[root@467df7734c05 tmp]# gpg2 --version
gpg (GnuPG) 2.3.4
libgcrypt 1.9.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /root/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
CAMELLIA192, CAMELLIA256
AEAD: EAX, OCB
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2To create a key pair with only [C] symbol
[root@467df7734c05 tmp]# gpg2 --expert --full-gen-key
gpg (GnuPG) 2.3.4; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
(9) ECC (sign and encrypt) *default*
(10) ECC (sign only)
(11) ECC (set your own capabilities)
(13) Existing key
(14) Existing key from card
Your selection? 11
Possible actions for this ECC key: Sign Certify Authenticate
Current allowed actions: Sign Certify
(S) Toggle the sign capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? S
Possible actions for this ECC key: Sign Certify Authenticate
Current allowed actions: Certify
(S) Toggle the sign capability
(A) Toggle the authenticate capability
(Q) Finished
Your selection? Q
Please select which elliptic curve you want:
(1) Curve 25519 *default*
(2) Curve 448
(3) NIST P-256
(4) NIST P-384
(5) NIST P-521
(6) Brainpool P-256
(7) Brainpool P-384
(8) Brainpool P-512
(9) secp256k1
Your selection? 1
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: test1
Email address:
Comment:
You selected this USER-ID:
"test1"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB.rev'
public and secret key created and signed.
pub ed25519 2022-03-21 [C]
53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB
uid test1
[root@467df7734c05 tmp]# gpg2 -K
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
/root/.gnupg/pubring.kbx
------------------------
sec ed25519 2022-03-21 [C]
53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB
uid [ultimate] test1
[root@467df7734c05 tmp]# gpg2 -k
/root/.gnupg/pubring.kbx
------------------------
pub ed25519 2022-03-21 [C]
53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB
uid [ultimate] test1To add a ed448 subkey and check trustdb
[root@467df7734c05 tmp]# gpg2 --quick-add-key 53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB ed448 sign 1y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
[root@467df7734c05 tmp]# gpg2 --check-trustdb
gpg: public key of ultimately trusted key A55ECDF371672EAB not found
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
[root@467df7734c05 tmp]# gpg2 --update-trustdb
gpg: public key of ultimately trusted key A55ECDF371672EAB not found
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
[root@467df7734c05 tmp]# gpg2 -K
/root/.gnupg/pubring.kbx
------------------------
sec ed25519 2022-03-21 [C]
53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB
uid [ unknown] test1
ssb ed448 2022-03-21 [S] [expires: 2023-03-21]
5675A69AC9DC087ADB8247CB22DB770BA09E0B3853A85A4A43293103D5CD80F2
[root@467df7734c05 tmp]# gpg2 -k
/root/.gnupg/pubring.kbx
------------------------
pub ed25519 2022-03-21 [C]
53FE7E1C502C0810FDD0E5E4A55ECDF371672EAB
uid [ unknown] test1
sub ed448 2022-03-21 [S] [expires: 2023-03-21]
5675A69AC9DC087ADB8247CB22DB770BA09E0B3853A85A4A43293103D5CD80F2The uid was changed from [ultimate] to [ unknown] .