Differences

This shows you the differences between two versions of the page.

--- projects:howtos:gpg [2016/01/23 18:57] – [Further Reading] prometheus
+++ projects:howtos:gpg [2016/02/12 16:53] – [Generating the master key] prometheus
@@ Line 1: / Line 1: @@
-====== How to generate a GPG Master Key with related subkeys? ======
+====== How to generate a GPG Key with multiple uids & subkeys? ======
+<note warning>This page is still a DRAFT.</note>
 ===== Requirements =====
@@ Line 7: / Line 9: @@
 Download the latest [[https://archlinux.org/|Arch Linux]] or [[http://www.wiki.archbang.org/|ArchBang Linux]] release and write it to a bootable CD or USB thumbdrive.
-<sxh bash>
+<sxh bash;gutter: false>
 ~$: dd if=archlinux-$VERSION-dual.iso of=/dev/$DEVICE bs=8192
 </sxh>
@@ Line 21: / Line 23: @@
 </code>
-<sxh bash>
+<sxh bash;gutter: false>
 ~$: echo "pinentry-program `which pinentry-tty`" >> ./.gnupg/gpg-agent.conf
 </sxh>
@@ Line 27: / Line 29: @@
 ===== Generating the master key =====
-<sxh bash>
+<sxh bash;gutter: false>
 ~$: gpg2 --expert --full-gen-key
-# 9
+# 10
-# 7
+# 1
+# y
 # 0
 # y
@@ Line 43: / Line 46: @@
 ===== Generating the sub keys to your master key =====
+<sxh bash;gutter: false>
+~$: gpg2 --expert --edit-key $KEYID
+gpg> addkey
+# 8
+# Q
+# 4096
+# 1y
+# y
+# y
+# T
+gpg> save
+</sxh>
+===== Removing the primary key =====
+<sxh bash;gutter: false>
+~$: gpg -K
+~$: gpg -a --export-secret-subkeys $KEYID > 0x$KEYID-secret.subkeys.gpg
+~$: gpg --delete-secret-keys $KEYID
+# y
+# y
+# D
+# D
+# D
+</sxh>
 ===== Troubleshooting =====
-  * Error while generating key?
+==== Error while generating key? ====
 If you get the following error while the key generation:
@@ Line 59: / Line 85: @@
 it means your gpg-agent isn't running.
+==== ECC key not successfully uploaded to keyserver ====
+Consider [[http://security.stackexchange.com/questions/78866/has-my-gpg-subkey-been-uploaded-to-the-keyserver|the following]].
 ===== FAQ =====
@@ Line 70: / Line 99: @@
 ===== Further Reading =====
+  * [[https://emailselfdefense.fsf.org/en/|FSDE - E-Mail Defense Guide]] (Beginner's Guide & visually addressing)
+  * [[http://keyring.debian.org/creating-key.html|Debian Wiki -
+Creating a new GPG key]]
+  * [[https://wiki.debian.org/Subkeys|Debian Wiki - Subkeys]]
+  * [[http://spin.atomicobject.com/2013/11/24/secure-gpg-keys-guide/|Generating More Secure GPG Keys: A Step-by-Step Guide]]
   * [[https://pgpkeygen.com/|GPG KeyGenerator]] (An online service generating GPG keys within your browser. Advertised as secure and trustworthy, though not recommended.)
   * [[https://chaosfreakblog.wordpress.com/2013/06/21/gpg-problem-with-the-agent-no-pinentry-solved/|
 Annoyances and How-Tos: “gpg: problem with the agent: No pinentry” — SOLVED]]
+  * [[http://www.hauke-laging.de/sicherheit/subkeys.en.html|Hauke Laging - GnuPG subkeys]]
+  * [[http://www.gniibe.org/memo/software/gpg/keygen-25519.html|gniibe - Creating newer ECC keys for GnuPG]]
+  * [[https://alexcabal.com/creating-the-perfect-gpg-keypair/|Creating the perfect GPG keypair]]
+  * [[https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/|Creating a new GPG key with subkeys]]
+  * [[https://github.com/google/end-to-end/issues/214|Anomalies when importing keyring to gpg]]