The layout of the --edit-key
listing is not documented (not that I could find anyway). The abbreviations you mention however are, somewhere in the info pages (info gpg
).
I searched for S:
and found that I actually wanted to search for usage:
.
In "GPG Key related Options":
4.2.1 How to change the configuration
These options are used to change the configuration and are usually
found in the option file.
'--list-options parameters'
show-usage
Show usage information for keys and subkeys in the standard
key listing. This is a list of letters indicating the allowed
usage for a key ('E'=encryption, 'S'=signing,
'C'=certification, 'A'=authentication). Defaults to no.
So, doing gpg -k --list-options show-usage 1A3ABKEY
will show you something like this:
pub rsa4096/1A3ABKEY 2015-01-25 [SC]
uid [ultimate] Some Key
sub rsa4096/4B907KEY 2015-09-19 [S]
sub rsa4096/F9A41KET 2015-09-19 [E]
Some more info is found in "Unattended Usage of GPG"
Key-Usage: USAGE-LIST
Space or comma delimited list of key usages. Allowed values are
'encrypt', 'sign', and 'auth'. This is used to generate the key
flags. Please make sure that the algorithm is capable of this
usage. Note that OpenPGP requires that all primary keys are
capable of certification, so no matter what usage is given here,
the 'cert' flag will be on. If no 'Key-Usage' is specified and the
'Key-Type' is not 'default', all allowed usages for that particular
algorithm are used; if it is not given but 'default' is used the
usage will be 'sign'.
So, while not immediately apparent, the info is there, somewhere, on your system. If man
does not help you, try man -k
and/or info
.