[TriLUG] PGP Signing at the next Meeting

Tanner Lovelace lovelace at wayfarer.org
Tue Aug 12 22:09:44 EDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Justin Johnson wrote:
| Ok, I'll ask the newbie questions. :-)
|
| How do I go about getting the info needed for the key signing? I've got
| my email address covered, but after that I need a little help. :-) In
| other words how do I collect the information for Key Type, Key Size, Key
| Fingerprint and oh yea, I know my name.

Well, of course this all assumes you have made a key (I see you have
below, but others may not have).  To create a key run this command:

gpg --gen-key

and answer all the questions.

Once you have a key, all the information you need for the keysigning you
can get by doing this command

gpg --fingerprint <key id or e-mail address>

For instance when I do that with my key this is the result:

% gpg --fingerprint DE7639D4
pub  1024D/DE7639D4 2001-09-25 Tanner Lovelace <lovelace at wayfarer.org>
~     Key fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
uid                            Wayfarer RPMS <rpms at wayfarer.org>
uid                            Tanner Lovelace <lovelace at trilug.org>
uid                            [jpeg image of size 2917]
sub  1024g/3418E274 2001-09-25

The first line gives the key size, type, and main e-mail address
(1024 bits, DSS key).  The "Key fingerprint" should be obvious. :-)
It also shows that I have 3 other user ids (an email address for
rpms that I create and sign with this key, my trilug address,
and a jpeg picture of myself.  :-)


| Another twist is that I often use 2 different email addresses. Do I
then need a
| separate key for each account?

As you see on my key, you can have any number of user ids on a single
key.

| Lastly, I fumbled my way through setting up a key on my laptop, but
now that
| I have  finally set up my primary  desktop machine at home under
linux, how
| do I transfer that key to this machine? Simple import of my key from
the laptop?

Well, you could copy the files from ~/.gnupg/ on you laptop to your home
desktop ( making sure you clear out the ~/.gnupg/ first or do it before
ever running it on your desktop).  Alternatively, you can export the
keys using ascii armor and import them on your desktop.  Note that you
will have to export public and private keys separately.


| I guess I really need to dig into gpg and figure out how it all works
together.
| I remember vaguely a meeting topic on this in the past and the subject
matter
| being posted to the web somewhere. If that's around and someone could
point me
| to it I'll do my part and RTFM.

I was the one that gave the presentation.  It can be found here:
http://www.trilug.org/~lovelace/presentations/gpg/


| I've been lurking for about 2 years now, but I am finally taking the
time to make
| the switch to OSS for my primary OS. It's just so hard to go back and
be a freaking
| newbie again! :-)

I understand it can be frustrating at times, and PGP/GPG is not
the easiest thing in the world to understand in Linux or other OS's.
But, welcome to the community and we're very glad your here.  If you
have more questions, please ask away. :-)

Cheers,
Tanner

- --
Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
- --*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
- --*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
~ This would be a very good time to hang out with the Open Source
~ people, before they get formally reclassified as a national security
~ threat. -- Bruce Sterling


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQE/OZ3nzglPjt52OdQRArYcAKDF0DFV8R9GbuMIy2vAZRl3w82PAwCgg1BQ
vorr/MuIOLG0U37WfCHvIxc=
=U2DC
-----END PGP SIGNATURE-----




More information about the TriLUG mailing list