Just Enough gpg…

This is a quick HTMLiztion of paulv's post to the list on how to sign keys.

…after the party

I said last night that I'd post how to sign the keys. I'll just use the example I just did.

[Linux-SIG] how to sign keys
Date: Fri, 18 Feb 2005 11:00:40 -0500
From: Paul Visscher 
To: linux-sig@dma.org
Reply to: "Dayton Microcomputer Association's Linux SIG - Dayton Linux Users Group"

gpg --keyserver pgp.mit.edu --recv-key [KeyID]

Get Key

$ gpg --keyserver pgp.mit.edu --recv-key F604D02D

gpg: key F604D02D: public key "Grant Root " imported
gpg: Total number processed: 1
gpg: � � � � � � � imported: 1

gpg --fingerprint [KeyID]

Fingerprint Key

$ gpg --fingerprint F604D02D

pub �1024D/F604D02D 2005-01-25 Grant Root 
� � �Key fingerprint = CF25 DB81 088A BF7F FE4F �B1C0 F54F 320D F604 D02D
uid � � � � � � � � � � � � � �Grant Root (WhoWhatWeb) 
uid � � � � � � � � � � � � � �Grant Root (DPG) 
sub �1024g/6E836C72 2005-02-17

(at this point I look at his fingerprint on the paper he gave me and �compare it to the one above. I see that it matches.)

$ gpg --sign-key [KeyID]

Sign Key

$ gpg --sign-key F604D02D

gpg: checking the trustdb
gpg: no ultimately trusted keys found
pub �1024D/F604D02D �created: 2005-01-25 expires: never � � �trust: -/-
sub �1024g/6E836C72 �created: 2005-02-17 expires: never
(1). Grant Root 
(2) �Grant Root (WhoWhatWeb) 
(3) �Grant Root (DPG) 

Really sign all user IDs? y

pub �1024D/F604D02D �created: 2005-01-25 expires: never � � �trust: -/-
�Primary key fingerprint: CF25 DB81 088A BF7F FE4F �B1C0 F54F 320D F604 D02D

� � �Grant Root 
� � �Grant Root (WhoWhatWeb) 
� � �Grant Root (DPG) 

How carefully have you verified the key you are about to sign actually
belongsto the person named above? If you don't know what to answer,
enter "0".

� �(0) I will not answer. (default)
� �(1) I have not checked at all.
� �(2) I have done casual checking.
� �(3) I have done very careful checking.

Your selection? (enter '?' for more information): 3
Are you really sure that you want to sign this key
with your key: "Paul Visscher " (394D34A6)

I have checked this key very carefully.

Really sign? y

You need a passphrase to unlock the secret key for
user: "Paul Visscher "
1024-bit DSA key, ID 394D34A6, created 2000-08-11


(it asks me for my passphrase)

$ gpg --keyserver pgp.mit.edu --send-key [KeyID]

Send Signed Key

$ gpg --keyserver pgp.mit.edu --send-key F604D02D

gpg: success sending to `pgp.mit.edu' (status=200)

$ gpg --list-sigs [KeyID]

List Signatures

You can see here that I'm the first person to sign Grant's key.

$ gpg --list-sigs F604D02D
pub �1024D/F604D02D 2005-01-25 Grant Root 
sig 3 � � � F604D02D 2005-02-17 � Grant Root 
sig 3 � � � 394D34A6 2005-02-18 � Paul Visscher 
uid � � � � � � � � � � � � � �Grant Root (WhoWhatWeb) 
sig 3 � � � F604D02D 2005-02-17 � Grant Root 
sig 3 � � � 394D34A6 2005-02-18 � Paul Visscher 
uid � � � � � � � � � � � � � �Grant Root (DPG) 
sig 3 � � � F604D02D 2005-02-17 � Grant Root 
sig 3 � � � 394D34A6 2005-02-18 � Paul Visscher 
sub �1024g/6E836C72 2005-02-17
sig � � � � F604D02D 2005-02-17 � Grant Root

--paulv
_______________________________________________
Linux-SIG mailing list
Linux-SIG@dma.org
http://www.dma.org/mailman/listinfo/linux-sig

Standards Compliant Markup is encouraged. XHTML:: CSS:: 508.