Creating a Self Decrypting Archive (SDA) with an ADK
search cancel

Creating a Self Decrypting Archive (SDA) with an ADK


Article ID: 153467


Updated On:


PGP Command Line


A PGP Self-Decrypting Archive (SDA) is a PGP Zip Archive that can be opened on any Windows computer, even those that do not have PGP Desktop installed. PGP Zip SDA files are standard Windows executable (.exe) files that you an open simply by double-clicking them. A PGP SDA can be used when:


  • You want to create a PGP Zip self-decrypting archive without using recipients' keys (this can be less secure than encrypting with recipients' keys, although still highly secure).
  • Recipients do not have PGP Desktop installed on their computers and all recipients are using Windows systems.
  • You do not have a public key for each recipient on your Keyring or on a PGP Keyserver.



Creating Self Decrypting Archives (SDAs) using an Additional Decryption Key (ADK)

PGP Command Line allows you to use an Additional Decryption Key (ADK) when creating Self Decrypting Archives (SDA). This functionality is enables you to decrypt a file using PGP Command Line if the passphrase of the SDA is lost or forgotten.

To create a SDA using an Additional Decryption Key

Type the following command:

pgp -e sda.txt --sda --symmetric-passphrase "passphrase for SDA" -o sda.exe --adk "ADK Here"

The file is encrypted to a passphrase and to the ADK.

To decrypt the file using the ADK type the following command:

pgp --decrypt sda.exe --passphrase "Passphrase of ADK here"


Note: To decrypt the SDA with an ADK, PGP Command Line 9.0.x or above must be used.

By default, Self Decrypting Archives in PGP Command Line use AES256 cipher. The cipher can be changed by using the --cipher option in the command. Ciphers available for use include --3des, --aes128, --aes192, --aes256. However, be aware the encryption of the file is only as good as the passphrase.