GNOME.org

Create PGP keys

To make a new PGP key:

  1. Select File ▸ New….

  2. Select PGP Key from the list and press Continue.

  3. Enter your full name in the Full Name field.

  4. Optionally, add your email address and a comment to describe the key.

  5. Press Create.

  6. In the password dialog, enter a password for the key. Retype the password to confirm your choice.

  7. Press OK to finish.

Passwords and Keys will take some time to generate your key. While your key is being created, move your mouse around, press some keys on your keyboard, or browse the web. This will help Passwords and Keys to create a truly random key. The key will be listed under GnuPG keys.

The Full Name, Email Address and Comment details of a GnuPG key are called the user ID of the key.

Advanced PGP key options

Expand the Advanced key options panel to choose custom values for key type, key strength and key expiration date.

Key type

Depending on your needs, create keys that can be used for signing only or for both encryption and signing. The RSA and DSA-Elgamal algorithms generate equally secure keys.

Key Strength

The key strength is measured in terms of the size of the key in bits. It is difficult and more time consuming to break a strong key, but strong keys will slow down the encryption and signing process. You should choose your key strength in Passwords and Keys depending on how long you want to use the key. A small key is sufficient for short term use while a large key is more suitable for long term use.

Expiration Date

When a key expires, certain actions no longer work. In Passwords and Keys, you can either set your key to Never Expire, or select an expiration date and time for it.

It is recommended that you set an expiration date in case you lose access to the key. Even if your key expires, you can change the expiration to a later date.