Public Key
12 Miscellaneous Commands
160 Miscellaneous Commands Commands
Commands
--agent
Starts a long-running application for retaining cached passphrases. This command is for use on Linux or other installations without PGP Desktop. The application contin ues running until it is terminated with a sigint signal (for example control-C).
This command does not apply to PGP Desktop installations on Windows and Mac OSX Those installations use PGP Tray to retain cached passphrases.
The usage format is:
pgp --agent
--create-keyrings
Creates a pair of empty keyrings. Several commands create keyrings automatically as part of the command; --gen-key, --import, and --keyserver-recv, for example.
You only need to use --create-keyrings if you want to create empty keyrings.
PGP Command Line will try to create the keyrings in the default location for the operating system: C:\Documents and Settings\<current user>\My Documents\PGP\ on Windows, $HOME/Documents/PGP on Mac OS X, and
$HOME/.pgp/ on UNIX. If the PGP portions of these directories do not exist, PGP Command Line attempts to create th em.
If the home directory is set and keyrings are not specified, PGP Command Line will try to create th e keyrings in the default home directory location. No paths will be created in this case; they must already exist. If the keyrings are specified, they are relative to the current directory. Use a full path in this case.
The usage format is:
pgp --create keyrings [--home-dir <path1>] [--public-keyring
<path2>]
[--private-keyring <path3>]
Where:
<path1> is the path to the home directory.
<path2> is the path to the public keyring file. You can specify a single file (which is relative to the current directory), a relative path (relative to the current directory), or a full path (the recomm ended usage).
<path3> is the path to the private keyring file. You can specify a single file (wh ich is relative to the current directory), a relative path (relative to the current
directory), or a full path (the recomm ended usage).
Example:
pgp --create-keyrings --home-dir /test/
Create keyrings using /test as the home directory.
Miscellaneous Commands Commands 161
--help (-h)
Displays th e banner message and the built-in help message, which provides a brief description of the commands and options in PGP Command Line.
The usage format is:
pgp --help
--license-authorize
You cannot use PGP Command Line normally until is licensed.
Refer to Licensing (on page 23) for a complete description of how to license PGP Command Line.
--purge-all-caches
Purges both the passphrase cache and the keyring cache. Caching is a security risk, so PGP Command Line makes it easy for you to purge the passphrase and keyring caches at any time.
The usage format is:
pgp --purge-all-caches Example:
pgp --purge-all-caches
Purges both the passphrase and the keyring cache.
--purge-keyring-cache
Purges the keyring cache, which stores keyrings in memory so that they do not have to be retrieved each tim e they are needed. Caching is a security risk, so PGP Command Line makes it easy for you to purge the keyring cache at any time. The option --purge-keyring-cache is not used unless specifica lly enabled.
The usage format is:
pgp --purge-keyring-cache Example:
pgp --purge-keyring-cache Purges the keyring cache.
--purge-passphrase-cache
Purges the global (shared) passphrase cache, which stores in memory passphrases you enter so that you do not have to enter them every tim e you need them. Caching is a security risk, so PGP Command Line makes it easy for you to purge the passphrase cache at any time.
162 Miscellaneous Commands Commands
--purge-passphrase-cache is not used unless specifically enabled.
The usage format is:
pgp --purge-passphrase-cache Example:
pgp --purge-passphrase-cache Purges the passphrase cache.
--speed-test
Runs a suite of PGP SDK speed tests, which both identify the version of the PGP SDK that PGP Command Line is using and returns test results for several tests: hash, cipher, and public key, for example.
Running --speed-test forces PGP Command Line into local mode. Running
--speed-test in FIPS mode (--fips-mode) runs the tests with the PGP SDK in FIPS mode, which runs a slightly different set of tests.
The usage format is:
pgp --speed-test [--fips-mode]
Example:
pgp --speed-test
Runs the suite of PGP SDK speed tests.
--version
Tells you what version of PGP Command Line you are using and displays the banner message.
The usage format is:
pgp --version [options]
Where:
[options] modify the command. Options are:
--verbose, which displays additional information about PGP Command Line, including passphrase cache information, time zone information, PGP SDK information, public key algorithms, symmetric ciphers, hashes, and compression.
Examples:
pgp --version
Displays version information and the banner message in the format:
PGP Command Line 10.0
Copyright (C) 2010 PGP Corporation All rights reserved.
Miscellaneous Commands Commands 163
--wipe
Wipes a file off of your system.
The --wipe command exceeds the media sanitization requirements of Department of Defense 5220.22-M at three passes. Security contin ues to increase up to approximately 28 passes.
The usage format is:
pgp --wipe <input> [<input> ...] [options]
Where:
<input> is the file or files you want to wipe.
[options] modify the command. Options are:
--wipe-passes, which lets you specify how many wipe passes are made.
Available values are 1 through 49. The default is 3.
--recursive, which lets you select subdirectories and files in subdirectories.
--verbose, which provides extra information about th e progress.
Examples:
1 pgp --wipe secretreport.txt
Wipes the file secretreport.txt from your system using the default number of passes, three.
2 pgp --wipe secret.doc --wipe-passes 8
Wipes the file secret.doc from your system using the number of passes specified with the --wipe-passes option, eight.
--check-sigs
Checks the signatures on all keys on your keyring. If errors are found, they are displayed.
The usage format is:
pgp --check-sigs Example:
1 pgp --check-sigs
Checks the signatures of all keys on your keyring.
--check-userids
Checks the user IDs on specified keys to make sure they conform to the conventional naming standard.
The acceptable form for a user ID is:
More than one character but fewer than 256 characters.
164 Miscellaneous Commands Commands
Common Name <contact information>. For example, "Alice Cameron <acameron
@example.com>" or "Ming Pa <AIM: 12345678>".
Common Name does not have to be the name of an individua l. On an ADK, for example, it could be a company name.
<contact information> cannot be empty, but it does not have to be an email address or viable contact information.
The GPG format "Common Name (Comment) <contact information>" is invalid.
If no invalid user IDs are found, a successful status message ("0:signatures ch ecked successfully") appears.
If invalid user IDs are found, each is listed as an error status message and the exit code is return ed.
The usage format is:
pgp --check-userids [<user1> ...]
Where:
<user1> is the user ID, portion of a user ID, or the key ID of a key on your keyring.
Examples:
1 pgp --check-userids
Checks the user IDs of all keys on your keyring.
2 pgp --check-userids acameron
Checks the user IDs of all keys on your keyring with "acameron" in the user ID or key ID of the key.
This chapter lists and describes PGP Command Line options.
Options are listed in alphabetical order with in their sections.