6.9 KiB
Creating a GPG key
The following are the steps to create a GPG key in either Linux, Windows or Mac.
These steps were created using ChatGPT, so there might be some errors.
If you run into errors, or if there's any missteps please log an issue here:
https://hub.openingdesign.com/OpeningDesign/Bonsai_Tutorials/issues
or create a pull request with the change. Thank you.
Linux
To create a GPG key on Linux, follow these steps:
Step 1: Install GnuPG (if not already installed)
Most Linux distributions come with GPG preinstalled, but you can install it if needed: How to open the terminal
-
Debian/Ubuntu:
bash
sudo apt update && sudo apt install gnupg -
Fedora:
bash
sudo dnf install gnupg2 -
Arch Linux:
bash
sudo pacman -S gnupg
Step 2: Generate a New GPG Key
Run the following command:
bash
gpg --full-generate-key
Step 3: Choose Key Options
You'll be prompted to select the type of key:
- RSA and RSA (default) – Press Enter to accept.
- Key size – Enter 4096 for better security and press Enter.
- Key validity – Choose how long the key should be valid (e.g., 0 for no expiration).
- Confirm key generation – Type y and press Enter.
Step 4: Provide Your User Information
You'll need to enter:
- Real name (e.g., "John Doe")
- Email address (e.g., "john.doe@example.com")
- Optional comment (press Enter to skip)
Step 5: Create a Secure Passphrase
You'll be asked to set a passphrase to protect the private key. Choose a strong password.
Step 6: Key Generation
GPG will generate the keypair, and you may need to move your mouse or type random keys to help generate entropy.
Step 7: Verify Your New GPG Key
List your generated keys:
bash
gpg --list-keys
or for secret keys:
bash
gpg --list-secret-keys
Step 8: Export Your Public Key (Optional)
To share your public key, export it:
bash
gpg --armor --export your-email@example.com > my-public-key.asc
Then you can share my-public-key.asc with others.
Windows
Step 1: Install Gpg4win
-
Download Gpg4win:
- Go to the official Gpg4win website: https://gpg4win.org/download.html.
- Download the latest version.
-
Install Gpg4win:
- Run the installer and follow the prompts.
- During the installation, ensure that GnuPG (the actual encryption software) and Kleopatra (a key manager) are selected for installation.
Step 2: Open Kleopatra (Key Manager)
- After installation, launch Kleopatra, which is the graphical user interface (GUI) for managing GPG keys.
- You'll see an option to Create a new key pair. Click on File in the top menu and select New Certificate.
Step 3: Generate a New Key Pair
-
Select "Create a personal OpenPGP key pair".
-
Enter Your Information:
- Name: Your full name.
- Email address: Your email address (make sure this matches the one you want to associate with the key).
- Comment (optional): You can leave this blank or provide a description.
Click Next.
-
Select Key Type:
- The default RSA and RSA is fine, so just click Next.
-
Key Size:
- The default size is 2048 bits, but you should select 4096 bits for stronger security. Click Next.
-
Key Expiration:
- You can set an expiration date for your key (e.g., 1 year, 2 years) or choose 0 for no expiration. Click Next.
-
Passphrase:
- Choose a strong passphrase to protect your private key. This will be required every time you use the key.
Click Next and Create.
Step 4: Key Generation
-
Kleopatra will now generate your key pair. This can take a little time depending on your system and entropy.
-
Once the key generation is complete, you’ll see a confirmation message saying that your key has been created successfully.
Step 5: Export Your Public Key (Optional)
- To share your public key, right-click on your key in the Kleopatra window.
- Select Export and choose where to save the public key.
- You can export it as a file (
.ascformat) or directly copy it to the clipboard to share it with others.
- You can export it as a file (
Step 6: Verify Your Key
- Open Kleopatra and select My Certificates.
- You should see your newly created key listed.
Mac
Step 1: Install GPG Tools
-
Download and Install GPGTools:
- Go to the GPGTools website: https://gpgtools.org.
- Download and install GPG Suite (which includes GPG, GPGMail, and other utilities).
- Follow the installation instructions.
-
Once installed, the GPG Keychain application will be available, which is the graphical interface for managing your keys.
Step 2: Generate a New GPG Key
-
Open GPG Keychain:
- After installation, launch GPG Keychain from your Applications folder.
-
Create a New Key:
- In GPG Keychain, click on the "New Key" button (usually located in the top menu).
- A new window will appear, asking for details about your key.
-
Enter Your Key Details:
- Name: Your full name.
- Email Address: Your email address (this should be the email you want associated with the key).
- Comment (optional): You can leave this blank or add a description.
- Click Generate after entering your information.
-
Select Key Type:
- Choose RSA and RSA as the default key type and click Next.
-
Set Key Size:
- Choose 4096 bits for stronger security (recommended) and click Next.
-
Set Expiration Date:
- You can choose to set an expiration date for your key (e.g., 1 year, 2 years), or set it to never expire by selecting 0. Click Next.
-
Choose a Passphrase:
- Set a strong passphrase to protect your private key. This passphrase will be needed whenever you use the key for encryption or signing.
Step 3: Key Generation
- GPG Keychain will generate your key pair. This may take a few moments. After it’s done, your new key will appear in the Keychain window.
Step 4: Export Your Public Key (Optional)
- In GPG Keychain, right-click your key and select Export.
- Choose the ASCII armor option to export it as a text file (e.g.,
.ascformat), which you can then share with others or upload to a public key server.
Step 5: Verify Your Key
- Your key will now appear in the GPG Keychain window. You can double-click on the key to view its details or to manage its settings.