Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Signed keys procedure?

On Thu, 2006-09-21 at 20:52 -0400, David Kramer wrote:
> I've gotten several signed PGP keys as a result of the event yesterday.
>  We never covered what to do with them.  I know how to recv-keys and
> send-keys and sign someone's key, but not what to do with a signed key
> someone gives me, or how to make one for someone else.


When someone sends you a copy of your key which they have signed, use 

$ gpg --import <fname>

... to merge the signature with your public key. Of course, <fname> is
whatever the sender called the file he/she attached to their email, and
you'll have to save it as a file first.

The key will be added to or merged with your keyring, and the new
signatures will show up when you do a 

$ gpg --list-keys <key id>

 - - - - - - - 

To sign someone else's key, use 

$ gpg --sign-key -u <your key id> <someone else's key id>

(You'll be prompted for your passphrase.)

Then, export the key to an ascii-armored file, like so:

$ gpg --export -a -o <fname>.asc <key id>

Last, encrypt the exported key and send it to the keyowner:

$ gpg -e -r <key id of recipient> -o <fname>.txt <fname>.asc

... and then attach <fname>.txt to an email and send it to the key



This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /