revocation certificate command
David Shaw
dshaw at jabberwocky.com
Sat Aug 16 14:24:45 CEST 2008
On Aug 16, 2008, at 2:36 AM, kurt c wrote:
> First I read from this page http://futureboy.us/pgp.html
> that after I generated a new key with gpg --gen-key command I should
> follow it with gpg --gen-revoke command to generate a revocation
> certificate. But I only saw from my command prompt after typing it in:
>
> usage: gpg [options] --gen-revoke user-id
>
> What should I do now? I hope it's not too late to generate a
> revocation
> certificate now that the key has already been created and sent to
> keyserver.
No problem. So long as you have the secret key, you can generate a
revocation certificate whenever you like. The common advice to
generate the revocation certificate right after you generate the key
is because people sometimes lose their secret key and are then unable
to revoke it. If you generate the revocation certificate ahead of
time and store it somewhere safe, then you can always revoke the key
if you need to.
Anyway, the command syntax you're looking for is:
gpg --gen-revoke (name)
Where (name) is a user ID on the key you are making a revocation
certificate for. Once you do this, GPG will print out a certificate.
Save this somewhere safe, and you're all set.
David
More information about the Gnupg-users
mailing list