Signed keys procedure?
Bill Horne
bill at horne.net
Thu Sep 21 22:34:00 EDT 2006
On Thu, 2006-09-21 at 20:52 -0400, David Kramer wrote:
> I've gotten several signed PGP keys as a result of the event yesterday.
> We never covered what to do with them. I know how to recv-keys and
> send-keys and sign someone's key, but not what to do with a signed key
> someone gives me, or how to make one for someone else.
David,
When someone sends you a copy of your key which they have signed, use
$ gpg --import <fname>
... to merge the signature with your public key. Of course, <fname> is
whatever the sender called the file he/she attached to their email, and
you'll have to save it as a file first.
The key will be added to or merged with your keyring, and the new
signatures will show up when you do a
$ gpg --list-keys <key id>
- - - - - - -
To sign someone else's key, use
$ gpg --sign-key -u <your key id> <someone else's key id>
(You'll be prompted for your passphrase.)
Then, export the key to an ascii-armored file, like so:
$ gpg --export -a -o <fname>.asc <key id>
Last, encrypt the exported key and send it to the keyowner:
$ gpg -e -r <key id of recipient> -o <fname>.txt <fname>.asc
... and then attach <fname>.txt to an email and send it to the key
owner.
HTH.
Bill
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list