Open In App

How to generate PGP keys using GnuPG on Linux?

Last Updated : 02 Jun, 2022
Like Article

Linux is a family of open-source operating systems and comes as various distributions or distros. GnuPG or GPG is free software that allows users to encrypt and sign their data and communications. It is based on PGP also called Pretty Good Privacy. It is used to generate PGP keys and can generate public and private keys. The generated PGP keys will have cryptographic features.

PGP Keys are of two types: public and private. The data is encrypted using the public keys and later for decryption, the private keys are used.

In this article, we will learn three different methods for generating keys that are:

  • –gen-key: This option helps in generating PGP keys and saves the revocation certificate in the “/root/.gnugp/” directory. 
  • –full-gen-key: This option is the user-friendly method that permits the generation of the PGP keys in batch mode and accesses the options provided in the dialogue.
  • –quick-gen-key: This option offers a quick process of generating the PGP keys and requires only userid and the rest of the settings as the default options.

Installing GPG on Linux

For this tutorial, the Ubuntu distro is used. Open the terminal by pressing CTRL+Alt+T together or normally by the applications tray and then enter the following command.

sudo apt install gnupg -y

On successful installation, the output will be as follows:


Method 1: Generating PGP keys using the –gen-key option

To generate a PGP key with the –gen-key option, enter the following command in Terminal.

sudo gpg --gen-key

Now you need to enter your details as asked such as name, email id, etc. Then press O to confirm. 


In the next step, enter a paraphrase. This will be used for encrypting the private key.


 Then confirm it again by typing the same.


Finally, you should get the following output:


The revocation certificate is saved in the /root/.gnugp/openpgp-revocs.d directory. Also the pub id, uid and sub are shown on the screen.

Method 2: Generating PGP keys using the –full-gen-key option

Enter the following command to generate –full-gen-key:

sudo gpg --full-generate-key

In the terminal, it will ask for the type of encryption. The following are the different types:

  • RSA and RSA(default): The encryption key will be public and the decryption key will be kept private. 
  • DSA and Elgamal: DSA is an algorithm based on digital signing and verification, and the Elgamal uses asymmetric encryption for communication.

Type 1 to choose the first option for this tutorial.


Then enter your details and the paraphrase and the output will be the same.


Method 3: Generate PGP keys with –quick-gen-key

Enter the following command for the –quick-gen-key. Replace the [userid] with your id.

sudo gpg --quick-gen-key [userid] 

Then press Y to continue and enter the paraphrase.


Finally, the output looks as follows:


List PGP keys with the GPG command 

Enter the following command to list the PGP keys.

gpg -k

The output is as follows:


Like Article
Suggest improvement
Share your thoughts in the comments

Similar Reads