Hi Andreas,
combining your suggestions so far, I came up with the attached script.
It seems to do the import and the signing, but produces no output files.
Andreas, in order to follow your method what is the final step to produce
the attachment to be sent by email?
/// Jürgen
On 08/20/2014 04:50 PM, Andreas Enge wrote:
> On Wed, Aug 20, 2014 at 10:44:41AM -0400, Alfred M. Szmidt wrote:
>> so why then all these emails that say "Your signed PGP key" ?
>> I have no idea. I don't use this overly complicated scheme of
>> operation, nor do I know why people suggest it.
> Both are possible. Sending an encrypted e-mail ensures that the person
> receiving it has control over the given e-mail account and is in possession
> of the private key linked to the public key that is being signed. So it
> ties in more closely the identity of the person, the key and, additionally,
> the e-mail address. That is why I prefer to send encrypted e-mails. Notice
> that once you have signed the key, instead of uploading it to a key server,
> you may as well extract it and send it by hand in an encrypted e-mail.
>
> Andreas
>
>
#!/bin/bash
other_keys="EB7AB74D EE116C6D 26C5D286 48426C7E 8D89059F 765C61E3 C421CD8D
3D94797B 2DE827B3 8017E36A E7898C3B 531B6686 A5493553 4209AC98 49613020
EBBD25B4"
dokey()
{
echo
echo '-----------------------'
echo "importing key $1..."
gpg --keyserver pgp.mit.edu --recv-keys $1
echo
echo "gpg --recv-keys says $?"
echo '-----------------------'
echo "Please check the fingerprint below (we assume it is OK)"
gpg --fingerprint $1
echo
echo "gpg --fingerprint says $?"
echo '-----------------------'
gpg --sign-key $1
echo
echo "gpg --sign-key says $?"
}
# the main program
for kid in $other_keys
do
dokey $kid
done
