diff options
| author | apiraino <apiraino@users.noreply.github.com> | 2021-08-22 21:21:50 +0200 |
|---|---|---|
| committer | apiraino <apiraino@users.noreply.github.com> | 2021-08-22 21:31:17 +0200 |
| commit | 5182d5e3d86cdcb338a7e96c97a2bf99436ddabc (patch) | |
| tree | ae496f8dffe9e549472a78227e9fe34f184b6883 /contrib | |
| parent | Stage alternatives section and cleanup grammar (diff) | |
| download | YubiKey-Guide-5182d5e3d86cdcb338a7e96c97a2bf99436ddabc.tar.gz | |
Rewrite keys generation tutorial
The master key is now created with `--batch` and a configuration script.
The subkeys are created with the quick key manipulation
interface (`--quick-add-key`).
Also provided two configuration scripts as templates for a RSA4096 or a
ED25519 master key.
Signed-off-by: apiraino <apiraino@users.noreply.github.com>
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/gen-params-ed25519 | 32 | ||||
| -rw-r--r-- | contrib/gen-params-rsa4096 | 29 |
2 files changed, 61 insertions, 0 deletions
diff --git a/contrib/gen-params-ed25519 b/contrib/gen-params-ed25519 new file mode 100644 index 0000000..21958c8 --- /dev/null +++ b/contrib/gen-params-ed25519 @@ -0,0 +1,32 @@ +# GnuPG v2.1.7 or newer + +%echo Generating a OpenPGP key + +# uncomment the following line to remove asking for a passphrase +#%no-protection + +Key-Type: eddsa +Key-Curve: Ed25519 +# Key generated is a master key ("certificate") +Key-Usage: cert + +# Parameters to generate a subkey +# Subkey-Type: ecdh +# Subkey-Curve: Curve25519 + +# Choose one of following options +# Subkey-Usage: sign +# Subkey-Usage: auth +# Subkey-Usage: encrypt + +# select a name and email address - neither has to be valid nor existing +Name-Real: Dr Duh +Name-Email: <doc@duh.to> + +# Do not set the key to expire +Expire-Date: 0 + +# Do a commit here, so that we can later print "done" :-) +%commit + +%echo done diff --git a/contrib/gen-params-rsa4096 b/contrib/gen-params-rsa4096 new file mode 100644 index 0000000..856b62a --- /dev/null +++ b/contrib/gen-params-rsa4096 @@ -0,0 +1,29 @@ +%echo Generating a OpenPGP key + +# uncomment the following line to remove asking for a passphrase +#%no-protection + +Key-Type: RSA +Key-Length: 4096 +# Key generated is a master key ("certificate") +Key-Usage: cert + +# Parameters to generate a subkey +# Subkey-Type: ELG-E +# Subkey-Length: 4096 +# Choose one of following options +# Subkey-Usage: encrypt +# Subkey-Usage: sign +# Subkey-Usage: auth + +# select a name and email address - neither has to be valid nor existing +Name-Real: Dr Duh +Name-Email: <doc@duh.to> + +# Do not set the key to expire +Expire-Date: 0 + +# Do a commit here, so that we can later print "done" :-) +%commit + +%echo done |