The comp.security.pgp FAQ

Several undocumented command-line switches exist. Peter Simons <simons@petium.rhein.de> has provided a comprehensive list:

The -i option will cause PGP to include more information about the file in the encrypted message. With the -p option, PGP restores the original filename when you decrypt the message, but if this option is also used, and both sender and recipient are using the same platform, then the original file permissions and timestamp will also be restored.
With the -l option PGP gives lots more information about what it is doing. During key generation, for example, you get to see the actual numbers used in your public and secret key.
The -km option will display the "web of trust" (see question 4.7) in a nested list. This way you can see which key introduces which.
By putting encrypttoself=on in your configuration file, all messages that you encrypt will always be encrypted with your own public key as well. This way you will be able to decrypt and read every message you send. This can be useful if you have PGP set up to encrypt every outgoing message, and your "outbox" will keep the encrypted versions. Note: if someone else ever manages to obtain your secret key, he will be able to read every encrypted message you ever sent out, if this option was enabled.
To create a file containing n random bytes, use the pgp filename +makerandom=n. There is a bug in the international versions of PGP, which results in this random data being a lot less random than normal.

11.2 Can I use PGP on a BBS?

Some BBS sysops may not permit you to place encrypted mail or files on their boards. Just because they have PGP in their file area, that doesn't necessarily mean they tolerate you uploading encrypted mail or files - so do check first.

Fido net mail is even more sensitive. You should only send encrypted net mail after checking that:

Your sysop permits it.
Your recipient's sysop permits it.
The mail is routed through nodes whose sysops also permit it.

Get your public key signed by as many individuals as possible. It increases the chances of another person finding a path of trust from himself to you.

Don't sign someone's key just because someone else that you know has signed it. Confirm the identity of the individual yourself. Remember, you are putting your reputation on the line when you sign a key.

If you have a UNIX shell account, put a copy of your public key in a file called ".plan", so that other people can finger that account and get your public key in the process. See also question 4.8.

Also, send your public key to a keyserver. See question 8.1 for details.

Whatever method you choose to make your key available, make sure that it's clear for others how to get it. Usually, you just put instructions in your mail and news .signature file (something like "PGP public key available from keyservers" or "Finger me for public key"), or reference to it from your homepage.

It's also good practice to include key ID and fingerprint in your .signature. That way, people who want to have your key can be more certain they are actually getting yours, and not some other key with your name on it. And the fingerprint will be an even greater help in this.

But this is not proof that the key actually is yours. Remember, the message or post with this .signature can be a forgery.

If you have any other tips, please let me know.

The comp.security.pgp FAQ

11. General Tips

11.1 Are there undocumented features in PGP?

11.2 Can I use PGP on a BBS?