--- sidebar_position: 3 --- # Generate GPG Key ### 🔐 How to Generate a GPG Key on Snigdha OS GPG (GNU Privacy Guard) is a tool for secure communication and data encryption. It allows you to create and manage public and private keys, encrypt files, and sign documents. Here’s how you can generate a GPG key on Snigdha OS, step by step, with examples. --- ### 🛠️ Step 1: Install GPG Most Snigdha OS installations come with GPG pre-installed. If it’s not installed, use the following command to install it: ```bash sudo pacman -S gnupg ``` To verify the installation, check the version: ```bash gpg --version ``` --- ### 🛠️ Step 2: Create a New GPG Key Pair 1. **Start the key generation process**: Run the following command: ```bash gpg --full-generate-key ``` 2. **Select the key type**: You’ll see a prompt to choose the type of key. Options typically include: - **(1) RSA and RSA (default)** - (2) DSA and Elgamal - (3) DSA (sign only) - (4) RSA (sign only) Press `1` and hit Enter to select the default **RSA and RSA** type. 3. **Set the key length**: You’ll be prompted to specify the key size. A common recommendation is **4096 bits** for strong encryption. Type `4096` and press Enter. 4. **Set the expiration date**: You can define how long the key should be valid. Options include: - `0` for no expiration - Specify a duration, e.g., `1y` for one year, `2y` for two years, or `1m` for one month. For this example, type `0` (no expiration) and press Enter. When prompted, confirm your choice. 5. **Enter your details**: You’ll be asked for: - **Your real name**: Enter your full name. - **Your email address**: Enter a valid email address. - **A comment (optional)**: Add a description or leave it blank. Example: ``` Real name: John Doe Email address: johndoe@example.com Comment: Snigdha OS User ``` Review the details and confirm by typing `O` (for OK). 6. **Set a passphrase**: Choose a strong passphrase to protect your private key. This passphrase will be required whenever you use your private key for encryption or signing. --- ### 🛠️ Step 3: Verify the Generated Key Once the key is generated, you can list your keys with: ```bash gpg --list-keys ``` Output: ``` /home/username/.gnupg/pubring.kbx --------------------------------- pub rsa4096 2023-12-05 [SC] [expires: 2025-12-05] ABCD1234EFGH5678IJKL9012MNOP3456QRST7890 uid [ultimate] John Doe sub rsa4096 2023-12-05 [E] [expires: 2025-12-05] ``` - **pub**: Your primary key (for signing and certification). - **sub**: Subkey (for encryption). - **[SC]**: Key capabilities: Sign and Certify. - **[E]**: Encryption. --- ### 🛠️ Step 4: Export Your Public Key To share your public key with others, export it: ```bash gpg --armor --export johndoe@example.com > public_key.asc ``` This creates a file `public_key.asc` with your public key in ASCII format. To display the key in the terminal: ```bash gpg --armor --export johndoe@example.com ``` --- ### 🛠️ Step 5: Test Encryption and Decryption 1. **Encrypt a file**: Create a sample file to encrypt: ```bash echo "Hello, this is a test message!" > message.txt ``` Encrypt the file with your public key: ```bash gpg --output message.txt.gpg --encrypt --recipient johndoe@example.com message.txt ``` This generates an encrypted file `message.txt.gpg`. 2. **Decrypt the file**: Decrypt the file using your private key: ```bash gpg --output decrypted_message.txt --decrypt message.txt.gpg ``` Enter your passphrase when prompted. The decrypted content will be saved in `decrypted_message.txt`. --- ### 🛠️ Step 6: Back Up Your Keys Always back up your keys to prevent losing access: 1. **Export your private key**: ```bash gpg --armor --export-secret-keys johndoe@example.com > private_key.asc ``` 2. **Export your public key**: ```bash gpg --armor --export johndoe@example.com > public_key.asc ``` 3. Store these files (`private_key.asc` and `public_key.asc`) in a safe place. --- ### 🚀 Final Tips - Keep your private key secure. Never share it. - Regularly update your passphrase for added security. - Use tools like **gpg-agent** for easier key management. That’s it! You now have a functional GPG key pair set up on Snigdha OS. 🎉