GENERATING YOUR PGP-KEYS WITH GNUPG

In order to use GPG, you need to generate your PGP-keys first. In order to do that, type the following command:

 gpg --full-generate-key OR gpg --full-gen-key

THEN; simply follow the instructions the programme gives you and act accordingly to generate your Key. Let me help you with that :-)
  1. KEY TYPE:

    2. My recommendation is to choose between "RSA and RSA" or "ECC (sign and encrypt)". The former is an older standard but has a rich ecosystem [Usually used in Version-Control like in case of Github, Gitlab, Codeberg etc...]
    But the later is the newest standard which allows for smaller key-sizes with equivalent or stronger security & faster encryption speed, which is useful in environments with limited computational resources [Like mobile devices or IoT-systems or weak computers].

    My personal recommendation is to use "ECC (Sign and Encrypt)" in most cases & use "RSA and RSA" in Codeberg, Github etc...

  2. KEY SIZE/ALGORITHM-TYPE:

    3. Now if you chose "RSA and RSA" then you will be given a choice to determine the size of the key between 1024 and 4096 bits [3072 bits is the DEFAULT size]. Obviously. the longer the size the more difficult it is for the KEY to be cracked, although the encrypting & the decrypting speed may take a hit.

    BUT if you chose the ECC (Sign and Encrypt), which is the DEFAULT Key-Type. You will be given the choice between these 3 Eliptical-Curve Algorithms which are:- **

    • Curve 25519 [Curve-25519 is the DEFAULT algorithm]
    • NIST P-384
    • Brainpool P-256
    My recommendation is to stick to the Default, which is "Curve 25519".

  3. EXPIRY DATE:

    4. Now GPG will ask you to set an expiry date. To set an expiry date you will have to follow the format that GPG shows you.

    Let's say you want your key to last for 1 year, well then simply type 1y or let's say for 6 months, for that just type 6m. These are just examples, play around with it & set your desired expiry-date. You can also type 0 to ensure your Key never expires.

  4. USER I.D:

    5. Now to set your User-ID. Now please remember that you DO NOT HAVE TO use your real name or credentials while creating your User-ID. You will have to fill up 3 prompts respectively:-

    • Real Name
    • Comment
    • Email
    Take this fictional PGP-Key as an example ↴

    MyAwesomeKey (personal) <coolperson@proton.me>


    Here; "MyAwesomeKey" is the Real Name, "personal" within parenthesis is the Comment & finally "coolperson@proton.me" within the angle-brackets is the Email. You DEFINITELY NEED an Email in order to use GPG. The Comment is completely optional.

  5. PASSPHRASE:

    6. Now You might want to create a password to protect you GPG-Key. Now this step is also optional, but I recommend you create it for that extra layer of protection juuuuuuuust in case someone gets a hold of your GPG-Keys [Especially the PRIVATE-KEY] or your computer. But hey if you don't want to then that's fine.

After doing all of this, GPG will now start the Key-Generation process. It is HIGHLY RECOMMENDED that you randomly type gibberish and or move the mouse or open a bunch of files & folders or run other programmes to introduce a bit of randomness in the Key-Generation Process, let's say that it is good for your security.