This article will describe creating GPG key.
Table of Contents
1 Update random value with rng-tools
When creating GPG key, the following message will be output and console will be hung.
Not enough random bytes available. Please do some other work to give
Update random value with rng-tools.
$ sudo apt install -y rng-tools $ sudo rngd -r /dev/urandom
2 Create GPG key with interactive mode
Create GPG key with gpg –gen-key.
$ gpg --gen-key
Secret key is created at ${HOME}/.gnupg/secring.gpg and public key is created at ${HOME}/.gnupg/pubring.gpg.
gpg: keyring `/home/hiroom2/.gnupg/secring.gpg' created gpg: keyring `/home/hiroom2/.gnupg/pubring.gpg' created
Use default "(1) RSA and RSA".
Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection?
Use default "2048".
RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048)
Use default "key does not expire". Prss y key.
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Input name, e-mail and comment. You must input name.
You need a user ID to identify your key; the software constructs the
user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <[email protected]>"
Real name: hiroom2
Email address: [email protected]
Comment: hiroom2 gpg key
Press O key.
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
Input password. An empty password is allowed.
Enter passphrase: Repeat passphrase:
GPG key is created.
generator a better chance to gain enough entropy.
..+++++
.............+++++
gpg: /home/hiroom2/.gnupg/trustdb.gpg: trustdb created
gpg: key 65F355D9 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/65F355D9 2016-08-14
Key fingerprint = 95CF BBE0 C638 93EB 7E77 C427 A093 6A22 65F3
55D9
uid hiroom2 (hiroom2 gpg key) <[email protected]>
sub 2048R/FEC8326F 2016-08-14
3 Create GPG key with batch mode
Create configuration file for gpg command.
$ cat <<EOF > gpg.txt
%pubring ${HOME}/.gnupg/pubring.gpg
%secring ${HOME}/.gnupg/secring.gpg
Key-Type: RSA
Subkey-Type: RSA
Key-Length: 2048
Subkey-Length: 2048
Expire-Date: 0
Name-Real: hiroom2
Name-Email: [email protected]
Name-Comment: hiroom2 gpg key
Passphrase: mypassphrase
%commit
EOF
Create GPG key with gpg –gen-key –batch.
$ gpg --gen-key --batch gpg.txt ......+++++ .....+++++ +++++ .........+++++