How to List GPG Keys in Linux?

GPG (GNU Privacy Guard) is a secure way to transmit data between users and verify the host using encrypted keys. The GPG keys are listed to determine which keys already exist in the system. The GPG keys information, such as the public key, private key, signature key, and fingerprints of the GPG keys, can be checked by listing these keys.

This article will cover all the methods to list GPG keys in Linux and list specifiers available in the GPG command using the following timeline:

How to List GPG Keys in Linux?

The “–list-keys” options are used with the gpg command to display the GPG keys. The listing of GPG keys displays different information, such as the key, User ID, and other GPG key details. Several other options can be used with the “list-gpg” keys to display specific information about the GPG keys.

Let’s display the GPG keys in different ways.

List Public GPG keys

The gpg command with the options “–list-keys” or “-k” shows all the GPG public keys present in the public keyring of the system. To find the list of GPG keys in any system, execute the below command in the terminal:

Note: The command “gpg -k” also shows the list of all the public GPG keys.

$ gpg --list-keys

The output shows the details about the GPG key in the system. The pub is the Public key, uid is the User ID of that particular user, and sub is the Subkey of the user.

We can list the GPG key for a particular user only. For instance, to list the GPG key for the user having UID “[email protected]”, execute the following command:

$ gpg --list-keys [email protected]

The output shows the GPG key details for the particular UID.

The GPG keys can be listed in short and long formats also. To list the public GPG keys in long format, we can specify the “–keyid-format” as shown below:

$ gpg --list-keys --keyid-format=long

To list the public GPG keys in short format, use the “short” key id format option as shown below:

$ gpg --list-keys --keyid-format=short

The GPG key details are shown in short format.

List Secret GPG Keys

The GPG secret keys are encrypted and present in the secret key ring of the system. These types of GPG keys are also called private GPG keys. To list out the private GPG keys in the system, use the “–list-secret-keys” option, as shown below:

$ gpg --list-secret-keys

The output shows the secret key as sec, User ID as uid, and secret subkey as ssb.

To list all the secret keys in long format, use the following command:

$ gpg --list-secret-keys --keyid-format=long

Similarly, to show the secret keys in short format, execute this command:

$ gpg --list-secret-keys --keyid-format=short

The output is showing all the secret keys of the system in short format.

List Signatures GPG

The signature GPG keys contain the primary key packets to verify the integrity of the GPG keys to connect with other applications. The signature GPG list also stores the last encrypted User ID packet. To check the list of signature GPG keys in the system, run the following command with the “–list-sigs” option in the terminal:

$ gpg --list-sigs

The output shows the details about the trusted signature GPG keys of the system.

To list the signature GPG keys in long format, execute this command:

$ gpg --list-sigs  --keyid-format=long

Moreover, to check the number of verified signatures and list them, use the “–check-signatures” option as shown below:

$ gpg --check-signatures

There are two verified GPG signatures named “sig!3” and “sig!” that are listed in the output.

List Fingerprints GPG

The fingerprints of every public key are only specific to that GPG key. Multiple GPG keys can have the same features; to separate those keys, fingerprints of the GPG key are used. When a user login to the remote SSH server, the fingerprints of the GPG key are matched.

The fingerprint of all the system GPG keys can be found using the “–fingerprint” option of the GPG command and stored in “gpgfile.txt” by using the following command:

$ gpg --fingerprint > gpgfile.txt

To display the fingerprints of the GPG keys, execute the below cat command:

$ cat gpgfile.txt

The output shows the encrypted fingerprints of the public GPG keys.

Conclusion:

Listing GPG keys in Linux helps the users view the public, secret, signatures, and fingerprints of the GPG keys, which can be done using “–list-keys” with any specific option. The GPG keys can also be listed in short or long format. Moreover, the number of verified GPG lists can be checked and listed with the “–check-signatures” option of the GPG command.