First steps with GPG, am I off to a good start?

Peter Lebbing peter at
Sat Oct 12 11:43:15 CEST 2013

On 12/10/13 00:22, Robin Kipp wrote:
> I only put the --expert flag because I wanted to take advantage of having a
> main key that can only sign and certify, and which I can then store offline.

The defaults are an RSA primary key for certification and signing, and an RSA
subkey for encryption. Even without the --expert flag, you can also choose to
generate a primary key just for certification and signing, and then in a second
step add more subkeys.

The choices of keys you get without --expert are:
> Please select what kind of key you want:
>    (1) RSA and RSA (default)
>    (2) DSA and Elgamal
>    (3) DSA (sign only)
>    (4) RSA (sign only)

So you don't need the --expert flag for that.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list