Larger RSA keys are not the way forward, switch to ed25519 instead. This will also become the default in the next version of GnuPG. Signed-off-by: Geert Hendrickx <geert@hendrickx.be> --- scripts/pacman-key.sh.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index ccfd1b96..fd9d3793 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -147,8 +147,8 @@ generate_master_key() { # Generate the master key, which will be in both pubring and secring "${GPG_PACMAN[@]}" --gen-key --batch <<EOF %echo Generating pacman keyring master key... -Key-Type: RSA -Key-Length: 4096 +Key-Type: EDDSA +Key-Curve: ed25519 Key-Usage: sign Name-Real: Pacman Keyring Master Key Name-Email: pacman@localhost -- 2.29.2