Ubuntu 16.04: Create GPG key

This article will describe creating GPG key.

1 Update random value with rng-tools

When creating GPG key, the following message will be output and console will be hung.

Not enough random bytes available. Please do some other work to give

Update random value with rng-tools.

$ sudo apt install -y rng-tools
$ sudo rngd -r /dev/urandom

2 Create GPG key with interactive mode

Create GPG key with gpg –gen-key.

$ gpg --gen-key

Secret key is created at ${HOME}/.gnupg/secring.gpg and public key is created at ${HOME}/.gnupg/pubring.gpg.

gpg: keyring `/home/hiroom2/.gnupg/secring.gpg' created
gpg: keyring `/home/hiroom2/.gnupg/pubring.gpg' created

Use default "(1) RSA and RSA".

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection?

Use default "2048".

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

Use default "key does not expire". Prss y key.

Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

Input name, e-mail and comment. You must input name.

You need a user ID to identify your key; the software constructs the
user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: hiroom2
Email address: hiroom2@example.com
Comment: hiroom2 gpg key

Press O key.

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

Input password. An empty password is allowed.

Enter passphrase:
Repeat passphrase:

GPG key is created.

generator a better chance to gain enough entropy.
gpg: /home/hiroom2/.gnupg/trustdb.gpg: trustdb created
gpg: key 65F355D9 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   2048R/65F355D9 2016-08-14
      Key fingerprint = 95CF BBE0 C638 93EB 7E77  C427 A093 6A22 65F3
uid                  hiroom2 (hiroom2 gpg key) <hiroom2@example.com>
sub   2048R/FEC8326F 2016-08-14

3 Create GPG key with batch mode

Create configuration file for gpg command.

$ cat <<EOF > gpg.txt
%pubring ${HOME}/.gnupg/pubring.gpg
%secring ${HOME}/.gnupg/secring.gpg
Key-Type: RSA
Subkey-Type: RSA
Key-Length: 2048
Subkey-Length: 2048
Expire-Date: 0
Name-Real: hiroom2
Name-Email: hiroom2@example.com
Name-Comment: hiroom2 gpg key
Passphrase: mypassphrase

Create GPG key with gpg –gen-key –batch.

$ gpg --gen-key --batch gpg.txt