# GnuPG (gpg) Notes

## For salt gpg renderer

### Obtaining the keys
If you haven't, import everybody's gpg keys:
```
gpg --import msoc-infrastructure/salt/gpgkeys/keys.pub
```

### To regenerate this file
export the current employees' keys:
```
gpg --list-keys
gpg --armor --export B42AB5B7D7D7FD03 E33334D29D7FF712 4F00BDEDDF65023C E80270BBD169C32BE6A59C0990BC1707A7412B98 > keys.pub
```

### To create the group
In ~/.gnupg/gpg.conf:
```
auto-key-retrieve
no-emit-version
group engineers = fdamstra@keybase.io Brad Duane
#group salt = fdamstra@keybase.io Brad Duane mdr-engineering@defpoint.com mdr.eng@accenturefederal.com
group salt = fdamstra@keybase.io Brad Duane mdr-engineering@defpoint.com
```

### To encrypt something for the group
```
echo hi | gpg --armor --encrypt -r salt
```

### To generate a random password
```
# Option 1
openssl rand -base64 32 | gpg --armor --encrypt -r salt
```