RSA only enable to sign

Iván Cervantes lord.icervantes at
Tue Sep 8 08:38:05 CEST 2009

Hi Robert,

thanks for the answer, I did that one week ago, and works fine but i need
the private key to generate the subkey. But its true that you say, we can
enable a subkey of RSA to encrypt.

Changing a little my question, why I have only three options in my gpg

The reason is that I develop a system that import a public key (In theory
any algorithm in gpg) and then my system encrypt a file with that public
key. Thats an automatic process and I can request the private key to my
users because that broke my security protocol.


2009/9/8 Robert J. Hansen <rjh at>

> There are some Spanish-speakers on this list who might be able to give
> you a Spanish answer.  If you don't mind an English answer, I'll try to
> answer it.
> > Can you help me with the next: why I have RSA only to sign¿?
> You need to add an RSA encryption subkey.  Go ahead and create a
> sign-only RSA key.  Then:
>        gpg --edit-key [my key ID] addkey
> At the prompt, choose "(6) RSA (encrypt only)".  It may be numbered
> differently on your machine.
> Go through the rest of the steps and you will have add an RSA encryption
>  subkey.  Send the updated key on to the keyserver network and your
> friends can now use that encryption subkey to encrypt data meant for you.

Iván Cervantes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20090908/a127a1d1/attachment-0001.htm>

More information about the Gnupg-users mailing list