-
-
Save creichert/44060f9fd82607dc5f019e2b558edca0 to your computer and use it in GitHub Desktop.
Creating the perfect GPG keypair
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Original: https://alexcabal.com/creating-the-perfect-gpg-keypair/ | |
KEY=xyz | |
DATE=$(date +"%Y%m%d") | |
SCRIPT_BASEDIR=$(dirname "$0") | |
cd "${SCRIPT_BASEDIR}" | |
echo "This script is not for use in automation"; echo "Use it step by step"; exit 1 | |
# Generate | |
gpg --gen-key | |
# (1) RSA and RSA (default) | |
# 0 = key does not expire | |
# Strengthening Hash Preferences | |
gpg --edit-key $KEY | |
# setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed | |
# save | |
# Add subkey | |
gpg --edit-key $KEY | |
# addkey | |
# (4) RSA (sign only) | |
# 0 = key does not expire | |
# save | |
# Export Public Key | |
gpg -a -o ${KEY}_${DATE}.public.asc --export $KEY | |
# Export Private Key | |
gpg -a -o ${KEY}_${DATE}.private.asc --export-secret-keys $KEY | |
# Creating Revocation Certificate | |
gpg -a -o ${KEY}_${DATE}.revoccert.asc --gen-revoke $KEY | |
# Integrity check | |
shasum -a 256 -b ${KEY}_${DATE}.public.asc ${KEY}_${DATE}.private.asc ${KEY}_${DATE}.revoccert.asc > ${KEY}_${DATE}.sha256sum | |
# Transforming your Master Key Pair into your laptop | |
# Import all keys into your laptop | |
# Export all of the subkeys | |
gpg -a -o ${KEY}_${DATE}.subkeys.asc --export-secret-subkeys $KEY | |
# Delete the original signing subkey | |
gpg --delete-secret-key $KEY | |
# Import only the subkeys | |
gpg --import ${KEY}_${DATE}.subkeys.asc | |
rm ${KEY}_${DATE}.subkeys.asc | |
# Symetric | |
#gpg --no-tty --batch --passphrase supersecret --cipher-algo AES256 -c file.txt | |
#gpg --no-tty --batch --passphrase supersecret -d -o file.txt file.txt.gpg |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment