projects:howtos:gpg

How to generate a GPG Key with multiple uids & subkeys?

This page is still a DRAFT.

Download the latest Arch Linux or ArchBang Linux release and write it to a bootable CD or USB thumbdrive.

<sxh bash;gutter: false> ~$: dd if=archlinux-$VERSION-dual.iso of=/dev/$DEVICE bs=8192 </sxh>

Than boot your computer with it.

Paranoid Modus: use a non-networked computer for this procedure.
gpg: problem with the agent: No pinentry

<sxh bash;gutter: false> ~$: echo "pinentry-program `which pinentry-tty`" » ./.gnupg/gpg-agent.conf </sxh>

<sxh bash;gutter: false> ~$: gpg2 –expert –full-gen-key # 10 # 1 # y # 0 # y # Real NAME # E-Mail Address # Comment # O # y # T </sxh>

<sxh bash;gutter: false> ~$: gpg2 --expert --edit-key $KEYID gpg> addkey # 8 # Q # 4096 # 1y # y # y # T gpg> save </sxh>

<sxh bash;gutter: false> ~$: gpg -K ~$: gpg -a --export-secret-subkeys $KEYID > 0x$KEYID-secret.subkeys.gpg ~$: gpg --delete-secret-keys $KEYID # y # y # D # D # D </sxh>

If you get the following error while the key generation:

gpg: can't connect to the agent: IPC connect call failed
gpg: agent_genkey failed: No agent running
Key generation failed: No agent running 

it means your gpg-agent isn't running.

Consider the following.

  1. Why using Arch*Linux instead of something more security related like Tails?

In the moment of writing, Tails doesn't include the latest gpg2 package within its distribution. To narrow down as much obstacles as possible, I've chosen a distribution which includes all needed software packages.

  • projects/howtos/gpg.txt
  • Last modified: 2016/03/08 00:01
  • by prometheus