PGP Command Line 10.x List Of Commands/Options
Article ID: 153176
Updated On:
Products
Issue/Introduction
A comprehensive list of most common and useful commands available for the PGP Command Line Product.
Resolution
For the full PGP Command Line User's Guide, visit our TechDocs Portal.
Commands
All commands begin by entering 'pgp', a space, and then the dashes followed by the desired command.
Example: pgp --help OR pgp -h
Generic
(-h) --help......................................displays the banner message and the built-in help message
--version........................................show version information
--purge-all-caches.........................purge all the caches
--purge-passphrase-cache...........purge the passphrase cache
--purge-keyring-cache...................purge the keyring cache
--speed-test...................................run the speed tests
--create-keyrings...........................create empty keyring files
Cryptographic (-e)
--encrypt.................................encrypt data (-c)
--symmetric.............................encrypt data with a symmetric cipher
--decrypt........................................decrypt data (-s)
--sign......................................sign data
--clearsign.....................................clearsign data (-b)
--detached..............................sign data and create a detached signature
--verify...........................................verify PGP data (-a)
--armor....................................armor data (-w)
--wipe....................................securely delete data
--export-session-key.....................get the session key out of an encrypted message
--list-archive...................................list the contents of a PGP archive
Key List (-l)
--list-keys..................................list keys in the basic format
--list-userids...................................list keys and user IDs in the basic format
--list-sigs.........................................list keys, user IDs, and sigs in the basic format
--list-key-details..............................list keys in the detailed format
--list-sig-details...............................list signatures in the detailed format
--fingerprint.....................................list keys in the fingerprint format
Key Edit
--gen-key..........................................................generate a key or key pair
--import..............................................................import key(s)
--export.............................................................export key(s)
--export-key-pair..............................................export key pair(s)
--remove...........................................................remove a key
--remove-key-pair.............................................remove a key pair
--revoke............................................................revoke a key pair
--gen-subkey....................................................generate a subkey
--remove-subkey..............................................remove a subkey
--revoke-subkey...............................................revoke a subkey
--sign-key.........................................................certify every user ID on a key
--sign-userid.....................................................certify a specific user ID on a key
--remove-sig.....................................................remove a signature from a user ID
--revoke-sig......................................................revoke a signature on a user ID
--set-trust.........................................................set the trust level of a key
--enable............................................................enable a key
--disable............................................................disable a key
--add-userid......................................................add a user ID to a key
--remove-userid................................................remove a user ID from a key
--set-primary-userid.........................................set a user ID to be primary for that key
--add-photoid....................................................add a photo ID to a key
--remove-photoid..............................................remove a photo ID from a key
--export-photoid................................................export a photo ID from a key
--add-revoker....................................................add a revoker to a key
--remove-revoker..............................................remove a revoker from a key
--remove-all-revokers.......................................remove all revokers from a key
--add-adk..........................................................add an ADK to a key
--remove-adk....................................................remove an ADK from a key
--remove-all-adks.............................................remove all ADKs from a key
--set-expiration-date........................................set the expiration date of a key
--remove-expiration-date..................................remove the expire date of a key
--change-passphrase......................................change the passphrase of a key
--cache-passphrase........................................cache the passphrase of a key
--set-preferred-keyserver................................set the preferred keyserver on a key
--remove-preferred-keyserver.........................remove a preferred keyserver from a key
--set-preferred-ciphers....................................set the preferred cipher list for a key
--add-preferred-cipher.....................................add a preferred cipher for a key
--remove-preferred-cipher...............................remove a preferred cipher from a key
--set-preferred-compression-algorithms..........set the compression algorithm list for a key
--add-preferred-compression-algorithm...........add a compression algorithm to a key
--remove-preferred-compression-algorithm.....remove a compression algorithm from a key
--split-key..........................................................split a private key into shares
--join-key...........................................................join a previously split key
Keyserver
--keyserver-send............................send keys to a keyserver
--keyserver-recv.............................get keys from a keyserver
--keyserver-search.........................search for keys on a keyserver
--keyserver-update.........................synchronize keys with a keyserver
--keyserver-remove........................remove keys from a keyserver
--keyserver-disable.........................disable keys on a keyserver
Options
Boolean
(-q) --quiet...............................show only error messages (-v)
--verbose.........................show verbose messages
(-d) --debug.............................show debug messages
--reverse-sort..........................reverse sort
--biometic.................................show biometric output
--compress..............................use compression
--marginal-as-valid...................treat marginally valid keys as valid
--encrypt-to-self......................attempt to encrypt to the default key
--warn-adk..............................warn when using ADKs
--always-trust..........................treat all keys as trusted
(-t) --textmode.........................force the input to canonical text mode
--fast-key-gen.........................use fast key generation
--photo.....................................match a photo ID
--passphrase-cache...............enable passphrase cache
--keyring-cache.......................enable keyring cache
--eyes-only..............................use for your eyes only mode
(-f) --force...............................required for some dangerous operations
--halt-on-error.........................stop on error for multiple I/O operations
--archive..................................use archive mode for encode and decode
--pass-through.........................pass through non-PGP data during decode
--recursive...............................use recursive mode
--local-mode.............................use the PGPsdk in local mode
--banner...................................show a banner for every run
--fips-mode...............................use the PGPsdk in FIPS mode
Integer
--wipe-passes...........................set the number of wipe passes
--wipe-input-passes..................set the number of wipe passes for input files
--wipe-temp-passes..................set the number of wipe passes for temp files
--wipe-overwrite-passes..........set the number of wipe passes for overwrite
--trust-depth..............................signature trust depth
--encryption-bits........................encryption key size
--signing-bits..............................signing key size
--index.......................................match a specific index
--expiration-days.......................number of days until expiration
--creation-days.........................number of days before start of validity
--passphrase-cache-timeout....passphrase cache timeout
--keyring-cache-timeout............keyring cache timeout
--keyserver-timeout...................keyserver timeout
--idea.........................................precedence of the IDEA cipher algorithm
--3des........................................precedence of the 3DES cipher algorithm
--cast5.......................................precedence of the CAST5 cipher algorithm
--blowfish..................................precedence of the Blowfish cipher algorithm
--aes128....................................precedence of the AES-128 cipher algorithm
--aes192....................................precedence of the AES-192 cipher algorithm
--aes256....................................precedence of the AES-256 cipher algorithm
--twofish...................................precedence of the Twofish cipher algorithm
--zip...........................................precedence of the ZIP compression algorithm
--zlib..........................................precedence of the ZLIB compression algorithm
--bzip2.......................................precedence of the BZIP2 compression algorithm
--threshold.................................minimum share threshold when splitting keys
Enumeration
--sort-order................................any | keysize | subkeysize | keyid | userid | validity | trust | expiration | creation
--compression-algorithm............zip | zlib | bzip2
--input-cleanup...........................off | remove | wipe
--overwrite.................................off | remove | rename | wipe
--temp-cleanup...........................off | remove | wipe
--tar-cache-cleanup...................off | remove | wipe
--trust.........................................never | marginal | complete | implicit
--sig-type....................................local | exportable | meta-introducer | trusted-introducer
--export-format...........................compatible | complete | x509-cert | pkcs8 | pkcs12 | csr
--key-type...................................rsa-legacy | rsa | rsa-sign-only | dh | dh-sign-only
--cipher.......................................idea | 3des | cast5 | blowfish | aes128 | aes192 | aes256 | twofish
--enforce-adk.............................off | attempt | require
--auto-import-keys......................off | merge | new | all
--manual-import-keys..................off | merge | new | all String
--home-dir.................................home directory location
--public-keyring.........................public keyring file
--private-keyring.......................private keyring file
--random-seed..........................random seed file
--default-key.............................default signing key
(-o) --output..............................output object
(-u) --local-user........................local user for operation
--passphrase............................passphrase
--symmetric-passphrase..........passphrase for conventional encryption
--new-passphrase...................new passphrase
--preferred-keyserver..............preferred keyserver
--regular-expression................regular expression domain restriction
--expiration-date......................expiration date (YYYY-MM-DD)
--creation-date.........................creation date
--comment................................armor block comment string
--common-name.......................common name for X.509 CSR
--organization...........................organization for X.509 CSR
--organizational-unit.................organizational unit for X.509 CSR
--city........................................city for X.509 CSR
--state......................................state for X.509 CSR
--country..................................country for X.509 CSR
--contact-email.........................contact e-mail address for X.509 CSR List
(-r) --recipient...........................recipient (-i)
--input..................................input object
--keyserver...............................keyserver (protocol://host[:port])
--additional-recipient.................additional recipients
--share......................................specify a key share (number:user[:passphrase])
File Descriptors
--passphrase-fd...........................where to read a passphrase
--symmetric-passphrase-fd..........where to read a symmetric passphrase
--export-passphrase-fd................where to read an export passphrase
--new-passphrase-fd...................where to read a new passphrase
--passphrase-fd8..........................read passphrase UTF8
--symmetric-passphrase-fd8........read symmetric passphrase UTF8
--new-passphrase-fd8.................read new passphrase UTF8
--export-passphrase-fd8..............read export passphrase UTF8
Feedback
