I've been hacked and now I only use a key pair on keybase.
codeguro at gmail.com
Sun May 26 19:47:58 CEST 2019
-----BEGIN PGP SIGNED MESSAGE-----
You don't communicate with paperkey. You use GPG to communicate.
GPG uses the secret key to sign messages as well as decrypt messages that were encrypted with its corresponding public key.
Paperkey is just a tool to help store that secret key on a paper medium. That's it.
To use it, use the following command: gpg --export-secret-keys | paperkey
You can print the contents out, type them by hand, or whatever.
I think what you're asking is: "How do I sign or decrypt messages without crypto software such as GPG on the compromised computer? I don't want to risk my secrets being exposed!"
To that, my answer is "you can't." If your machine is compromised then your best bet is to keep your secret keys away from that machine entirely. Instead, install GPG on your offline machine and do all of your signing/decryption there.
To sign messages in PGP ascii armored format, you can do:
gpg --clearsign inputfile
gpg --detach-sign --armor inputfile
Similar commands can be used for encryption.
Remember that when encrypting that if you don't include yourself as the recipient, you won't be able to decrypt it.
Here is a good tutorial for GPG and enigmail: https://futureboy.us/pgp.html
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users