Creating a new GPG-Key

June 27, 2007 1-minute read

Today I created a new GPG key pair, here is a short description of this procedure, just in case I have to do it again.

Run

gpg --gen-key

and answer the questions should be fairly straight forward. At the end your key-id which uniquely identifies your key will be printed. Use it to create a revocation certificate, just in case your private key will be compromised.

gpg --output [email].revoke.asc --gen-revoke [key-id]

Then export your public key which you can distribute to your friends.

gpg --armor --output [email].pub.asc --export [key-id]

I would also advice you to export the private key and store it in a secure place.

gpg --armor --output [email].sec.asc --export-secret-key [key-id]

As a final step send your public to one of the many key servers so others can fetch it and encrypt documents with it.

gpg --keyserver wwwkeys.ch.pgp.net --send-key [key-id]

The key server are constantly synchronising under each other so after some time your key should be available to others. Do a quick search to check this.

gpg --keyserver wwwkeys.de.pgp.net --search-keys [email]

Marc