Pkeygen

The key takeaway: pkeygen is for automation, CI/CD pipelines, and anyone who hates answering “Real name:” and “Email:” a hundred times. GnuPG does have a batch mode, but its configuration syntax is arcane. Compare this:

pkeygen --config key-config.json --output public-key.gpg --public You’ll get a binary OpenPGP keyring. Convert it to ASCII armor if needed: pkeygen

When most people think about creating PGP keys, they immediately type gpg --full-generate-key . It’s the standard. But what if I told you there’s a leaner, more scriptable, and arguably more transparent way to generate the same keys? The key takeaway: pkeygen is for automation, CI/CD

{ "params": [ { "type": "EDDSA", "curve": "Ed25519" } ], "userid": "DevOps Bot <ci@example.com>" } Then run: Convert it to ASCII armor if needed: When

Enter — a utility often bundled with OpenPGP implementations like rnp (RNC’s OpenPGP implementation) and sometimes found in gpg as an undocumented subcommand. While it’s not as famous as its gpg cousin, pkeygen offers a refreshing, JSON-driven approach to key creation.

pkeygen --config key-config.json --output my-private-key.gpg To generate a public key only (for distribution):