Pre-requisite

Generating Keys

    1. Run the following command:
      gpg --full-gen-key
    2. Type 1 and press enter for the following question:
      Please select what kind of key you want:
         (1) RSA and RSA (default)
         (2) DSA and Elgamal
         (3) DSA (sign only)
         (4) RSA (sign only)
      Your selection?
    3. Press enter for the following question:
      RSA keys may be between 1024 and 4096 bits long.
      What keysize do you want? (2048)
    4. Press enter for the following question:
      Please specify how long the key should be valid.
               0 = key does not expire
            <n>  = key expires in n days
            <n>w = key expires in n weeks
            <n>m = key expires in n months
            <n>y = key expires in n years
      Key is valid for? (0)
    5. Type y and press enter for the following question:
      Key does not expire at all
      Is this correct? (y/N)
    6. Fill in the Real name appropriately and press enter.
    7. Fill in the Email address appropriately and press enter.
    8. The Comment is optional but don't forget to press enter.
    9. Type o and press enter for the following question:
      Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?
    10. Fill-in the passphrase appropriately.

The output will be ending with something like the following:

pub   rsa2048 2019-11-27 [SC]
      8C99E30527B112D1CB6D646FE86A4FE7189AADC9
uid                      Real Name <real_email@email.com>
sub   rsa2048 2019-11-27 [E]

The second line is the PGP key ID. Thus from the output above. The key id is:

8C99E30527B112D1CB6D646FE86A4FE7189AADC9

Exporting Your Private Key

The my-secret-key.pgp file generated by this command can be use for signing your binaries.

Run the following command:

gpg --export-secret-keys <KEY_ID> > my-secret-key.pgp

DO NOT SHARE THIS FILE OR COMMIT TO YOUR REPOSITORY.

Publishing Your Public Key

Run the following command:

gpg --send-key <EMAIL_ADDRESS>

Use the email address you've used from generating the key.

Alternative way of Publishing your Public Key

  1. Generate an ASCII-armored PGP key using the following command:
    gpg --armor --export <EMAIL_ADDRESS>

    Use the email address you've used from generating the key.

    The preceding command is exporting your public key in ascii format.

  2. Copy and paste the generated public ID to the following address: http://hkps.pool.sks-keyservers.net/#submit
  3. Click the Submit this key to the keyserver! button.

Validating your Published Public Key

  1. You can validate the upload public key by placing your <EMAIL_ADDRESS> as a Search String from the following address: http://hkps.pool.sks-keyservers.net/#extract.

    This will only work if you submit your keys using the preceding section.

  2. Click the Do the search! button.