search cancel

PGP Command Line 10.x List Of Commands/Options

book

Article ID: 153176

calendar_today

Updated On:

Products

PGP Command Line

Issue/Introduction


This article contains the commands used in PGP Command Line.

Resolution


This article provides the most common commands, but does not provide examples of the commands being used. Please refer to your PGP Command Line User's Guide found in Start>Programs>PGP>Command Line Documentation to see examples of how these commands are entered.

Commands

All commands begin by entering 'pgp', a space, and then the dashes followed by the desired command.

Example: pgp --help OR pgp -h

Generic

(-h) --help......................................displays the banner message and the built-in help message

--version........................................show version information

--purge-all-caches.........................purge all the caches

--purge-passphrase-cache...........purge the passphrase cache

--purge-keyring-cache...................purge the keyring cache

--speed-test...................................run the speed tests

--create-keyrings...........................create empty keyring files

Cryptographic (-e)

--encrypt.................................encrypt data (-c)

--symmetric.............................encrypt data with a symmetric cipher

--decrypt........................................decrypt data (-s)

--sign......................................sign data

--clearsign.....................................clearsign data (-b)

--detached..............................sign data and create a detached signature

--verify...........................................verify PGP data (-a)

--armor....................................armor data (-w)

--wipe....................................securely delete data

--export-session-key.....................get the session key out of an encrypted message

--list-archive...................................list the contents of a PGP archive

Key List (-l)

--list-keys..................................list keys in the basic format

--list-userids...................................list keys and user IDs in the basic format

--list-sigs.........................................list keys, user IDs, and sigs in the basic format

--list-key-details..............................list keys in the detailed format

--list-sig-details...............................list signatures in the detailed format

--fingerprint.....................................list keys in the fingerprint format

Key Edit

--gen-key..........................................................generate a key or key pair

--import..............................................................import key(s)

--export.............................................................export key(s)

--export-key-pair..............................................export key pair(s)

--remove...........................................................remove a key

--remove-key-pair.............................................remove a key pair

--revoke............................................................revoke a key pair

--gen-subkey....................................................generate a subkey

--remove-subkey..............................................remove a subkey

--revoke-subkey...............................................revoke a subkey

--sign-key.........................................................certify every user ID on a key

--sign-userid.....................................................certify a specific user ID on a key

--remove-sig.....................................................remove a signature from a user ID

--revoke-sig......................................................revoke a signature on a user ID

--set-trust.........................................................set the trust level of a key

--enable............................................................enable a key

--disable............................................................disable a key

--add-userid......................................................add a user ID to a key

--remove-userid................................................remove a user ID from a key

--set-primary-userid.........................................set a user ID to be primary for that key

--add-photoid....................................................add a photo ID to a key

--remove-photoid..............................................remove a photo ID from a key

--export-photoid................................................export a photo ID from a key

--add-revoker....................................................add a revoker to a key

--remove-revoker..............................................remove a revoker from a key

--remove-all-revokers.......................................remove all revokers from a key

--add-adk..........................................................add an ADK to a key

--remove-adk....................................................remove an ADK from a key

--remove-all-adks.............................................remove all ADKs from a key

--set-expiration-date........................................set the expiration date of a key

--remove-expiration-date..................................remove the expire date of a key

--change-passphrase......................................change the passphrase of a key

--cache-passphrase........................................cache the passphrase of a key

--set-preferred-keyserver................................set the preferred keyserver on a key

--remove-preferred-keyserver.........................remove a preferred keyserver from a key

--set-preferred-ciphers....................................set the preferred cipher list for a key

--add-preferred-cipher.....................................add a preferred cipher for a key

--remove-preferred-cipher...............................remove a preferred cipher from a key

--set-preferred-compression-algorithms..........set the compression algorithm list for a key

--add-preferred-compression-algorithm...........add a compression algorithm to a key

--remove-preferred-compression-algorithm.....remove a compression algorithm from a key

--split-key..........................................................split a private key into shares

--join-key...........................................................join a previously split key

Keyserver

--keyserver-send............................send keys to a keyserver

--keyserver-recv.............................get keys from a keyserver

--keyserver-search.........................search for keys on a keyserver

--keyserver-update.........................synchronize keys with a keyserver

--keyserver-remove........................remove keys from a keyserver

--keyserver-disable.........................disable keys on a keyserver

Options

Boolean

(-q) --quiet...............................show only error messages (-v)

--verbose.........................show verbose messages

(-d) --debug.............................show debug messages

--reverse-sort..........................reverse sort

--biometic.................................show biometric output

--compress..............................use compression

--marginal-as-valid...................treat marginally valid keys as valid

--encrypt-to-self......................attempt to encrypt to the default key

--warn-adk..............................warn when using ADKs

--always-trust..........................treat all keys as trusted

(-t) --textmode.........................force the input to canonical text mode

--fast-key-gen.........................use fast key generation

--photo.....................................match a photo ID

--passphrase-cache...............enable passphrase cache

--keyring-cache.......................enable keyring cache

--eyes-only..............................use for your eyes only mode

(-f) --force...............................required for some dangerous operations

--halt-on-error.........................stop on error for multiple I/O operations

--archive..................................use archive mode for encode and decode

--pass-through.........................pass through non-PGP data during decode

--recursive...............................use recursive mode

--local-mode.............................use the PGPsdk in local mode

--banner...................................show a banner for every run

--fips-mode...............................use the PGPsdk in FIPS mode

Integer

--wipe-passes...........................set the number of wipe passes

--wipe-input-passes..................set the number of wipe passes for input files

--wipe-temp-passes..................set the number of wipe passes for temp files

--wipe-overwrite-passes..........set the number of wipe passes for overwrite

--trust-depth..............................signature trust depth

--encryption-bits........................encryption key size

--signing-bits..............................signing key size

--index.......................................match a specific index

--expiration-days.......................number of days until expiration

--creation-days.........................number of days before start of validity

--passphrase-cache-timeout....passphrase cache timeout

--keyring-cache-timeout............keyring cache timeout

--keyserver-timeout...................keyserver timeout

--idea.........................................precedence of the IDEA cipher algorithm

--3des........................................precedence of the 3DES cipher algorithm

--cast5.......................................precedence of the CAST5 cipher algorithm

--blowfish..................................precedence of the Blowfish cipher algorithm

--aes128....................................precedence of the AES-128 cipher algorithm

--aes192....................................precedence of the AES-192 cipher algorithm

--aes256....................................precedence of the AES-256 cipher algorithm

--twofish...................................precedence of the Twofish cipher algorithm

--zip...........................................precedence of the ZIP compression algorithm

--zlib..........................................precedence of the ZLIB compression algorithm

--bzip2.......................................precedence of the BZIP2 compression algorithm

--threshold.................................minimum share threshold when splitting keys

Enumeration

--sort-order................................any | keysize | subkeysize | keyid | userid | validity | trust | expiration | creation

--compression-algorithm............zip | zlib | bzip2

--input-cleanup...........................off | remove | wipe

--overwrite.................................off | remove | rename | wipe

--temp-cleanup...........................off | remove | wipe

--tar-cache-cleanup...................off | remove | wipe

--trust.........................................never | marginal | complete | implicit

--sig-type....................................local | exportable | meta-introducer | trusted-introducer

--export-format...........................compatible | complete | x509-cert | pkcs8 | pkcs12 | csr

--key-type...................................rsa-legacy | rsa | rsa-sign-only | dh | dh-sign-only

--cipher.......................................idea | 3des | cast5 | blowfish | aes128 | aes192 | aes256 | twofish

--enforce-adk.............................off | attempt | require

--auto-import-keys......................off | merge | new | all

--manual-import-keys..................off | merge | new | all String

--home-dir.................................home directory location

--public-keyring.........................public keyring file

--private-keyring.......................private keyring file

--random-seed..........................random seed file

--default-key.............................default signing key

(-o) --output..............................output object

(-u) --local-user........................local user for operation

--passphrase............................passphrase

--symmetric-passphrase..........passphrase for conventional encryption

--new-passphrase...................new passphrase

--preferred-keyserver..............preferred keyserver

--regular-expression................regular expression domain restriction

--expiration-date......................expiration date (YYYY-MM-DD)

--creation-date.........................creation date

--comment................................armor block comment string

--common-name.......................common name for X.509 CSR

--organization...........................organization for X.509 CSR

--organizational-unit.................organizational unit for X.509 CSR

--city........................................city for X.509 CSR

--state......................................state for X.509 CSR

--country..................................country for X.509 CSR

--contact-email.........................contact e-mail address for X.509 CSR List

(-r) --recipient...........................recipient (-i)

--input..................................input object

--keyserver...............................keyserver (protocol://host[:port])

--additional-recipient.................additional recipients

--share......................................specify a key share (number:user[:passphrase])

File Descriptors

--passphrase-fd...........................where to read a passphrase

--symmetric-passphrase-fd..........where to read a symmetric passphrase

--export-passphrase-fd................where to read an export passphrase

--new-passphrase-fd...................where to read a new passphrase

--passphrase-fd8..........................read passphrase UTF8

--symmetric-passphrase-fd8........read symmetric passphrase UTF8

--new-passphrase-fd8.................read new passphrase UTF8

--export-passphrase-fd8..............read export passphrase UTF8