~$ gpg --version gpg (GnuPG) 2.2.4 libgcrypt 1.8.1 Copyright (C) 2017 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
~$ sudo apt install gnupg1 Reading package lists... Done Building dependency tree Reading state information... Done ... ~$ gpg1 --version gpg (GnuPG) 1.4.22 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
~$ gpg --gen-key gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/home/runsisi/.gnupg' created gpg: keybox '/home/runsisi/.gnupg/pubring.kbx' created Note: Use "gpg --full-generate-key"for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: runsisi Email address: runsisi@hust.edu.cn You selected this USER-ID: "runsisi <runsisi@hust.edu.cn>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? o We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /home/runsisi/.gnupg/trustdb.gpg: trustdb created gpg: key B6D4491D45E0A945 marked as ultimately trusted gpg: directory '/home/runsisi/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/home/runsisi/.gnupg/openpgp-revocs.d/97A12DC8EA8FDFCE5B95ABFDB6D4491D45E0A945.rev' public and secret key created and signed.
~$ gpg --full-gen-key gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/home/runsisi/.gnupg' created gpg: keybox '/home/runsisi/.gnupg/pubring.kbx' created Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (3072) Requested keysize is 3072 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 1y Key expires at Sun 12 Apr 2020 10:27:30 AM CST Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: runsisi Email address: runsisi@hust.edu.cn Comment: https://runsisi.com/ You selected this USER-ID: "runsisi (https://runsisi.com/) <runsisi@hust.edu.cn>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /home/runsisi/.gnupg/trustdb.gpg: trustdb created gpg: key 1AA13362F3363106 marked as ultimately trusted gpg: directory '/home/runsisi/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/home/runsisi/.gnupg/openpgp-revocs.d/457B18262C79C9A84813F36D1AA13362F3363106.rev' public and secret key created and signed.
E = encrypt/decrypt (decrypt a message you received encrypted for you to read) S = sign (sign data. For example a file or to send signed e-mail) C = certify (sign another key, establishing a trust-relation) A = authentication (login to SSH with a PGP key; this is relatively new usage)
~$ gpg --edit-key A70AB032 gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg> addkey Please select what kind of key you want: (3) DSA (sign only) (4) RSA (sign only) (5) Elgamal (encrypt only) (6) RSA (encrypt only) Your selection? 3 DSA keys may be between 1024 and 3072 bits long. What keysize do you want? (2048) Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 2y Key expires at Mon 12 Apr 2021 12:56:10 PM CST Is this correct? (y/N) y Really create? (y/N) y We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: WARNING: some OpenPGP programs can't handle a DSA key with this digest size sec rsa3072/D3BBC728 created: 2019-04-13 expires: 2021-04-12 usage: SC trust: ultimate validity: ultimate ssb rsa3072/A70AB032 created: 2019-04-13 expires: 2021-04-12 usage: E ssb dsa2048/F8B6E5FE created: 2019-04-13 expires: 2021-04-12 usage: S [ultimate] (1). runsisi <runsisi@hust.edu.cn> gpg> list sec rsa3072/D3BBC728 created: 2019-04-13 expires: 2021-04-12 usage: SC trust: ultimate validity: ultimate ssb rsa3072/A70AB032 created: 2019-04-13 expires: 2021-04-12 usage: E ssb dsa2048/F8B6E5FE created: 2019-04-13 expires: 2021-04-12 usage: S [ultimate] (1). runsisi <runsisi@hust.edu.cn> gpg> save ~$ gpg -k /home/runsisi/.gnupg/pubring.kbx -------------------------------- pub rsa3072/D3BBC728 2019-04-13 [SC] [expires: 2021-04-12] E1D30EAD59D37D2A35997E9897DB5E40D3BBC728 uid [ultimate] runsisi <runsisi@hust.edu.cn> sub rsa3072/A70AB032 2019-04-13 [E] [expires: 2021-04-12] sub dsa2048/F8B6E5FE 2019-04-13 [S] [expires: 2021-04-12]
~$ gpg --edit-key runsisi@hust.edu.cn gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y sec rsa3072/574A4861 created: 2019-04-13 expires: 2021-04-12 usage: SC trust: ultimate validity: unknown ssb rsa3072/94D17A29 created: 2019-04-13 expires: 2021-04-12 usage: E ssb dsa2048/E413E62F created: 2019-04-13 expires: 2020-04-12 usage: S [ unknown] (1). runsisi <runsisi@hust.edu.cn> Please note that the shown key validity is not necessarily correct unless you restart the program. gpg> q ~$ gpg -k gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2021-04-12 /home/runsisi/.gnupg/pubring.kbx -------------------------------- pub rsa3072/574A4861 2019-04-13 [SC] [expires: 2021-04-12] C8EB6E7EEBA2286C0443FA1B03C6395A574A4861 uid [ultimate] runsisi <runsisi@hust.edu.cn> sub rsa3072/94D17A29 2019-04-13 [E] [expires: 2021-04-12] sub dsa2048/E413E62F 2019-04-13 [S] [expires: 2020-04-12]
~$ gpg --edit-key 94D17A29 gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y sec rsa3072/574A4861 created: 2019-04-13 expires: 2021-04-12 usage: SC trust: ultimate validity: unknown ssb rsa3072/94D17A29 created: 2019-04-13 expires: 2021-04-12 usage: E ssb dsa2048/E413E62F created: 2019-04-13 expires: 2020-04-12 usage: S [ unknown] (1). runsisi <runsisi@hust.edu.cn> Please note that the shown key validity is not necessarily correct unless you restart the program. gpg> q ~$ gpg -k gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2021-04-12 /home/runsisi/.gnupg/pubring.kbx -------------------------------- pub rsa3072/574A4861 2019-04-13 [SC] [expires: 2021-04-12] C8EB6E7EEBA2286C0443FA1B03C6395A574A4861 uid [ultimate] runsisi <runsisi@hust.edu.cn> sub rsa3072/94D17A29 2019-04-13 [E] [expires: 2021-04-12] sub dsa2048/E413E62F 2019-04-13 [S] [expires: 2020-04-12]
~$ gpg --edit-key 94D17A29 gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg> expire Changing expiration time for a subkey. Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 1y Key expires at Sun 12 Apr 2020 02:43:09 PM CST Is this correct? (y/N) y
~$ gpg --edit-key 8D77F675 gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y sec rsa3072/68CCC50DC7E8A950 created: 2019-04-13 expires: 2021-04-12 usage: SC trust: ultimate validity: ultimate ssb rsa3072/6FE04FBED2E0CB2D created: 2019-04-13 expires: 2021-04-12 usage: E ssb rsa3072/DA3BFDCF8D77F675 created: 2019-04-13 expires: 2020-04-12 usage: S [ultimate] (1) runsisi (https://runsisi.com/) <runsisi@hust.edu.cn> [ unknown] (2)* luo.runbing (https://example.com/) <luo.runbing@example.com> gpg> q Save changes? (y/N) y ~$ gpg -k gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2021-04-12 /home/runsisi/.gnupg/pubring.kbx -------------------------------- pub rsa3072 2019-04-13 [SC] [expires: 2021-04-12] 6DF6CFC20424F5CA2BC540E768CCC50DC7E8A950 uid [ultimate] luo.runbing (https://example.com/) <luo.runbing@example.com> uid [ultimate] runsisi (https://runsisi.com/) <runsisi@hust.edu.cn> sub rsa3072 2019-04-13 [E] [expires: 2021-04-12] sub rsa3072 2019-04-13 [S] [expires: 2020-04-12]