gpg --full-gen-key
It is a good idea to use RSA 4096.
gpg -K
gpg --list-secret-keys
gpg --edit-key <GPG key>
gpg --export -a [email protected] > public.gpg
gpg --export-secret-key -a [email protected] > secret.gpg
gpg --import public.gpg
gpg --import secret.gpg
gpg --edit-key <GPG key> trust
> 5
> y
> quit
Verify it is trusted with
gpg --list-secret-keys
It should say [ultimate]
next to your name.
Create ~/.gnupg/gpg-agent.conf
if it does not exist, and add
default-cache-ttl 604800
max-cache-ttl 604800
After authorizing once, GPG will not ask for your password again for a week, so long as your computer remains powered on.