Linux create your own GnuPG private and public key

GNU gpg is encryption and signing tool. The GNU Privacy Guard (GnuPG or GPG) is a free software replacement for the PGP suite of cryptographic software. GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ ‘owner’ identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.

How do I create my own GnuPG private and public key

  1. Login to your shell account
  2. Use gpg command to create the keys
  3. $ gpg --gen-key

    Output:

    gpg (GnuPG) 1.4.1; Copyright (C) 2005 Free Software Foundation, Inc.
    This program comes with ABSOLUTELY NO WARRANTY.
    This is free software, and you are welcome to redistribute it
    under certain conditions. See the file COPYING for details.
    
    gpg: directory `/home/sheron/.gnupg' created
    gpg: new configuration file `/home/sheron/.gnupg/gpg.conf' created
    gpg: WARNING: options in `/home/sheron/.gnupg/gpg.conf' are not yet active during this run
    gpg: keyring `/home/sheron/.gnupg/secring.gpg' created
    gpg: keyring `/home/sheron/.gnupg/pubring.gpg' created
    Please select what kind of key you want:
       (1) DSA and Elgamal (default)
       (2) DSA (sign only)
       (5) RSA (sign only)
    Your selection? Press [Enter] Key
    DSA keypair will have 1024 bits.
    ELG-E keys may be between 1024 and 4096 bits long.
    What keysize do you want? (2048) Press [Enter] Key
    Requested keysize is 2048 bits
    Please specify how long the key should be valid.
             0 = key does not expire
            = key expires in n days
          w = key expires in n weeks
          m = key expires in n months
          y = key expires in n years
    Key is valid for? (0) Press [Enter] Key
    Key does not expire at all
    Is this correct? (y/N) y
    
    You need a user ID to identify your key; the software constructs the user ID
    from the Real Name, Comment and Email Address in this form:
        "Heinrich Heine (Der Dichter) "
    
    Real name: sheron
    Email address: lgjsheron@gmail.com
    Comment:[Enter] key
    You selected this USER-ID:
        "sheron"
    
    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
    You need a Passphrase to protect your secret key.
    
    Enter passphrase: [Enter password twice]
    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    .+++++....+++++++++++++++..++++++++++..++++++++++...++++++++++++++++++++.+++++++++++++++++++++++++++++++++++.+++++..++++++++++++++++++++.++++++++++..+++++.+++++.+++++>+++++....+++++>.+++++...................................................................+++++^^^^^^^^^^^
    gpg: /home/sheron/.gnupg/trustdb.gpg: trustdb created
    gpg: key 8E19F126 marked as ultimately trusted
    public and secret key created and signed.
    
    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
    pub   1024D/8E19F126 2007-02-10
          Key fingerprint = A7AF E25D 3E8D 6946 37CC  8CCE 12C4 8DC1 8E19 F126
    uid                  sheron 
    sub   2048g/032824B9 2007-02-10
  4. Now keys generated, you can list your own key using:
  5. $ gpg -K

    OR

    $ gpg --list-keys

    Output:

    /home/sheron/.gnupg/pubring.gpg
    ------------------------------
    pub   1024D/CA7A8402 2007-02-10
    uid    sheron
    sub   2048g/0A7B4F93 2007-02-10
    

    Let us try to understand the line

    pub 1024D/CA7A8402 2007-02-10:

    pub : Public key
    1024D : The number of bits in the key
    CA7A8402 : The key ID
    2007-02-10 : The date of key creation
    sheron : The user real name
    <lgjsheron@gmail.com> :The email id

    Most important is the key ID i.e. CA7A8402.

    Make sure you use powerful passphrase to protect keys and not the easy one.

  6. To list secret key, type the command:
  7. $ gpg --list-secret-keys

    Output:

    /home/sheron/.gnupg/secring.gpg
    ------------------------------
    sec   1024D/CA7A8402 2007-02-10
    uid                 sheron
    ssb   2048g/0A7B4F93 2007-02-10
    Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s