PGP Gist Guidelines

These guidelines only show the most relevant parts for this project regarding PGP usage.

Quickstart For Key Creation and Management

Consider this guideline as a starting point and not a complete guide. It should contain notes to all important operations and considerations in a summarizing form.

Generate PGP certificate key, that is used in order to certify other keys. It is used for nothing else. Use the primary identity as the name and its e-mail address: gpg --quick-generate-key 'Example Engineer <>' rsa4096 cert

List all keys: gpg --list-key

Create subkey for signing: gpg --quick-add-key [fingerprint of key] ed25519 sign Create subkey for encryption and decryption: gpg --quick-add-key [fingerprint of key] cv25519 encr

Backup ~/.gnupg to protected storage.

Consider creating a hard copy backup of the certificate key as last resort backup. Hide the certificate key. Hide the revocation certificate.

Key Publication

Export public key to console: gpg --export --armor [fingerprint of key]

Upload key to public openpgp server: gpg --export [] | curl -T - Consider commands output and verify upload. The public URL for the uploaded key can be used for public key distribution.

Sign files.

Files can be signed with the default key via gpg -ab --sign [file to sign]. Keyring managers may ask for passwords during this process.

Git Integration

Helpful Detailed Guides

  • SPDX-License-Identifier: EPL-2.0 OR MIT
  • SPDX-FileCopyrightText: Contributors To The net.splitcells.* Projects