Skip to content

Instantly share code, notes, and snippets.

@TrevCan
Created October 5, 2021 00:25
Show Gist options
  • Save TrevCan/8a6075e9a7eb8bbdf75622e977400150 to your computer and use it in GitHub Desktop.
Save TrevCan/8a6075e9a7eb8bbdf75622e977400150 to your computer and use it in GitHub Desktop.
GPG keypair generation with ed25519/cv25519
(
echo "" && \
read -r -s -p 'Passphrase to set for private key: ' PASSPHRASE && \
echo "" && \
read -r -s -p 'Please, repeat the passphrase: ' PASSPHRASE_REPEAT && \
[ "${PASSPHRASE}" != "${PASSPHRASE_REPEAT}" ] && \
echo -e "\nPassphrases don't match! Aborting...\n" || (
echo -e "\n" && \
read -r -p 'Name and e-mail (e.g. "Max Mustermann <[email protected]>"): ' CONTACT && \
echo "" && \
read -r -p 'How many years do you want the subkeys to be valid?
You can always extend the validity or create new subkeys later on! ' YEARS && \
MY_GPG_HOMEDIR="$( umask 0077 && mktemp -d )" && \
echo "${PASSPHRASE}" | gpg --homedir "${MY_GPG_HOMEDIR}" --batch --pinentry-mode loopback --quiet --passphrase-fd 0 \
--quick-generate-key "${CONTACT}" ed25519 cert 0 && \
FINGERPRINT=$(gpg --homedir "${MY_GPG_HOMEDIR}" --list-options show-only-fpr-mbox --list-secret-keys 2>/dev/null | awk '{print $1}') && \
echo "${PASSPHRASE}" | gpg --homedir "${MY_GPG_HOMEDIR}" --batch --pinentry-mode loopback --quiet --passphrase-fd 0 \
--quick-add-key "${FINGERPRINT}" ed25519 sign "${YEARS}y" && \
echo "${PASSPHRASE}" | gpg --homedir "${MY_GPG_HOMEDIR}" --batch --pinentry-mode loopback --quiet --passphrase-fd 0 \
--quick-add-key "${FINGERPRINT}" cv25519 encrypt "${YEARS}y" && \
echo "${PASSPHRASE}" | gpg --homedir "${MY_GPG_HOMEDIR}" --batch --pinentry-mode loopback --quiet --passphrase-fd 0 \
--quick-add-key "${FINGERPRINT}" ed25519 auth "${YEARS}y" && \
echo -e '\nSuccess! You can find the GnuPG homedir containing your keypair at \e[0;1;97;104m'"${MY_GPG_HOMEDIR}"'\e[0m\nPlease, copy that directory somewhere safe!\n'
)
)
@duxsco
Copy link

duxsco commented Oct 5, 2021

I updated my documentation and added algorithms that are not compliant with the smartcard. Now, I delete the gist, you forked from.
https://github.com/duxco/gpg-smartcard#create-a-gnupg-keypair

@TrevCan
Copy link
Author

TrevCan commented Oct 5, 2021

ok, thx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment