Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)
Robert J. Hansen
rjh at sixdemonbag.org
Tue Aug 29 02:21:41 CEST 2017
> Tried both of them, not working. They only produce a single primary key
> (8 RSA or 11 ECC) with S,C capabilities (without E).
*shrugs* Do better. Seriously, if you literally choose option 8 and
just go through the defaults you'll get a single primary key with an
encrypt capability.
=====
quorra:~ rjh$ gpg --expert --full-generate-key
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
(9) ECC and ECC
(10) ECC (sign only)
(11) ECC (set your own capabilities)
(13) Existing key
Your selection? 8
Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt
(S) Toggle the sign capability
(E) Toggle the encrypt capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? q
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: Delete Me
Email address: delete.me at example.com
Comment:
You selected this USER-ID:
"Delete Me <delete.me at example.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key FD87EA81A2F00BA1 marked as ultimately trusted
gpg: revocation certificate stored as
'/Users/rjh/.gnupg/openpgp-revocs.d/6DBE635236A542524E7D950FFD87EA81A2F00BA1.rev'
public and secret key created and signed.
pub rsa2048/FD87EA81A2F00BA1 2017-08-29 [SCE]
6DBE635236A542524E7D950FFD87EA81A2F00BA1
uid Delete Me <delete.me at example.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 821 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170828/fea546a1/attachment.sig>
More information about the Gnupg-users
mailing list