With GnuPG 2.1.15
If you want to create an RSA or DSA key in a straight forward way use:
gpg --full-gen-key
If you want to use an ECC algorithm, you need to add the --expert flag
gpg --expert --full-gen-key
It will ask you for a couple of details about the algorithms you want to use
Please select what kind of key you want:
(1) RSA and RSA (default)
[...]
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
[...]
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
And then for a name and email If you need this key for GitHub, make sure to use the same email you use for GitHub
Real name: Mario Rossi
Email address: [email protected]
Comment: Signing key for git
Find the ID of your newly generated key with
gpg --list-secret-keys --keyid-format LONG
------------------------------
sec rsa2048/[HEX STRING KEY ID] YYYY-MM-DD [SC]
uid [ultimate] Mario Rossi (Signing key for git) <[email protected]>
git config user.signingkey [HEX STRING KEY ID]
git config commit.gpgsign true
You may want to make these settings global rather than local to a repository with --global
git config user.signingkey [HEX STRING KEY ID]
git config commit.gpgsign true