Schlagwort-Archive: GPG

Create GPG Key

Not even to encrypt email content but files too it’s easily done using GPG2. So here we go:

gpg2 --full-gen-key

List your keys and get more detailed information:

gpg2 --list-keys
gpg2 --fingerprint <KEY-ID>

Generate revocation certificate or export key:

gpg --output revoke.asc --gen-revoke <KEY-EMAIL>
gpg --armor --output public-key.gpg --export <KEY-EMAIL>

To link your gpg key to an email address open your mail software, e.g. Evolution or Thunderbird, and add <KEY-ID> to your account settings.

A more detailed guide can be found on linode.com.

Set or Extend PGP Expiration Date

If expiration date of a pgp key got reached this key cannot be used for encryption. In general it’s a good choice to set an expiration date as mentioned on riseup.net:

People think that they don’t want their keys to expire, but you actually do. Why? Because you can always extend your expiration date, even after it has expired! This “expiration” is actually more of a safety valve or “dead-man switch” that will automatically trigger at some point. If you have access to the secret key material, you can untrigger it. The point is to setup something to disable your key in case you lose access to it (and have no revocation certificate).

It’s not hard to extend the expiration date. So here you go:

gpg2 --list-keys
gpg2 --edit-key <KEY-ID>

Now you’re in the gpg console. (By default, you’re working on the primary key.) If you need to update a sub-key:

gpg> expire
(follow prompts)
gpg> save

Now that you’ve updated your key, you can send it out:

gpg2 --keyserver pgp.mit.edu --send-keys <KEY-ID>

Thanks to the comment at superuser.com.