I thought it would be useful to set an expiration date, so if I did something wrong I wouldn't be eternally attached to an inaccessible/unusable key pair.
How can you be so sure my system has not enough entropy? Wouldn't it need to be measured first? Em 16/02/2017 16:43, Doug Barton escreveu: > If you didn't send the keys to anyone, or upload to any key server > (which it sounds like you did not) then your best bet is to delete > them all and start over from scratch. > > You really should install haveged, then wait a few hours, and generate > a new key. The process relies on quality entropy to work properly, and > you obviously haven't had it previously. Having good entropy on your > system is a requirement for a variety of other crypto purposes, > including using gpg down the road. > > Also, unless you have a specific purpose for doing so, please don't > use an expiration date on your key. It adds extra complexity for no > good purpose. > > hope this helps, > > Doug > > On 02/16/2017 09:36 AM, Anders Bateva wrote: >> Hello I used /"gpg2 --full-gen-key/", and a key pair was generated in >> less than 10 minutes. But, after generating, I used "/gpg2 -k/" and >> discovered there are 5 keys for my e-mail address on my computer. >> Appears some of the earlier tentatives of creating the key pair really >> created a key pair. Those are set to expire on 2021 or 2022. The one I >> created right now is set to expire on 2018. >> >> Now, what should I do, in order to start using the key pair on my >> Thunderbird client, "/gpg2 --send-keys/"? >> And how to "cancel" the previous key pairs, "/--delete-keys/", >> "/--gen-revoke/"? >> >> Em 15/02/2017 18:16, LeRoy escreveu: >>> On 02/15/2017 11:28 AM, Anders Bateva wrote: >>> > Hello. I'm using GNU/Linux (distro: Ubuntu), not FreeBSD - sorry, I >>> > forgot to inform this. But, anyway, I did what you instructed: >>> >>> When I looked at the headers it looked like you were using FreeBSD. >>> My mistake, sorry. I am currently using Arch Linux. >>> >>> >>> > So, I have both gpg and gpg2. I can't create a symlink because gpg >>> > really exist, it's used for the VPN (when I uninstalled gpg >>> > yesterday, the VPN, I could not login anymore, and when I >>> > reinstalled the VPN today, it installed gpg too). >>> >>> > Here's gpg2: >>> >> $ gpg2 --version gpg (GnuPG) 2.1.11 libgcrypt 1.6.5 Copyright (C) >>> >> 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL >>> >> version 3 or later <http://gnu.org/licenses/gpl.html> This is >>> >> free software: you are free to change and redistribute it. There >>> >> is NO WARRANTY, to the extent permitted by law. >>> >>> I noticed that /usr/bin/gpg was not a symlink on your system. Is it a >>> hard link or is it gpg1? You can use the file command to find out. >>> >>> If it is not a hard link maybe you should find out what version it is. >>> gpg --version >>> >>> As I stated previously Enigmail seems to depend on /usr/bin/gpg being >>> version 2 of GnuPG. >>> >>> >>> > Should then I use /gpg2 --gen-key/? Maybe /gpg2 >>> > --full-generate-key/? >>> >>> The answer to this question is first finding out what the file gpg >>> really is. The second part depends how many questions you want to >>> answe >>> r. >>> >>> This is from the man page: >>> >>> --full-generate-key >>> --full-gen-key >>> Generate a new key pair with dialogs for all options. >>> This is an extended version of --generate-key. >>> >>> There is also a feature which allows you to create keys >>> in batch mode. See the manual section ``Unattended key >>> generation'' on how to use this. >>> >>> This includes what questions what cipher you want to use along with a >>> lot of other questions. As a beginner I would use the just the >>> --gen-key unless you really want to learn all of the details. > > _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
