gpg or gpg2 - are public and private Key generators for RSA and DSA encryption. This post explains the usage of gpg on a terminal / command line to create a key-pair.
Create GPG keys on terminal
The steps of this article were done on ubuntu 20.04 with gpg 2.2.19.
To check your ubuntu version, follow this How-To.
Start the command for a full key-pair generation
gpg --full-gen-key
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(14) Existing key from card
Your selection?
Choose RSA and RSA (default) as option 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072)
Type 4096 as key size
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Choose key does not expire as option 0
Key does not expire at all
Is this correct? (y/N)
Type y to confirm that the key should not expire
GnuPG needs to construct a user ID to identify your key.
Real name:
Type Key-Pair for blog post by KargWare as real name
Email address:
Type blog@kargware.com as email
Comment:
Type A key-pair example for a blog post as comment
You selected this USER-ID:
"Key-Pair for blog post by KargWare (A key-pair example for a blog post) <blog@kargware.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?
Choose (O)kay as option O to confirm everything
A new screen will appear, where you can enter your passphrase for more security. Here I will keep the passphrase empty. Maybe you have to repeat the skip step. Move your mouse, make some key strokes to generate some randomness for your keys.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key CFE435A063305EF4 marked as ultimately trusted
gpg: revocation certificate stored as '/home/nkarg/.gnupg/openpgp-revocs.d/EAC61079F6FE3DD1D5F3082ACFE435A063305EF4.rev'
public and secret key created and signed.
pub rsa4096 2020-12-04 [SC]
EAC61079F6FE3DD1D5F3082ACFE435A063305EF4
uid Key-Pair for blog post by KargWare (A key-pair example for a blog post) <blog@kargware.com>
sub rsa4096 2020-12-04 [E]
Check if the key is there
gpg --list-keys EAC61079F6FE3DD1D5F3082ACFE435A063305EF4
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 4 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 4u
pub rsa4096 2020-12-04 [SC]
EAC61079F6FE3DD1D5F3082ACFE435A063305EF4
uid [ultimate] Key-Pair for blog post by KargWare (A key-pair example for a blog post) <blog@kargware.com>
sub rsa4096 2020-12-04 [E]