-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 01/12/2015 02:55 AM, Rich Freeman wrote: > On Sun, Jan 11, 2015 at 8:34 PM, Brian Dolbec <dol...@gentoo.org> > wrote: >> But for the rest, yes, you don't need gkeys to create your key, >> It is just most people seem to know little about using gpg, so >> creating the template where you just filled out name, email, >> password, makes it easy. > > Makes sense. I can always create a new account, create a key, > export/import, and delete the account. That will avoid messing > with config files and such. > >> >> From the above, it looks like you also need to create a signing >> subkey with a preferred 1 yr. expiry. But it can be 5 years max. >> too. You may also want to add an encryption subkey for encrypted >> email and such. > > From docs I was reading it sounds like a signing and encryption > subkey are created by default (two keys total). Is there any > difference between a "main key" and a subkey? I have to admit that > I haven't kept up with gpg features over the years.
By default GnuPG only create a primary key with SC flags (sign & certification) and an encryption subkey. In this case you'll want to add a signing subkey using the "addkey" command of --edit-key to make a compliant key. - -- Kristian Fiskerstrand Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUtAvMAAoJEPw7F94F4TagBsEQALMRpYPlAsVm/J/3cqA57BYH +mcCFA9sNVd8zwGp2fAybGl7Umj0oCTU/c5R/YICPtmuzu8hxYjhvPpKc1gF3UBb QzjCeqMEHNXz1hEsfbmQyqw10Jc9xxiJZmUVESB8tC1l/OTmDOHjgfU5APWzAIg/ 4scM91Y1lbtKoeJsTpfW0Tv9ROC75PuWudHhEx/3RKJvygACeWGbeLZX9tmdKZbz Zc+Iv3je0XCabC4G0vviuAddpeyNMj0ck5d9lrPLM+MxdJDSkeAT0/+aMBhiQOqt jZImJ4eZq48sEdh0wUqt7EeLuKL6w5rO9N8DTHPCfDhJ9mhFmxPgozVkRmzhTrTX Twac69fSklDzEcQZHr/kPynYdp1ZTN97MxcLxNMXNhWTIG51sFfNK4is+kdmBVUk 9wAuMQbWdeeC7oFy60h8sIak7yNeh7L34C7XrYIN7urT9W9zw0tQttRmPbY82yBU K/w8OvdpcwkYNGoAkFfpCL1aqJjwfrWqyWglNGgbaWgw5hkKQ5f+Ljvou9sdfiVc 1e4Vu5Tiblz1Ucs5JZRoioXwsW9EAxUYg7wAxnjHyEgE4opFpvVwgq4beWMzgbG9 1f2YVxrrakLfpuJ5WneDZJBToaDeVDpMInERiF9xlJDb8vvZeUtKzEElAOF0Ptg4 6b9fY0tzc1eAd4uuYPj2 =v+RL -----END PGP SIGNATURE-----
