Provided by: sq_0.25.0-3ubuntu0.22.04.1_amd64 bug

NAME
       sq-key-generate - Generates a new key

       Generating  a  key  is  the  prerequisite  to  receiving  encrypted  messages and creating
       signatures.  There are a few  parameters  to  this  process,  but  we  provide  reasonable
       defaults for most users.

       When  generating  a  key,  we also generate a revocation certificate.  This can be used in
       case the key is superseded, lost, or compromised.  It is a good idea to  keep  a  copy  of
       this in a safe place.

       After  generating a key, use "sq key extract-cert" to get the certificate corresponding to
       the key.  The key must be kept secure, while the  certificate  should  be  handed  out  to
       correspondents, e.g. by uploading it to a keyserver.


SYNOPSIS
       sq key generate [FLAGS] [OPTIONS]


FLAGS
       -h, --help
              Prints help information

       --with-password
              Protects the key with a password

       --can-sign
              Adds a signing-capable subkey (default)

       --cannot-sign
              Adds no signing-capable subkey

       --cannot-encrypt
              Adds no encryption-capable subkey


OPTIONS
       -u, --userid EMAIL
              Adds a userid to the key

       -c, --cipher-suite CIPHER-SUITE
              Selects  the  cryptographic  algorithms  for the key  [default: cv25519]  [possible
              values: rsa3k, rsa4k, cv25519]

       --expires TIME
              Makes the key expire at TIME (as ISO 8601). Use "never" to create keys that do  not
              expire.

       --expires-in DURATION
              Makes  the key expire after DURATION. Either "N[ymwd]", for N years, months, weeks,
              or days, or "never".

       --can-encrypt PURPOSE
              Adds an encryption-capable subkey. Encryption-capable  subkeys  can  be  marked  as
              suitable   for   transport  encryption,  storage  encryption,  or  both.  [default:
              universal]  [possible values: transport, storage, universal]

       -e, --export OUTFILE
              Writes the key to OUTFILE

       --rev-cert FILE or -
              Writes the revocation certificate to FILE. mandatory if OUTFILE is  "-".  [default:
              <OUTFILE>.rev]


EXAMPLES
       # First, this generates a key
              $ sq key generate --userid "<juliet@example.org>" --export juliet.key.pgp

       # Then, this extracts the certificate for distribution
              $ sq key extract-cert --output juliet.cert.pgp juliet.key.pgp

       # Generates a key protecting it with a password
              $ sq key generate --userid "<juliet@example.org>" --with-password

       # Generates a key with multiple userids
              $ sq key generate --userid "<juliet@example.org>" --userid "Juliet Capulet"


SEE ALSO
       For the full documentation see <https://docs.sequoia-pgp.org/sq/>.

       sq(1), sq-armor(1), sq-autocrypt(1), sq-certify(1), sq-dearmor(1), sq-decrypt(1),
       sq-encrypt(1), sq-inspect(1), sq-key(1), sq-key-adopt(1), sq-key-attest-certifications(1),
       sq-key-extract-cert(1), sq-key-generate(1), sq-keyring(1), sq-keyring-filter(1),
       sq-keyring-join(1), sq-keyring-list(1), sq-keyring-merge(1), sq-keyring-split(1),
       sq-packet(1), sq-sign(1), sq-verify(1)


AUTHORS
         Azul <azul@sequoia-pgp.org>
         Igor Matuszewski <igor@sequoia-pgp.org>
         Justus Winter <justus@sequoia-pgp.org>
         Kai Michaelis <kai@sequoia-pgp.org>
         Neal H. Walfield <neal@sequoia-pgp.org>
         Nora Widdecke <nora@sequoia-pgp.org>
         Wiktor Kwapisiewicz <wiktor@sequoia-pgp.org>