With Macports, I realize that there are ports gnupg and a newer gnupg2. I'd like to use GnuPG to encrypt files. Should I install both, or just one is enough? If I installed both, are both compatible with each other? Does it matter which one I install first matter at all?
Asked
Active
Viewed 6.2k times
106
1 Answers
115
GnuPG 1
GnuPG 1.4 ("classic") will stay for embedded and server usage, as it brings less dependencies and smaller binaries. Earlier, it was often installed as gpg, today it is more often named gpg1 (depending on distribution).
From the GnuPG 1.4 man page:
This is the standalone version of
gpg. For desktop use you should consider usinggpg2from the GnuPG-2 package (On some platformsgpg2is installed under the namegpg)
GnuPG 2
GnuPG 2.0 is a redesigned version of GnuPG -- but changes are mostly on internal level. The newer version is split into multiple modules, for example there are also modules for X.509 (used by S/MIME).
From man gpg2:
In contrast to the standalone version gpg, which is more suited for server and embedded platforms, this version is commonly installed under the name
gpg2and more targeted to the desktop as it requires several other modules to be installed.
GnuPG 2.1
An important change came with GnuPG 2.1, which combines the formerly separated public and private keyrings (pubring.gpg vs. secring.gpg) into the public keyring. This has been implemented in a manner keeping things compatible, so you can still use GnuPG 1 when GnuPG 2.1 integrated the private keyring, but changes to the private keys will not show up for the respective other implementation. From the changelog:
[...] allows co-existence of older GnuPG versions with GnuPG 2.1. However, any change to the private keys using the new gpg will not show up when using pre-2.1 versions of GnuPG and vice versa.
To directly answer your question:
Should I install both, or just one is enough? Does it matter which one I install first matter at all?
Just install both. They don't interfere anyway. Install gpg (if not installed anyway) for other applications that access it (like package managers, mail clients, ...), and gpg2 for "direct use" on the command line.
If I installed both, are both compatible with each other?
Both implement the OpenPGP protocol, so they're compatible to each other regarding data shared among them. Additionally, they're (mostly) using the same commands and options, so most of the time you could switch between them arbitrarily.
GnuPG 2.1 makes changes to the private keyring invisible to pre-GnuPG 2.1 implementations (see above in the GnuPG 2.1 section).
Jens Erat
- 17,897
gpg2doesn't seem to see the private keys thatgpgsees. For instance,gpg2 --list-secret-keysgives no output, butgpg --list-secret-keysdoes give output. – Flimm Jul 23 '16 at 10:15secring.gpg, which is not queried by GnuPG 2.1. Copy them to GnuPG 2.1 throughgpg --export-secret-keys [key-id] | gpg2 --import. – Jens Erat Jul 23 '16 at 10:22gpgv1package is described as "deprecated "classic" version" andgpgv2is described as "dummy transitional package." Installing the plaingpgpackage gives gpg version 2.2.4.So it appears that gpgv1 is going away and gpgv2 (referred to simply as "gpg") is the new standard.
– Mark Doliner Feb 07 '19 at 22:10gpgvis not the same asgpg. On Debian thegpgvpackage says: "gpgv is actually a stripped-down version of gpg which is only able to check signatures. It is somewhat smaller than the fully-blown gpg and uses a different (and simpler) way to check that the public keys used to make the signature are valid. There are no configuration files and only a few options are implemented.". The package names for the actualgpgaregnupgandgnupg1. To me that doesn't say v1 is going away, only that v2 is the standard. – FrontierPsycho Sep 15 '22 at 15:15