt a file

    gpg command to decrypt a previously encrypted file on the command line. Can be optionally made into an alias: alias decrypt='gpg --output foo.txt --decrypt foo.txt.pgp'


    5
    gpg --output foo.txt --decrypt foo.txt.pgp
    mariusz · 2009-02-16 19:56:19 8
  • Encrypt and password-protect execution of any bash script

    (Please see sample output for usage) script.bash is your script, which will be crypted to script.secure script.bash --> script.secure You can execute script.secure only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Show Sample Output


    5
    echo "eval \"\$(dd if=\$0 bs=1 skip=XX 2>/dev/null|gpg -d 2>/dev/null)\"; exit" > script.secure; sed -i s:XX:$(stat -c%s script.secure): script.secure; gpg -c < script.bash >> script.secure; chmod +x script.secure
    rodolfoap · 2013-03-09 11:16:48 20
  • Create Encrypted WordPress MySQL Backup without any DB details, just the wp-config.php

    The coolest way I've found to backup a wordpress mysql database using encryption, and using local variables created directly from the wp-config.php file so that you don't have to type them- which would allow someone sniffing your terminal or viewing your shell history to see your info. I use a variation of this for my servers that have hundreds of wordpress installs and databases by using a find command for the wp-config.php file and passing that through xargs to my function. Show Sample Output


    4
    eval $(sed -n "s/^d[^D]*DB_\([NUPH]\)[ASO].*',[^']*'\([^']*\)'.*/_\1='\2'/p" wp-config.php) && mysqldump --opt --add-drop-table -u$_U -p$_P -h$_H $_N | gpg -er AskApache >`date +%m%d%y-%H%M.$_N.sqls`
    AskApache · 2009-08-18 07:03:08 7
  • Encryption file in commad line

    This will encrypt your single file and create a filename.gpg file. Option: * -c : Encrypt with symmetric cipher To decrypt dhinesh@ubuntu:~$ gpg -c sample.rb.gpg Show Sample Output


    4
    gpg -c <filename>
    Dhinesh · 2011-11-21 06:26:59 6
  • gpg encrypt a file

    gpg command to encrypt a file on the command line.


    3
    gpg --encrypt --recipient 'Foo Bar' foo.txt
    mariusz · 2009-02-16 19:58:13 7
  • Send a signed and encrypted email from the command line

    A very simple command to send a signed and encrypted message from the command line using GPG Keys


    3
    echo "SECRET MESSAGE" | gpg -e --armor -s | sendmail USER@DOMAIN.COM
    flip387 · 2009-09-04 20:47:12 7
  • Efficient remote forensic disk acquisition gpg-crypted for multiple recipients

    Acquires a bit-by-bit data image, gzip-compresses it on multiple cores (pigz) and encrypts the data for multiple recipients (gpg -e -r). It finally sends it off to a remote machine.


    3
    dd if=/dev/sdb | pigz | gpg -r <recipient1> -r <recipient2> -e --homedir /home/to/.gnupg | nc remote_machine 6969
    brainstorm · 2010-12-31 19:24:37 7
  • Getting GnuPG Public Keys From KeyServer

    get my GPG-key from pgp.surfnet.nl, key id is 19886493. Show Sample Output


    2
    gpg --keyserver pgp.surfnet.nl --recv-key 19886493
    6peng · 2009-02-06 02:24:28 16
  • Create passwords and store safely with gpg

    Adjust the head -c part for password length. I use filenames like "hans@commandlinefu.com.gpg" and a vim which automatically decrypts files with .gpg suffixes.


    2
    tr -dc "a-zA-Z0-9-_\$\?" < /dev/urandom | head -c 10 | gpg -e -r medha@nerdish.de > password.gpg
    hans · 2009-02-25 08:48:26 7
  • import gpg key from the web

    imports a public key from the web. I know this by head.. but useful nevertheless Show Sample Output


    2
    curl -s http://defekt.nl/~jelle/pubkey.asc | gpg --import
    wires · 2009-06-18 11:26:03 9
  • Backup a filesystem to a remote machine and use cstream to throttle bandwidth of the backup

    This command will nicely dump a filesystem to STDOUT, compress it, encrypt it with the gpg key of your choice, throttle the the data stream to 60kb/s and finally use ssh to copy the contents to an image on a remote machine. Show Sample Output


    2
    nice -n19 dump -0af - /<filesystem> -z9|gpg -e -r <gpg key id>|cstream -v 1 -t 60k|ssh <user@host> "cat > backup.img"
    din7 · 2009-10-29 18:27:25 5
  • tar.gz with gpg-encryption on the fly

    Create a encrypted tar.gz file from a directory on the fly. The encryption is done by GPG with a public key. The resulting filename is tagged with the date of creation. Very usefull for encrypted snapshots of folders.


    2
    tar -cvz /<path>/ | gpg --encrypt --recipient <keyID> > /<backup-path>/backup_`date +%d_%m_%Y`.tar.gz.gpg
    kaiserkailua · 2011-02-23 14:19:08 31
  • encrypt and post or get and decrypt from sprunge using gpg symmetric encryption option

    create simple encrypted notes to yourself using a passphrase on sprunge.us Show Sample Output


    2
    function cpaste () { gpg -o - -a -c $1 | curl -s -F 'sprunge=<-' http://sprunge.us } function dpaste () { curl -s $1 | gpg -o - -d }
    gml · 2011-02-26 11:22:08 3
  • It decripts all pgp files in a selection folder and move the output into a file.


    1
    for x in *.pgp do `cat /file_with_the_passphrase.dat|(gpg --batch --no-tty --yes --passphrase-fd=0 --decrypt `basename $x`; ) > 'dump_content.dat'` done;
    insan3 · 2009-02-15 03:09:28 10
  • Search gpg keys from commandline


    1
    gpg --search-keys
    linuxswords · 2009-08-30 13:52:29 3
  • gpg decrypt several files

    Change directory (cd) to the directory where all your encrypted files are placed, and then run the command - then you are asked to insert your secret gpg password - ubuntu 8.04


    1
    gpg --allow-multiple-messages --decrypt-files *
    bkn390 · 2009-09-20 11:50:41 45
  • Read info(1) pages using 'less' instead of GNU Texinfo

    I like man pages, and I like using `less(1)` as my pager. However, most GNU software keeps the manual in the 'GNU Texinfo' format, and I'm not a fan of the info(1) interface. Just give me less. This command will print out the info(1) pages, using the familiar interface of less! Show Sample Output


    1
    info gpg |less
    StefanLasiewski · 2010-07-01 23:44:15 6
  • Fetch all GPG keys that are currently missing in your keyring

    For instance, if people have signed your key, this will fetch the signers' keys.


    1
    gpg --list-sigs | sed -rn '/User ID not found/s/^sig.+([a-FA-F0-9]{8}).*/\1/p' | xargs -i_ gpg --keyserver-options no-auto-key-retrieve --recv-keys _
    lingo · 2011-07-22 16:31:25 5
  • Add GPG key easy - oneliner

    Replace KEY with GPG key. This command will load GPG key and add it to your system so you can use software from third party repos etc. Show Sample Output


    1
    x=KEY; gpg --keyserver subkeys.pgp.net --recv $x; gpg --export --armor $x | sudo apt-key add -
    sxiii · 2013-11-26 10:49:32 9
  • Clean apt-get and gpg cache and keys

    Cleans apt-get and gpg cache and keys


    1
    sudo gpg --refresh-keys; sudo apt-key update; sudo rm -rf /var/lib/apt/{lists,lists.old}; sudo mkdir -p /var/lib/apt/lists/partial; sudo apt-get clean all; sudo apt-get update
    lpalgarvio · 2015-02-02 18:00:20 25
  • Destroy file contents after encryption

    Make sure the file contents can't be retrieved if anyone gets ahold of your physical hard drive. With hard drive partition: gpg --default-recipient-self -o /path/to/encrypted_backup.gpg -e /dev/sdb1 && shred -z /dev/sdb1 WARNING/disclaimer: Be sure you... F&%k it--just don't try this.


    0
    gpg -e --default-recipient-self <SENSITIVE_FILE> && shred -zu "$_"
    h3xx · 2011-07-24 05:51:47 3
  • encrypt file.txt using a symmetric password


    0
    gpg -c file.txt
    kev · 2011-09-17 04:53:03 3
  •  1 2 > 

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Check These Out

Make a playlistfile for mpg321 or other CLI player
A short variant if you have only one directory whit only audio files in it.

Open a man page as a PDF in Gnome
Would be better if gnome-open would accept std in Should be doable in KDE - anyone?

purge installed but unused linux headers, image, or modules
will purge: only installed apps: /^ii/!d avoiding current kernel stuff: /'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d using app names: s/^[^ ]* [^ ]* \([^ ]*\).*/\1/ avoiding stuff without a version number: /[0-9]/!d

Grab a list of MP3s out of Firefox's cache
Grab a list of MP3s (with full path) out of Firefox's cache Ever gone to a site that has an MP3 embedded into a pesky flash player, but no download link? Well, this one-liner will yank the *full path* of those tunes straight out of FF's cache in a clean list. Shorter and Intuitive version of the command submitted by (TuxOtaku)

Which processes are listening on a specific port (e.g. port 80)
swap out "80" for your port of interest. Can use port number or named ports e.g. "http"

Go up multiple levels of directories quickly and easily.
Change to your taste. Much quicker than having to add 'cd' every time. Add it to your .bashrc or .bash_profile.

Write comments to your history.
A null operation with the name 'comment', allowing comments to be written to HISTFILE. Prepending '#' to a command will *not* write the command to the history file, although it will be available for the current session, thus '#' is not useful for keeping track of comments past the current session.

Place the argument of the most recent command on the shell
This works if your terminal is in Vi mode

Create a mirror of a local folder, on a remote server
Create a exact mirror of the local folder "/root/files", on remote server 'remote_server' using SSH command (listening on port 22) (all files & folders on destination server/folder will be deleted)

Fast command-line directory browsing
Not really alternative, just giving a different behavior listing current directory if no directory given.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: