Gen Key command done correctly
Robert J. Hansen
rjh at sixdemonbag.org
Tue Nov 6 02:12:23 CET 2007
Robert D. wrote:
> When I used gen-key, I got one, but at the end was told that I'd need to
> generate a sub-key that I could use to actually encrypt.
GnuPG uses "key pair" in two distinct senses. One of them means a
public/private pair; and the other means two sets of public/private
keys, one set used for encryption and one set used for signing. To
disambiguate, I'll refer to the latter as a key set, and a
public/private combination as a key pair.
By default, GnuPG only creates key sets for DSA/Elgamal keys. It
creates a DSA key pair for signing and an Elgamal key pair for encryption.
For RSA keys, GnuPG only creates a single key pair--a signing pair.
gpg --edit-key <key ID> addkey
<enter your passphrase>
<enter desired key size>
... and so on, and so on, and you'll have an encryption key pair added
to your signing key pair, making it a completely usable key set.
More information about the Gnupg-users