Skapa huvudnyckeln

Skapa huvudnyckeln på din säkra dator

bastion:~frpet1$ gpg --gen-key 
gpg (GnuPG/MacGPG2) 2.0.17; Copyright (C) 2011 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Välj mellan (3) DSA eller (4) RSA. I det här exemplet valde jag RSA, för att hålla i sär den från subnycklarna som vi kommer skapa sen.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 4

Välj största möjliga nyckel eftersom den kommer användas ett långt tag framöver.

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits

Välj att huvudnyckeln aldrig går ut eller har en väldigt lång giltighetstid, eftersom den bara kommer finnas på din säkra maskin och för att det är den som nyckeln som kommer bära alla signaturer när man signerar varandras nycklar.

Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 0 
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Fredrik Pettai
Email address:
Comment: exempel                    
You selected this USER-ID:
    "Fredrik Pettai (exempel) <>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.    

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key A600AF4A marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   6  signed:  33  trust: 0-, 0q, 0n, 0m, 0f, 6u
gpg: depth: 1  valid:  33  signed:  16  trust: 33-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2013-01-15
pub   4096R/A600AF4A 2012-06-04
      Key fingerprint = 2F4C A9A7 1003 101E 3E3E  8295 E091 0D5E A600 AF4A
uid                  Fredrik Pettai (exempel) <>

Note that this key cannot be used for encryption.  You may want to use
the command "--edit-key" to generate a subkey for this purpose.