The GPG command for Linux

Gpg
function
GPG is a free tool for encryption and digital signatures, mostly for the transmission of encrypted information. In addition to password-only encryption, the biggest difference in GPG is the provision of a "public/private key" pair. Use your "public key" to encrypt information no longer needed to tell you the password, anytime and anywhere can send encrypted information. And this encryption is one-way, only your "private key" can unlock the encryption. Digital signatures are another great way to use them. By signing up, others can make sure that the messages you publish come from you and are not modified.

Principle
Symmetric key encryption is commonly used in the Algorithm des, Triple des or idea encryption, MD5. Symmetric key encryption communication both sides hold the same key to decrypt ciphertext.

The application of public key encryption in message and network has become popular. RSA is actually used for public key cryptography, which is the strongest public key algorithm currently available. The public key contains two keys that belong to the same party: one is the public key, it is shared by all, and the other is the private key, which is stored in the personal secret. Unlike symmetric key encryption, public key cryptography uses two keys for encryption and decryption. One is secret, this is a private key, used to decrypt the ciphertext. The ciphertext itself is generated by the public key, and the public key is distributed to the person who wants to send the encrypted information to you. How do other people get your public key? It's easy, you can publish it. You-the owner of the private key, is the only person who can decrypt the information.

Digital signatures commonly use public key cryptography to generate signatures, such as RSA and DSA. Creating a digital signature with a public key is contrary to the work of encrypting information. The information is sent through the hash function. The information after the hash process is encrypted with the private key. Once the data is encrypted with a private key, anyone holding a public key can verify that it is generated with a private key, so that the data is validated. Therefore, any person holding a public key can be tested. The hash function here is used to generate a digital signature. The hash function (hash function) is a mathematical function that extracts information and produces a fixed-length information personality feature. The length of the output is the same regardless of how much information is used to hash the method. In short, is the hash processing information with the private key encryption, others with the public key decryption recovery success (should be restored to the result of the hash process?) It means that the person who encrypted it is you, the verification of the digital signature, succeeds.

For example
* * Symmetric encryption and decryption
Here, we briefly introduce the use of GPG for symmetric encryption and decryption, followed by the emphasis on public key cryptography and digital authentication.
* Symmetric encryption MyFile:
#gpg-C myfile
In this way, you will be prompted to enter the password two times, and then generate myfile Encrypted file myfile.gpg, note that the directory cannot be encrypted, you can specify the output file name with the-o option.

* Decrypt symmetric encrypted files:
#gpg-O mydecrypt-d myfile.gpg
In this way, you will be prompted to enter the decryption password, and after the input, the corresponding file will be decrypted, through-O to specify the generated decryption file,-D to specify the decrypted file.
**

* * Public Key Cryptography related
* Generate key pairs:
[Email protected] ~]# GPG--gen-key
After the input, the output and interaction hints are as follows:
#################### #以下为输出以及交互 ##############################
GPG (GnuPG) 1.4.5; Copyright (C) 2006 free Software Foundation, Inc.
This program comes with absolutely NO WARRANTY.
This is the free software, and the Welcome to redistribute it
Under certain conditions. See the file COPYING for details.

GPG: Created directory '/ROOT/.GNUPG '
GPG: New config file '/root/.gnupg/gpg.conf ' has been established
GPG: Warning: The option in '/root/.gnupg/gpg.conf ' is not used during this run
GPG: Key Ring '/ROOT/.GNUPG/SECRING.GPG ' has been established
GPG: Key Ring '/ROOT/.GNUPG/PUBRING.GPG ' has been established
Choose the type of key you want to use:
(1) DSA and ElGamal (default)
(2) DSA (for signature only)
(5) RSA (for signature only)
What's your choice? [Enter] <==== input
The DSA key pair will have 1024 bits.
The ELG-E key length should be between 1024 bits and 4,096 bits.
How big a key size do you want to use? (2048) [Enter] <==== input
The key size you require is 2048-bit
Please set the validity period of this key.
0 = key never Expires
= key expires in n days
W = key expires after n weeks
m = key expires after n months
y = key expires in n years
What is the validity period of the key? (0) [Enter]
The key will never expire
Is the above correct? (y/n) Y <==== input

You need a user ID to identify your key; The software is combined with real names, comments and email addresses
Into the user ID as follows:
"Heinrich Heine (Der dichter)"

Real name: Quietheart <==== Input
Email address: [email protected] <==== input
Note: Test <==== input
You have identified this user id:
"Quietheart (Test)"
Change name (N), comment (C), e-mail address (e) or OK (O)/exit (Q)? o <==== Input
You need a password to protect your private key.

Please enter password: <==== input
Please enter password again: <==== input

We need to generate a lot of random bytes. This time you can do more trivia (like tapping the keyboard, moving
such as the mouse, read and write drives), which gives the random number generator a better chance of getting enough entropy.
++++++++++.+++++++++++++++.++++++++++.++++++++++++++++++++++++++++++.++++++++++++++++++++.+++++++++++++++++++++ ++++.++++++++++++++++++++>+++++.+++++........................................+++++
We need to generate a lot of random bytes. This time you can do more trivia (like tapping the keyboard, moving
such as the mouse, read and write drives), which gives the random number generator a better chance of getting enough entropy.
+++++++++++++++.+++++++++++++++.++++++++++++++++++++.+++++++++++++++++++++++++.. ++++++++++.+++++.+++++.. ++++++++++.++++++++++.++++++++++.. +++++++++++++++.. +++++>++++++++++>+++++...........................................................................+++++ ^^ ^
GPG:/ROOT/.GNUPG/TRUSTDB.GPG: Establishing a database of trust
GPG: Key Ddba2dea is marked as absolute trust
The public and private keys have been generated and signed.

GPG: Checking Trust database
GPG: Requires 3 reluctantly trusted and 1 full trust, PGP trust model
GPG: Depth: 0 Validity: 1 Signed: 0 Trust degree: 0-,0q,0n,0m,0f,1u
Pub 1024d/ddba2dea 2011-06-14
Key fingerprint = 790A 0f2d 6826 61f3 A749 0724 DBB2 c0a5 ddba 2DEA
UID Quietheart (test)
Sub 2048g/2bbe2c91 2011-06-14

#################### #以上为输出以及交互 ##############################
Here, first of all, a key pair to the public key encryption, here depending on the system, the content may be in English. Where user interaction input is required, it is indicated by the "<==== input" tag.  If you change the input information, you can delete the ~/.gnupg directory except options, run the GPG--gen-key command, or use the GPG edit option. The key pair is placed in the ~/.GNUPG directory.

* View Existing keys:
[email protected]. gnupg]# GPG--list-keys
After input, the output is as follows:
#################### #以下为输出以及交互 ##############################
/root/.gnupg/pubring.gpg
------------------------
Pub 1024d/ddba2dea 2011-06-14
UID Quietheart (test)
Sub 2048g/2bbe2c91 2011-06-14
#################### #以上为输出以及交互 ##############################
Over here
Pub (key)---public key, Id:ddba2dea
Sub (private key)---secret key or private key, id:2bbe2c91
If you do not use root, you may be able to output the following information: "Gpg:Warning:using insecure memory!" warning does not lock memory pages, usually connected to the Internet operation of the security aspects of the problem, nothing, can make such changes "# chmod 47 55/USR/BIN/GPG ".


* Use GPG keys to encrypt and decrypt files:
Below, we demonstrate the process of public key cryptography and private key decryption through a concrete example. Here the encryption/decryption method uses the RSA algorithm, the public key and the private key is complementary, theoretically is not cracked, and no one tried to succeed. Suppose we have generated a key pair using the previous method.
1, first look at the encrypted file as follows:
[[email protected] gpg_test]# ls
Mygpgtest
[email protected] gpg_test]# cat Mygpgtest
#################### #以下为输出 ##############################
Hello!
Welcome come to Here
Today is 2011-06-14
#################### #以上为输出 ##############################

2, public key encryption process
1) Encrypt the file using the following command:
[Email protected] gpg_test]# gpg-ea-r Quietheart mygpgtest
Here, the key used is the previously created Quietheart, and we can use "GPG--list-keys" to see the public key that we can choose to encrypt. Here the option "-e" is actually "--encrypt" means encrypted data, "-a" means to create the output of ASCII (can not use this option, so that the resulting file is not ASCII content, and the file suffix is *.gpg); "-R" specifies the encrypted user ID name.

2) View the files after encryption:
[[email protected] gpg_test]# ls
Mygpgtest MYGPGTEST.ASC
[email protected] gpg_test]# cat MYGPGTEST.ASC
#################### #以下为输出 ##############################
-----BEGIN PGP MESSAGE-----
Version:gnupg v1.4.5 (Gnu/linux)

Hqioa6peemmrviyreaf9hcz5xilsppnez6i7hquxb7xujn1q0w5ccvek6x0dxsbh
Q55ugy6cmcc/exclc/zblf9qhsndczvmv3jjd95gu78nr1lsydtpg9r5bx/mupii
Kxyc3oovgnmduo9f/g3ul9vcu/rsikqvwxzhaegxr3g6xh/tmhkzcjnnixb1qqiq
Xe7o0ncxehp8fpopozy1mzz7wv4rxlujtrgl13snqjsvlgp1mcuzumrctenttxpg
q1sxdj7fxkxqy7uvo8emmmzpqkfm7kflyzjkxryo5zhg+nfxqs3/hsuj1fve8m4/
+pvw1uw2qtkfjizvxoj60cv0lck/p1bjhah5xetbnqf/fi1jitfiuojjtkocnbeo
sq6kr0+ljjmaxmlcea6kz7rxlhak/o5ar0bpxjcpubiefvnu6dftolo6jpcqmbw+
5oi4nhajunhz0etgoufbsv3evjymh7rabv832iky0marwrh/b/osuv+ht9bluhay
Plogpxklesscdo714z/duflguefcnxx/qamhwgikh4macmvkbve+2uzcmawqnyew
oaz0bi893yutbqbti2rdqgvdhhxjwcmq2ynmwv4psbawk7rportehmdsmiouit6x
fhvhpldc1o38u0jg4d0ljcv/rrbdqwasjzr46dwjbocv5rq9rkuul+6rhfqgns1g
Jtjxaziwwu8zqd572a3jyvbil/qbaw+dm3fnt9nrqfujvtdrd/aiafm/oiwlvacf
Cbmjyxqliv/wyxndjfl+ishmx2ury9tt2lmadxxez6lrpmxjxrzsfhuyoyaqdykt
ni1lsoddrz1wylcokpxlrsfzyig=
=in1g
-----END PGP MESSAGE-----
#################### #以上为输出 ##############################
Here, we can see that the encryption is generated after the Mygpgtest.asc file, where the content has been encrypted.

3, public key decryption process
1) Use the following command to decrypt:
[Email protected] gpg_test]# gpg-o mydecrypt--decrypt MYGPGTEST.ASC
#################### #以下为输出 ##############################
You need to enter a password to unlock the user's private key: "Quietheart (Test)"
2048-bit ELG-E key, key number 2bbe2c91, established in 2011-06-14 (main key number Ddba2dea)

Please enter password: <===== Enter password
You need to enter a password to unlock the user's private key: "Quietheart (Test)"
2048-bit ELG-E key, key number 2bbe2c91, established in 2011-06-14 (main key number Ddba2dea)

GPG: Encrypted by 2048-bit ELG-E key, key number 2bbe2c91, generated in 2011-06-14
"Quietheart (Test)"
#################### #以上为输出 ##############################
Here, specify the output file with-O and use--decrypt to specify the file to decrypt. We can see that, when decrypting, we need to enter a password to decrypt the success, and the password is the one we entered when we created the key. Note that this is because the generated key, encryption, decryption are carried out on a machine, so it can be successfully decrypted, if the encrypted file to another machine, it will not be decrypted, if you want to decrypt the other machine, we need to export the local private key, sent to the machine to be decrypted, Then import the private key that was just exported on the decrypted machine, and it will be done later. If you want someone else to communicate with you using this encryption method, you need to export your public key, send it to someone else, then they import the public key, encrypt the data with this public key in the method of the previous encryption, and send it to you, and then decrypt it with your own private key to get the original decrypted data. This is also a common method used by public key cryptography communication. The following detail describes how to export the local public and private keys, and how to import the previously exported keys on top of other machines.

2) View the decrypted generated file
[[email protected] gpg_test]# ls
Mydecrypt mygpgtest MYGPGTEST.ASC
[email protected] gpg_test]# cat Mydecrypt
Hello!
Welcome come to Here
Today is 2011-06-14
[Email protected] gpg_test]#

* Export (Backup) public key:
[Email protected] gpg_test]# gpg-o mypubkey--export Ddba2dea
Here use the format "Gpg-o keyfilename--export KeyID", use-O to specify the generated export file name, use--export to specify the key ID you want to export, and if no KeyID is to back up all public keys, If you add the-a parameter to the output text format information, otherwise the output is binary format information. The exported public key, can be published, other people just import your published public key, you can use this public key to encrypt the data and send to you, you use your own private key to decrypt, to obtain the decrypted original data, this is the public key encryption communication use common method.

* Export the public key in text mode:
[Email protected] gpg_test]# gpg-a-o mypubkeyascii--export Ddba2dea
The exported file Mypubkeyascii can view its contents as follows:
Mypubkeyascii
-----BEGIN PGP Public KEY BLOCK-----
Version:gnupg v1.4.5 (Gnu/linux)

mqgibe320yyrbacuvtps5jxv2xamvudhl//pbhjesyuzhqcgtb/cpzyakoanvq7u
V0dejd+m61sav7wwwitn9d3fojz09edgy/9mheveoglpdb7seo28uyrtr6vhcrrl
1qhbs6i6jq/iatdg+07o9hgdp5ecebi4anyrgerarx0t5vkguif+fezmiwcghwm8
Totsnp/bc1veprxez9uw+okd/0cyih2azikdbtjq9j6f7atgipqrnjitl7moj6xa
Ncjthx9xgh5dumoqr6gaq9/edtlefmwhcweiqdm1tnnvu/b7qdpw1tjxvlkhhvzk
8f4f8lsskjnuliqowxwojkuevqz+y3qufl3nsotursx5nukkekp4toowse3fefwd
Bqn5a/9cxj55kwxzzyd8v+z0xic3hviwgup0gtfcjsofdhs9xtke33lugy7hoet0
Tfqptnz8il1cbhhyvtmaaagrwbnbxoyrlrh5wrhx1n34zdoszyk5p/ykw+g+0elt
Dv/f4uxehfpinok21x5prgfcyno3fmvgiho1s8oiex4fuevwwrqqcxvpzxrozwfy
Dcaodgvzdckgphf1awv0x2hlyxj0mdawqdeyni5jb20+igaeexecacafak320yyc
Gwmgcwkibwmcbbuccamefgidaqieaqixgaakcrdbsscl3bot6o2baj918fqgopms
4eiqowbdvs5ss9hsbgcftboggnkpjtcpjq4zr/japcte7qi5ag0etfbtlbaiakun
Cibgalbwn5nw2ncn52oxwasixtdnup7fmki8k6b2po7bex2e95f44ioybtlo73kf
Vh64wbl7wgq0ionn/aqbivoa9oabi4+2mf9pbgmvo2nrii8xcvbfvrh8q7xsrooh
Obkv3inogvxb0fkdun1wkyygtwcil5ak8b1juacub6sbdxtkeg3drqp3bzjxgkva
Etgpnj70atjftfnn5wsikbgjq2pbs7e9wnqc7nvie62dhjj1nspjg/d9zdfwnqiw
Ho6ik3bjrblr4iy82cjvoi2jmiakvlpktphz9id5f/a3blcaof5wsove4sshdzgn
Cvk4qplr0x9g43zbtmcaawuh/07bujqwu61uiq5xryrk99ptnllwd1adsb/htgfp
Ujxsz7mrbtozvdbpvkfehazz13ysjies0f1l3ogbseeehcpyhy+n80r+zulmeztx
6kfnllm/pefnrnfpqgpejz/1hryt+htsffcfm4nyzhul7s10xkgihhn1wumc/ixt
+tmk/dd6ia/qnhi1wumzf2xgj3ql4zmlcsnv7cxpet044j8znutt+hwo4ax7bfst
ptpyi7lmd/bvfoikczvf38bz/iunxi8x1pjbglzbe7jvkqc+nqe7byq/ga27c374
Zqdiamaxcz0tr35t+ziyavqhkirsuag0q3t2oo74yvb8agmisqqyeqiacquctfbt
Laibdaakcrdbsscl3bot6uj8aj4h8shsy6dljmjjitl+8ihnh5tzqaceoqhsqxjr
Dei6gv8vmb87xwbwe5e=
=ynen
-----END PGP Public KEY BLOCK-----
Generally, many places publish public keys online through this text method.

* Export (Backup) private key:
[Email protected] gpg_test]# gpg-o mysubkey--export-secret-keys 2bbe2c91
If no keyID is to back up all the private keys,-o means output to the file Mysubkey, if you add-a parameter output text format information, otherwise the output is binary format information.

* Import private key:
GPG--import Mysubkey
After input, the output is as follows:
#################### #以下为输出 ##############################
GPG: Key Ddba2dea: The private key has been imported
GPG:/HOME/LV-K/.GNUPG/TRUSTDB.GPG: Establishing a database of trust
GPG: Key Ddba2dea: Public key "Quietheart (test)" Imported
GPG: Total Processed Quantity: 1
GPG: Imported: 1
GPG: Read private key: 1
GPG: Imported private key: 1
#################### #以上为输出 ##############################
Here, if the import Public Key command is the same, the specified file should be "Mypubkey". This command is run on another machine, and the machine can use the private key to decrypt the data after the private key is imported. In general, we publish the public key to let people import, rather than import private keys.
Practice has found that
* After the private key is imported, another machine can be encrypted directly with the corresponding public key, instead of importing the public key, the other machine can also export the public key, but a line of content and the original machine public key content is not the same, but the data encrypted with this public key can also be decrypted with the original machine.
* After importing the public key, the other host cannot export the private key, can export the public key, the export content and original. After the public key is encrypted, it cannot be decrypted (because there is no private key).
Whether you import a public key or a private key, you can view the results of the import by using GPG--list-keys after importing, and from the results you can see the keyID of the pairing (or private key or public key) that is not imported.
**

* * Signature and verification
The signature is to verify that plaintext, encrypted files, and keys are from the correct sender, without modification by others. The signature is also used as a key pair, as is the cryptographic operation. Just on the results, the dots are different. It simply adds the encrypted authentication information (signature) at the end of the file. Once the file has changed, the signature verification will be faulted. For example, when we install software in Ubuntu, we first use the pre-saved key (mostly obtained from hkp://keyserver.ubuntu.com) to verify the signature of the software source to ensure that we are connected to the correct and secure download server.
* View the previous directories and files as follows:
[Email protected] gpgtest]# pwd
/root/tmptrans/gpgtest
[[email protected] gpgtest]# ls
Mydecrypt
[email protected] gpgtest]# cat Mydecrypt
Hello!
Welcome come to Here
Today is 2011-06-14

* To generate a signature, the process is as follows:
[Email protected] gpgtest]# Gpg-o mydecrypt.sig-s mydecrypt
#################### #以下为输出 ##############################
You need to enter a password to unlock the user's private key: "Quietheart (Test)"
1024-bit DSA key, key number Ddba2dea, established in 2011-06-14

Please enter your password: <==== Enter your password here
#################### #以上为输出 ##############################
[[email protected] gpgtest]# ls
Mydecrypt Mydecrypt.sig
Here you can see the generated Mydecrypt.sig file (its content is garbled), where Mydecrypt is the original file, Mydecrypt.sig contains the original file and signature, is binary, this command will require you to enter the private key password.

* Generate signature in text format
[Email protected] gpgtest]# gpg-o mydecrypt.sig--clearsign mydecrypt
#################### #以下为输出 ##############################

You need to enter a password to unlock the user's private key: "Quietheart (Test)"
1024-bit DSA key, key number Ddba2dea, established in 2011-06-14

Please enter your password: <==== Enter your password here
#################### #以上为输出 ##############################
[email protected] gpgtest]# cat Mydecrypt.sig
-----BEGIN PGP Signed MESSAGE-----
Hash:sha1

Hello!
Welcome come to Here
Today is 2011-06-14
-----BEGIN PGP SIGNATURE-----
Version:gnupg v1.4.5 (Gnu/linux)

Id8dbqfocfkq27lapd26leoravc+aj9xp1hlt6zup7aztan5qpqrpqyn1qcfv0zy
hg+z+/hxfrbs9pzo6odydg4=
=o1+k
-----END PGP SIGNATURE-----
Here, the mydecrypt.sig generated by the above also contains the original file and signature, the file is in text format, the original file unchanged. Methods for unlocking and verifying signatures

* Verify Signature:
[Email protected] tmp]# GPG--verify Mydecrypt.sig
GPG: On June 27, 2011 Monday 17:58 39 sec CST created signature, using DSA, key number Ddba2dea
GPG: Intact signature from "Quietheart (test)"
Here, before validating, you must import the public key of the author of the file, and finally add the original file parameters (as described later) to the detached signature.

* Restore the signature file
[Email protected] tmp]# Gpg-o my--decrypt mydecrypt.sig
GPG: On June 27, 2011 Monday 17:58 39 sec CST created signature, using DSA, key number Ddba2dea
GPG: Intact signature from "Quietheart (test)"
[email protected] tmp]# cat my
Hello!
Welcome come to Here
Today is 2011-06-14
Here, you do not need to enter a password, the resulting file is the same as the original file name.

* Sign and Encrypt:
[Email protected] gpgtest]# gpg-o mydecrypt.sig-ser quietheart mydecrypt
#################### #以下为输出 ##############################

You need to enter a password to unlock the user's private key: "Quietheart (Test)"
1024-bit DSA key, key number Ddba2dea, established in 2011-06-14

Please enter your password: <==== Enter your password here
#################### #以上为输出 ##############################
In this case, the file Mydecrypt.sig cannot be verified directly through the GPG--verify Mydecrypt.sig. Instead, it is verified directly when decrypting the recovered file, which will be said later.

* Recover encrypted signature files:
[Email protected] gpgtest]# Gpg-o my--decrypt mydecrypt.sig
#################### #以下为输出 ##############################
You need to enter a password to unlock the user's private key: "Quietheart (Test)"
2048-bit ELG-E key, key number 2bbe2c91, established in 2011-06-14 (main key number Ddba2dea)

Please enter your password: <==== Enter your password here, and then the prompt disappears automatically.
GPG: Encrypted by 2048-bit ELG-E key, key number 2bbe2c91, generated in 2011-06-14
"Quietheart (Test)"
GPG: On June 27, 2011 Monday 18:11 27 sec CST created signature, using DSA, key number Ddba2dea
GPG: Intact signature from "Quietheart (test)"
#################### #以上为输出 ##############################
[email protected] gpgtest]# cat my
Hello!
Welcome come to Here
Today is 2011-06-14
Here, the decryption is validated, not directly, because the encrypted signature file cannot be verified directly through GPG--verify Mydecrypt.sig.


* Split Signature:
[Email protected] gpgtest]# Gpg-o mydecrypt.sig-ab mydecrypt
#################### #以下为输出 ##############################

You need to enter a password to unlock the user's private key: "Quietheart (Test)"
1024-bit DSA key, key number Ddba2dea, established in 2011-06-14

Please enter your password: <==== Enter your password here, and then the prompt disappears automatically.
#################### #以上为输出 ##############################
[email protected] gpgtest]# cat Mydecrypt.sig
-----BEGIN PGP SIGNATURE-----
Version:gnupg v1.4.5 (Gnu/linux)

Id8dbqboczdp27lapd26leorartqaj9q13/4jvvjbg5f83lnnoc1gq111wcfwrm8
1awhtul2sn9swnt0qnofqhw=
=ysnh
-----END PGP SIGNATURE-----
Here, Mydecrypt.sig only contains the signature, which means that the original file and signature are separate. The b option represents the detached signature detach-sign.

* Verify the detached signature:
[Email protected] gpgtest]# GPG--verify mydecrypt.sig mydecrypt
GPG: On June 28, 2011 Tuesday 16:29 03 sec CST created signature, using DSA, key number Ddba2dea
GPG: Intact signature from "Quietheart (test)"
Here, and the previous authentication method is different, because the signature and the data file is separated, so when verifying, indicate the signature file "Mydecrypt.sig" also must indicate the corresponding data file "Mydecrypt". Because the signature is separate, you do not need to use "--decrypt" for recovery, if the recovery is only to print out the signature information ("restore" here without specifying the data file, will remind you to indicate the location of the data file).
**

Other
* * Edit Public key
The public key can be edited, there is no specific practice, the general process is as follows:
#gpg--edit-key Someone
Someone is someone else's user ID, and after you enter it, a command prompt symbol appears.
&GT;FPR <=== Enter this expression to view someone's fingerprints, verify the authenticity of the information, and then sign it.

>sign <=== Enter this signing public key so that it does not generate a warning when it is encrypted later.

>check <=== Enter this and check the signature of the key that someone already has.

>quit <=== Enter this and exit the interaction, you may be prompted to save the previous settings.
**

The GPG command for Linux