We document how to create GPG keys on the wiki, but the GPG program's parameters need to be filed out in a specific way to work with Vault:
gpg --full-generate-key # Select RSA Please select what kind of key you want: (1) RSA and RSA (default) #Use the default value: 2048 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 2048 # Select the default value for the expiration date: 0 Key is valid for? (0) <- Accept the default value [...] Is this correct? (y/N) y # Enter a user ID, email, or comment. This is for tracking purposes and will not impact the resulting GPG keys Real name: Example Joe Email address: Ex.Joe@jfrog.com Comment: Example GPG keys
Make sure to set a password for the key pair:
After the keys are created, export them:
gpg --list-secret-keys --keyid-format LONG /Users/jfrog/.gnupg/secring.gpg ------------------------------------ sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10] uid jfrog ssb 4096R/42B317FD4BA89E7A 2016-03-10 # Export the private and public keys to files gpg --output private.key --armor --export-secret-keys 8F76A58562F73776 gpg --output public.key --armor --export 8F76A58562F73776