okurka12 · July 14, 2025 17:59
diff --git a/generate-gpg-keypair.sh b/generate-gpg-keypair.sh
 #!/bin/bash
 #
 # Generate a key-pair of PGP keys using gpg
 # -----------------------------------------
 # ...a small wrapper around gpg
 # ...date of creation: April 2025
 # ...author: okurka12
 #
 #
 # How it works
 # ------------
 # 1. You enter a base name like: joey-at-gmail-com
 # 2. You proceed to the gpg --full-generate-key interactive prompt
 # 3. You then have two files:
 #    - joey-at-gmail-com-XXXXXXX-priv.asc
 #    - joey-at-gmail-com-XXXXXXX-pub.asc
 #
 #
 # Notes
 # -----
 # - Keys are NOT stored in the gpg keyring
 # - Keys are ASCII-armored
 # - Appropriate file permissions are set
 # - Works with gpg 2.2.40
 # - If you want to have the key in your gpg keyring (for example for signing
 #   git commits, do gpg --import PRIVATE_KEY_FILE)
 #
 # Source
 # ------
 # https://gist.github.com/okurka12/12c49ecac41465d745b90b51c7633554
 #

 # obtain base key name from stdin
 echo "Enter base key name."
 echo "Example:"
 echo "    my-key"
 echo "    -> my-key-XXXXXXX-pub.asc"
 echo "    -> my-key-XXXXXXX-priv.asc"
 echo -n " Key name: "
 read KEYNAME

 # make temporary directory for gpg
 TMPDIR=$(mktemp -d XXXXXXXXX-tmp-dir)
 echo "Created temporary directory $TMPDIR"

 # gpg key generation wizard (--expert for the ability to generate ECC keys)
 gpg --homedir "$TMPDIR" --full-generate-key --expert

 # check what's in the temporary keyring
 FINGERPRINT=$(
    gpg --homedir "$TMPDIR" --list-keys | head -n 4 | tail -n 1 | xargs
 )
 FINGERPRINT_SHORT=$(echo "$FINGERPRINT" | head -c 7)

 # create filenames
 PRIVKEY="$KEYNAME-$FINGERPRINT_SHORT-priv.asc"
 PUBKEY="$KEYNAME-$FINGERPRINT_SHORT-pub.asc"

 # export keys from the temporary keyring to files
 gpg --homedir "$TMPDIR" --export --armor $FINGERPRINT > "$PUBKEY"
 gpg --homedir "$TMPDIR" --export-secret-keys --armor $FINGERPRINT > "$PRIVKEY"

 # set file permissions
 chmod 600 "$PRIVKEY"
 chmod 644 "$PUBKEY"

 # output information
 echo "-------------------------------------------------------------------------"
 echo "Fingerprint is $FINGERPRINT"
 echo "Short fingerprint is $FINGERPRINT_SHORT"
 echo "Keys are stored in:"
 echo "  $PRIVKEY"
 echo "  $PUBKEY"

 # delete temporary keyring
 rm -rf "$TMPDIR"
	#!/bin/bash
	#
	# Generate a key-pair of PGP keys using gpg
	# -----------------------------------------
	# ...a small wrapper around gpg
	# ...date of creation: April 2025
	# ...author: okurka12
	#
	#
	# How it works
	# ------------
	# 1. You enter a base name like: joey-at-gmail-com
	# 2. You proceed to the gpg --full-generate-key interactive prompt
	# 3. You then have two files:
	# - joey-at-gmail-com-XXXXXXX-priv.asc
	# - joey-at-gmail-com-XXXXXXX-pub.asc
	#
	#
	# Notes
	# -----
	# - Keys are NOT stored in the gpg keyring
	# - Keys are ASCII-armored
	# - Appropriate file permissions are set
	# - Works with gpg 2.2.40
	# - If you want to have the key in your gpg keyring (for example for signing
	# git commits, do gpg --import PRIVATE_KEY_FILE)
	#
	# Source
	# ------
	# https://gist.github.com/okurka12/12c49ecac41465d745b90b51c7633554
	#

	# obtain base key name from stdin
	echo "Enter base key name."
	echo "Example:"
	echo " my-key"
	echo " -> my-key-XXXXXXX-pub.asc"
	echo " -> my-key-XXXXXXX-priv.asc"
	echo -n " Key name: "
	read KEYNAME

	# make temporary directory for gpg
	TMPDIR=$(mktemp -d XXXXXXXXX-tmp-dir)
	echo "Created temporary directory $TMPDIR"

	# gpg key generation wizard (--expert for the ability to generate ECC keys)
	gpg --homedir "$TMPDIR" --full-generate-key --expert

	# check what's in the temporary keyring
	FINGERPRINT=$(
	gpg --homedir "$TMPDIR" --list-keys \| head -n 4 \| tail -n 1 \| xargs
	)
	FINGERPRINT_SHORT=$(echo "$FINGERPRINT" \| head -c 7)

	# create filenames
	PRIVKEY="$KEYNAME-$FINGERPRINT_SHORT-priv.asc"
	PUBKEY="$KEYNAME-$FINGERPRINT_SHORT-pub.asc"

	# export keys from the temporary keyring to files
	gpg --homedir "$TMPDIR" --export --armor $FINGERPRINT > "$PUBKEY"
	gpg --homedir "$TMPDIR" --export-secret-keys --armor $FINGERPRINT > "$PRIVKEY"

	# set file permissions
	chmod 600 "$PRIVKEY"
	chmod 644 "$PUBKEY"

	# output information
	echo "-------------------------------------------------------------------------"
	echo "Fingerprint is $FINGERPRINT"
	echo "Short fingerprint is $FINGERPRINT_SHORT"
	echo "Keys are stored in:"
	echo " $PRIVKEY"
	echo " $PUBKEY"

	# delete temporary keyring
	rm -rf "$TMPDIR"