GPG keys
2018-03-21


So you've encountered "unknown public key" error message. What to do?
First search for the unknown key. Additionally you can explicitly specify the keyserver, for example keyserver.ubuntu.com
$ gpg --keyserver keyserver.ubuntu.com --search XXXXXXXXXXXXXXXX
If you see a key that is reliable just type in its number and it'll be imported. Error should be gone.

GPG keys are usually used to sign and/or encrypt e-mails. To generate you own keys type in the following commmand in your terminal and simply go through the generation process.
$ gpg --full-generate-key
Now you'd like to submit your key on a keyserver or share it yourself. You'll need to paste generated files content onto your keyservers website.
$ gpg --export --armor [your e-mail address] > [filename]
Someone can then import it from the keyserver, like we did above, or from the file:
$ gpg --import --armor < [filename]

You can delete keys with
$ gpg --delete-keys [searchterm]
and your private keys with
$ gpg --delete-secret-keys [searchterm]
Where the [searchterm] is either e-mail address, key ID, or really anything that identifies your key.

You can list keys with:
$ gpg --list-keys

Great, but if you now receive an e-mail signed with a valid signature (which you've imported) you'll get a warning "cannot verify sender". To fix this, change the level of trust and sign the foreign key.
$ gpg --edit-key [searchterm]
gpg> trust //Here I suggest 3 or 4. Use 5 only for your own keys.
gpg> sign
gpg> save
It'll work now.

You can move your private keys across different computers. Don't lose your private keys or else you won't be able to decrypt your e-mails. If needed (lost, stolen, stale), keys can be revoked.