Introduction to GnuPG

The GnuPG package is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2 is the stable version of GnuPG integrating support for OpenPGP and S/MIME.

This package is known to build and work properly using an LFS-8.0 platform.

Package Information

GnuPG 2 Dependencies


Libassuan-2.4.3, libgcrypt-1.7.6, libgpg-error-1.26, Libksba-1.3.5, and npth-1.3



cURL-7.52.1, libusb-compat-0.1.5, an MTA, OpenLDAP-2.4.44, SQLite-3.17.0, texlive-20160523b (or install-tl-unx), and GNU adns

User Notes:

Installation of GnuPG



If you are upgrading from gnupg prior to version 2.1, upstream developers recommend to backup ~/.gnupg, because some additional configuration will probably be necessary, and you could lose your keys. You can find instructions at and

If the top directory path where the source is unpacked contains symbolic links, the openpgp tests might fail. If this is your case and you wish to run the test suite, fix that with:

sed -e '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' \
    -i tools/

Some tests will hang infinately. If you will run the tests, comment the failing portions of the tests:

sed -i -e '/^  test_agent_protect/s:^://:' agent/t-protect.c &&
sed -i -e '174,186 s/^/;;/'                tests/openpgp/ecc.scm

Install GnuPG by running the following commands:

./configure --prefix=/usr            \
            --enable-symcryptrun     \
            --enable-maintainer-mode \
            --docdir=/usr/share/doc/gnupg-2.1.18 &&
make &&

makeinfo --html --no-split \
         -o doc/gnupg_nochunks.html doc/gnupg.texi &&
makeinfo --plaintext       \
         -o doc/gnupg.txt           doc/gnupg.texi

If you have texlive-20160523b installed and you wish to create documentation in alternate formats, issue the following commands:

make -C doc pdf ps html

To test the results, issue: make check.

Note that if you have already installed GnuPG, the instructions below will overwrite /usr/share/man/man1/gpg-zip.1. Now, as the root user:

make install &&

install -v -m755 -d /usr/share/doc/gnupg-2.1.18/html            &&
install -v -m644    doc/gnupg_nochunks.html \
                    /usr/share/doc/gnupg-2.1.18/html/gnupg.html &&
install -v -m644    doc/*.texi doc/gnupg.txt \

We recommend the creation of symlinks for compatibility with the first version of GnuPG, because some programs or scripts need them. Issue, as root user:

for f in gpg gpgv
  ln -svf ${f}2.1 /usr/share/man/man1/$f.1 &&
  ln -svf ${f}2   /usr/bin/$f
unset f

If you created alternate formats of the documentation, install it using the following command as the root user:

install -v -m644 doc/gnupg.html/* \
                 /usr/share/doc/gnupg-2.1.18/html &&
install -v -m644 doc/gnupg.{pdf,dvi,ps} \

Command Explanations

sed ... tools/ This command is needed to build the gpg-zip program.

--docdir=/usr/share/doc/gnupg-2.1.18: This switch changes the default docdir to /usr/share/doc/gnupg-2.1.18.

--enable-symcryptrun: This switch enables building the symcryptrun program.

--enable-maintainer-mode: This switch is needed for proper completion of the tests.

--enable-g13: This switch enables building the g13 program.


Installed Programs: addgnupghome, applygnupgdefaults, dirmngr, dirmngr-client, g13, gpg-agent, gpg-connect-agent, gpg, gpg2, gpgconf, gpgparsemail, gpgscm, gpgsm, gpgtar, gpgv, gpgv2, igpg-zip, kbxutil, symcryptrun, and watchgnupg
Installed Libraries: None
Installed Directories: /usr/share/doc/gnupg-2.1.18 and /usr/share/gnupg

Short Descriptions


is used to create and populate user's ~/.gnupg directories


is a wrapper script used to run gpgconf with the --apply-defaults parameter on all user's GnuPG home directories.


is a tool that takes care of accessing the OpenPGP keyservers.


is a tool to contact a running dirmngr and test whether a certificate has been revoked.


is a tool to create, mount or unmount an encrypted file system container (optional).


is a daemon used to manage secret (private) keys independently from any protocol. It is used as a backend for gpg2 and gpgsm as well as for a couple of other utilities.


is a utility used to communicate with a running gpg-agent.


(optional) is a symlink to gpg2 for compatibility with the first version of GnuPG.


is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool used to provide digital encryption and signing services using the OpenPGP standard.


is a utility used to automatically and reasonably safely query and modify configuration files in the ~/.gnupg home directory. It is designed not to be invoked manually by the user, but automatically by graphical user interfaces.


is a utility currently only useful for debugging. Run it with --help for usage information.


executes the given scheme program or spawns an interactive shell.


is a tool similar to gpg2 used to provide digital encryption and signing services on X.509 certificates and the CMS protocol. It is mainly used as a backend for S/MIME mail processing.


is a tool to encrypt or sign files into an archive.


(optional) is a symlink to gpgv2 for compatibility with the first version of GnuPG.


is a verify only version of gpg2.


encrypts or signs files into an archive.


is used to list, export and import Keybox data.


is a simple symmetric encryption tool.


is used to listen to a Unix Domain socket created by any of the GnuPG tools.

Last updated on 2017-02-18 22:13:39 -0800