FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

LinkBack Thread Tools
Old 11-12-2011, 08:28 AM
"Gr., F."
Default "Secure Key Generation"

I think the following is interesting:

"However, this imply another problem: all the signatures made on
other keys would be invalid too after the expiration of our key,
unless we renew it periodically. Moreover, if we decided not to renew
our old key after its expiration but to generate a new one, we would
need to collect again on the new key all the signatures that other
persons made on the old one."
(source: <http://tjl73.altervista.org/secure_keygen/en/en.html>)

In short (for who knows GPG):
- create a public key -- RSA (sign only)
- backup your '.gnupg' dir and keep it in a secure place
- add a subkey for encryption
- export your subkey
- delete secret and public key
- import your subkey
- to modify our key we can type the command
'gpg2 --no-permission-warning --homedir <your path> --keyring ~/.gnupg/pubring.gpg --secret-keyring <your path> --trustdb-name ~/.gnupg/trustdb.gpg --edit-key <keyid>'
- to sign other keys
'gpg2 --no-permission-warning --homedir <your path> --keyring ~/.gnupg/pubring.gpg --secret-keyring <your path> --trustdb-name ~/.gnupg/trustdb.gpg --edit-key <key imported>'

That's all. :-)

Law is mind without reason.

Thread Tools

All times are GMT. The time now is 10:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org