gpg-list-keys

List GPG Keys

When to use

The user asks "what GPG keys do I have", needs a key ID or fingerprint to feed into another command, or wants to check whether a recipient's public key is on the keyring.

Commands

Secret keys (keys whose private half is on this machine — i.e. your keys):

gpg --list-secret-keys --keyid-format=long

Public keys (everything on the keyring, including imported public keys for recipients):

gpg --list-keys --keyid-format=long

With fingerprints (needed for trust signing or precise reference):

gpg --list-keys --with-fingerprint --keyid-format=long

Filter by email or name:

gpg --list-keys "<email-or-name>"

Reading the output

pub   ed25519/ABCDEF1234567890 2026-04-30 [SC]
      1234567890ABCDEF1234567890ABCDEF12345678
uid                 [ultimate] Real Name <[email protected]>
sub   cv25519/FEDCBA0987654321 2026-04-30 [E]

• pub / sec — primary public / secret key. Flags: S=sign, C=certify, E=encrypt, A=authenticate.
• The 40-char hex below is the fingerprint — preferred for unambiguous reference.
• The ed25519/ABC… form is the long key ID (last 16 hex chars of the fingerprint).
• sub — subkey. Encryption typically lives on a subkey for ed25519 primaries.
• Trust labels: ultimate (your own key), full, marginal, unknown.

Common follow-ups

• Export a key → gpg-export-public-key skill.
• Encrypt to a recipient → gpg-encrypt skill (need their key on the ring first; import via gpg --import recipient.asc).