Generating a "vanity" PGP Key ID Signature
Here’s a quick bash script I used to generated a “vanity” PGP key with the last two bytes (four characters) set to FFFF.
#!/usr/bin/env bash while : do gpg --debug-quick-random -q --batch --gen-key << EOF Key-Type: RSA Key-Length: 2048 Name-Email: user@domain Name-Real: Real Name Passphrase: yourverylongpassphrasegoeshere EOF if gpg -q --list-keys | head -4 | tail -c 5 | grep FFFF then echo Break exit 1 else gpg2 --batch -q --yes --delete-secret-and-public-key `gpg -q --list-keys | head -4 | tail -n 1` fi done
I also added no-secmem-warning to
~/.gnupg/options to suppress the insecure memory warnings. When I set it to a 1024-bit key, it only took about 3 hours, while 2048-bit took 20 hours across.
It goes without saying, my use of insecure randomness is a terrible idea for those facing a serious threat model. Also, you’re basically picking a number at random out of 65,535 hoping for the right combination – but I’m just having fun with it.