I have moved to a new OpenPGP key. There are many tutorials and blog posts on GnuPG key generation around, but none of them matched exactly the setup I wanted to have. So I wrote down the steps I took, to remember them if I need to in the future. Briefly my requirements were as follows:
- The new master GnuPG key is on an USB stick.
- The USB stick is only ever used on an offline computer.
- There are subkeys stored on a YubiKey NEO smartcard for daily use.
- I want to generate the subkeys using GnuPG so I have a backup.
- Some non-default hash/cipher preferences encoded into the public key.