How do I make a PGP key? I'd like to have it for signing PPA uploads and such.
Asked
Active
Viewed 7.6k times
3 Answers
80
Generating a PGP Key
Here is a GUI way to generate a new PGP key.
Open the Passwords and Keys (Seahorse) application
This screen will appear.
Either go to
File→Newin the global menu or hit Ctrl + NIn the Create New ... window select PGP Key and hit Continue
Enter your full name and your email address, the comment is optional
Enter a strong password which you'll remember
Wait for the Generating key dialog to finish (this may take a while)
You're done!
You can find your key in the Passwords and Keys application's My Personal Keys tab.
Uploading your key to Launchpad
Uploading your key to Launchpad is just a few clicks.
Go to Launchpad.net and log in
On your profile page click on the yellow edit button (a round button with a grey pencil icon) next to OpenPGP keys
Note: The URL to that page looks like this
https://launchpad.net/~yourusername
Open the application Passwords and Keys (Seahorse)
Navigate to the My Personal Keys tab
Select your key and go to
Remote→Sync and Publish Keysin the global menuHit Sync
Note: The Sync button may be grayed out if no sync server is selected. In that case:
Hit the Key Servers button
Select the
hkp://keyserver.ubuntu.com:XXXXXkey server from the Publish keys to list and hit close
Double click your PGP Key from the list on the My Personal Keys tab
In the key window that just appeared navigate to the Details tab, select the Fingerprint with your mouse and hit Ctrl + C
Paste the just copied fingerprint into the Fingerprint text field on the Change your OpenPGP keys page on Launchpad and hit Import Key
You're done!
Stefano Palazzo
- 86,783
Octavian Helm
- 14,355
51
Creating your OpenPGP keys with gpg
Step 1: Open a terminal and type:
gpg --gen-key
Step 2: GPG will now ask you a number of questions about the type of key you want to generate. follow the steps below to select the default option each time.
Step 3: Check that your key has been generated by typing gpg --list-keys and, if successful.
pub 1024D/12345678 -> this is the important number
Step 4: Launchpad doesn't store your key directly, so you need to export your public key to a key server, such as keyserver.ubuntu.com:
gpg --keyserver keyserver.ubuntu.com --send-keys 12345678
Replace 12345678 with the pub id you noted in step 3.
If successful, GPG will display a message similar to:
gpg: sending key 12345678 to hkp server keyserver.ubuntu.com
Importing your key into Launchpad with gpg
Step 1: Launchpad identifies your OpenPGP key by its fingerprint. In your terminal, you can ask GPG for your key's fingerprint by typing:
gpg --fingerprint
GPG will display a message similar to:
Key fingerprint = `0464 39CD 2486 190A 2C5A 0739 0E68 04DC 16E7 CB72`
copy only the numeric fingerprint: 0464 39CD 2486 190A 2C5A 0739 0E68 04DC 16E7 CB72.
Step 2: Visit your OpenPGP
Step 3: Paste the fingerprint that you copied in step 1 into the Fingerprint text-box, then click the Import Key button. Launchpad will use the fingerprint to check the Ubuntu key server for your key and, if successful, send you an encrypted email asking you to confirm the key import.
Note : this is a brief ... from launchpad process..... both process take a while so just take your time...
Tom Brossman
- 13,111
hhlp
- 42,002
-
3Step 1 may take a while if you do not have a hardware random number generator. Do not use methods which promise to speed this up because it makes your keys weaker. – Lekensteyn Nov 08 '11 at 18:06
-
1If the gpg command fails to send the key to the keyserver, try pasting the result of "gpg --export -a IMPORTANT_NUMBER" to http://keyserver.ubuntu.com/. – igordcard Mar 26 '14 at 18:27
-
Prefix the first command with
sudoif you do not work as root. Otherwisegpgwill not be able to store the key, and therefore key creation will fail. – BurninLeo Apr 21 '16 at 06:31 -
-
It may take
keyserver.ubuntu.com10 minutes to update. To verify, you can go to http://keyserver.ubuntu.com and search by the name or email that was used to generate the key. – wisbucky Aug 01 '17 at 21:52 -
In my case the gpg send-key command failed. I had to specify the protocol and port, such as hkp://keyserver.ubuntu.com:80 – eidelen Sep 04 '19 at 07:59
1
On some systems such as lubuntu where the password and keys (seahorse) app is not available, a good and simple way to make PGP key is using gpa (GNU privacy assistant). It is a graphical frontend for gpg. This method also apply to others ubuntu derivatives.
- install gpa
sudo apt install gpg gpa
2.launch gpa from your applications menu
3.Hit the Keys menu then select New Key . you are presented with a new window
4.Type in your full Name, click forward, then type in your geniune email address.press forward. Now select the option to do a backup later.
enter a passphrase (could be a word or phrase) to protect your PGP key
Now you have successfully created a pgp key. It is actually a pair, consisting of both your private key and public key
To use PGP in ur correspondence, for example for exchanging email securely you need to give the other party your public key. So lets first export your public key then you can send it to them. To export, open gpa and select your key. Now hit Keys menu followed by export keys. Give your public key a name and save it
tip: to ensure you exported the public key, open it with a text editor and check if there is a starting line
`-----BEGIN PGP PUBLIC KEY BLOCK-----`
ptetteh227
- 1,904
For example: sudo apt install openpgpgui or do I need to add a new repository?
– Alex WLBI Jun 04 '16 at 08:43