Sunday, January 13, 2008

Using GPG to generate a KEY to Sign a Release

Initially I had a hard time figuring out how to use GnuPG to create a public/private key pair to sign releases. I fortunately had a friend at office who has done that before, who helped me out in getting it done. Thanks Asankha @ WSO2. To save another person's valuable time, I thought of blogging the procedure. Please replace text inside square brackets with your own data, if required, whilst others will be generated for you. I have used RSA as the signing/encrypting algorithm.

STEP 1: Create a Public Key

gpg --gen-key

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 5
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2y
Key expires at [TIME]
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Real name: [NAME]
Email address: [E-MAIL]
Comment: [COMMENT]
You selected this USER-ID:
[ID]

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.


STEP 2: Create a SubKey

gpg --edit-key [ID] addkey

Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 2y
Key expires at [TIME]
Is this correct? (y/N) y
Really create? (y/N) y

2 comments:

Anonymous said...

Thanks for sharing the useful information...

Senaka said...

You are welcome