- If, for example, the email address on the key becomes invalid, an expiration date will remind others to stop using that public key. Please specify how long the key should be valid. 0 = key does not expire d = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years key is valid for?
- Full-generate-key seems to be a new synonym, added in GnuPG 2.2. The manpage for Ubuntu 18.04 mentions it, but not older manpages, which only list -full-gen-key. Note that -full-gen-key itself is a rename of the -gen-key option in GnuPG 2.1.0 (2014), so you have to use the older option name with Ubuntu 14.04.
- Originally I had a couple extra steps to use rng-tools to seed entropy from /dev/urandom. Apparently this is a bad idea because it will just feed bytes regardless of whether there's enough entropy.
It is likely that you are running out of entropy. Key generation requires a lot of very high-quality random numbers; without the activity of the user to provide high-quality randomness to the computer, the entropy pool is being exhausted by generation, and the generation process just hangs, waiting for the pool to refill. May 15, 2016 How to create new keys. For the Love of Physics - Walter Lewin - May 16, 2011 - Duration: 1:01:26. Lectures by Walter Lewin.
gen-key-script
Key-Type: 1 |
Key-Length: 2048 |
Subkey-Type: 1 |
Subkey-Length: 2048 |
Name-Real: Root Superuser |
Name-Email: [email protected] |
Expire-Date: 0 |
install.bash
# Generate the key |
gpg --batch --gen-key gen-key-script |
commented Feb 13, 2014
Here's a page that describes the options for the gen-key script: http://www.gnupg.org/documentation/manuals/gnupg-devel/Unattended-GPG-key-generation.html |
commented Feb 13, 2014
Originally I had a couple extra steps to use rng-tools to seed entropy from /dev/urandom. Apparently this is a bad idea because it will just feed bytes regardless of whether there's enough entropy. Here's where I got the original idea, and the subsequent discussion of why it's bad. For new machines, we should generate the keys on our laptops where there's much more entropy to draw from, and then transfer them to the new server, just like we're currently doing with the encrypted data bag secret. |
![Gpg Full Generate Key Invalid Option Gpg Full Generate Key Invalid Option](/uploads/1/2/6/2/126261700/266180591.png)
commented Feb 19, 2018
This is awesome, thank you. |
commented Jan 23, 2019
![Gpg key server Gpg key server](/uploads/1/2/6/2/126261700/577821408.png)
Gpg Key Server
I configured libvirt tu use /dev/urandom of the host: https://libvirt.org/formatdomain.html#elementsRng That way keys generated within the VM should be ok. |
commented Apr 9, 2019 • edited
edited
Thanks that was really helpful I got what I needed from : https://www.gnupg.org/documentation/manuals/gnupg-devel/Unattended-GPG-key-generation.html |
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
gen-key-script
Key-Type: 1 |
Key-Length: 2048 |
Subkey-Type: 1 |
Subkey-Length: 2048 |
Name-Real: Root Superuser |
Name-Email: [email protected] |
Expire-Date: 0 |
install.bash
# Generate the key |
gpg --batch --gen-key gen-key-script |
commented Feb 13, 2014
Here's a page that describes the options for the gen-key script: http://www.gnupg.org/documentation/manuals/gnupg-devel/Unattended-GPG-key-generation.html |
commented Feb 13, 2014
Originally I had a couple extra steps to use rng-tools to seed entropy from /dev/urandom. Apparently this is a bad idea because it will just feed bytes regardless of whether there's enough entropy. Here's where I got the original idea, and the subsequent discussion of why it's bad. For new machines, we should generate the keys on our laptops where there's much more entropy to draw from, and then transfer them to the new server, just like we're currently doing with the encrypted data bag secret. |
Generate Gpg Key Windows
commented Feb 19, 2018
This is awesome, thank you. |
commented Jan 23, 2019
Generate Key Code
I configured libvirt tu use /dev/urandom of the host: https://libvirt.org/formatdomain.html#elementsRng That way keys generated within the VM should be ok. |
commented Apr 9, 2019 • edited
edited
Thanks that was really helpful I got what I needed from : https://www.gnupg.org/documentation/manuals/gnupg-devel/Unattended-GPG-key-generation.html |
Gpg Full Generate Key Invalid Option Number
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment