Security question from Caleb Thompson's "PGP and You" post

I’ve got two questions: one specific to the article ( and one general.

Specific to the article, early on, Caleb shows how to generate a new GPG key (gpg --gen-key) and the output he displays

RSA keys may be between 1024 and 8192 bits long.

shows that you can choose keys up to 8192 bits long. However, when I just ran the same command with gpg2 as he suggests, I I only get 4096 as the max option

RSA keys may be between 1024 and 4096 bits long.

Any idea what happened to those last 4096 bits? I googled around and couldn’t find any solid explanation; the official GPG FAQ (looks like an excellent document) says it’s 4096.

In general, how about a category for security-related questions?

Yeah, the ability to do 8192 seems to have been a lie I perpetuated. Sorry. 4096 is the largest I’ve been able to build as well. Will update post.

Thanks, Caleb. IMO, not a complete lie; I found a couple of posts that show how to modify the config and actually get an 8192-bit key if you want. Here’s one example:

Caleb… So I added my new key to the default keyserver ( However, I tried adding it to the thoughtbot key server as you suggested and get this error:

gpg --keyserver --send-keys 4D566AFC
gpg: sending key 4D566AFC to http server
gpgkeys: this keyserver type only supports key retrieval
gpg: keyserver internal error
gpg: keyserver send failed: Keyserver error

so I guess it’s been restricted.

Also, I looked at the address you gave for your keyserver, and the link looks to be just an ascii text file as opposed to a server address: