Just Enough gpg…

This is a quick HTMLiztion of paulv's post to the list on how to sign keys.

…after the party

I said last night that I'd post how to sign the keys. I'll just use the example I just did.

[Linux-SIG] how to sign keys
Date: Fri, 18 Feb 2005 11:00:40 -0500
From: Paul Visscher 
To: linux-sig@dma.org
Reply to: "Dayton Microcomputer Association's Linux SIG - Dayton Linux Users Group" 

gpg --keyserver pgp.mit.edu --recv-key [KeyID]

Get Key

$ gpg --keyserver pgp.mit.edu --recv-key F604D02D

gpg: key F604D02D: public key "Grant Root " imported
gpg: Total number processed: 1
gpg:               imported: 1

gpg --fingerprint [KeyID]

Fingerprint Key
$ gpg --fingerprint F604D02D

pub  1024D/F604D02D 2005-01-25 Grant Root 
     Key fingerprint = CF25 DB81 088A BF7F FE4F  B1C0 F54F 320D F604 D02D
uid                            Grant Root (WhoWhatWeb) 
uid                            Grant Root (DPG) 
sub  1024g/6E836C72 2005-02-17

(at this point I look at his fingerprint on the paper he gave me and  compare it to the one above. I see that it matches.)

$ gpg --sign-key [KeyID]

Sign Key

$ gpg --sign-key F604D02D

gpg: checking the trustdb
gpg: no ultimately trusted keys found
pub  1024D/F604D02D  created: 2005-01-25 expires: never      trust: -/-
sub  1024g/6E836C72  created: 2005-02-17 expires: never
(1). Grant Root 
(2)  Grant Root (WhoWhatWeb) 
(3)  Grant Root (DPG) 

Really sign all user IDs? y

pub  1024D/F604D02D  created: 2005-01-25 expires: never      trust: -/-
 Primary key fingerprint: CF25 DB81 088A BF7F FE4F  B1C0 F54F 320D F604 D02D

     Grant Root 
     Grant Root (WhoWhatWeb) 
     Grant Root (DPG) 

How carefully have you verified the key you are about to sign actually
belongsto the person named above? If you don't know what to answer,
enter "0".

   (0) I will not answer. (default)
   (1) I have not checked at all.
   (2) I have done casual checking.
   (3) I have done very careful checking.

Your selection? (enter '?' for more information): 3
Are you really sure that you want to sign this key
with your key: "Paul Visscher " (394D34A6)

I have checked this key very carefully.

Really sign? y

You need a passphrase to unlock the secret key for
user: "Paul Visscher "
1024-bit DSA key, ID 394D34A6, created 2000-08-11


(it asks me for my passphrase)

$ gpg --keyserver pgp.mit.edu --send-key [KeyID]

Send Signed Key

$ gpg --keyserver pgp.mit.edu --send-key F604D02D

gpg: success sending to `pgp.mit.edu' (status=200)

$ gpg --list-sigs [KeyID]

List Signatures

You can see here that I'm the first person to sign Grant's key.

$ gpg --list-sigs F604D02D
pub  1024D/F604D02D 2005-01-25 Grant Root 
sig 3       F604D02D 2005-02-17   Grant Root 
sig 3       394D34A6 2005-02-18   Paul Visscher 
uid                            Grant Root (WhoWhatWeb) 
sig 3       F604D02D 2005-02-17   Grant Root 
sig 3       394D34A6 2005-02-18   Paul Visscher 
uid                            Grant Root (DPG) 
sig 3       F604D02D 2005-02-17   Grant Root 
sig 3       394D34A6 2005-02-18   Paul Visscher 
sub  1024g/6E836C72 2005-02-17
sig         F604D02D 2005-02-17   Grant Root 

--paulv
_______________________________________________
Linux-SIG mailing list
Linux-SIG@dma.org
http://www.dma.org/mailman/listinfo/linux-sig
Browse Happy logo

Standards Compliant Markup is encouraged. XHTML:: CSS:: 508.