Re: A GPG question
On Tue January 29 2008, s. keeling wrote: when you find out, let me know. I screwed up my main key by adding an email address ( the one for this list). It seems to have taken over the main email address now, so I obviously did it wrong... I've no idea whether it's authoratative, but: http://www.dcglug.org.uk/linux_doc/startgnupg.html#revoke actually I joined gpg-users and got some help there. the answer was to use the command primary. by default the new email is promoted to primary, which I didn't want. so in Kgpg you use the :edit in terminal command, after select the key you want, then issue the primary command. simple, once you learn what you are doing:) I think I will stay in gnupg-users for a while and learn.. -- Paul Cartwright Registered Linux user # 367800 Registered Ubuntu User #12459
Re: A GPG question
On Mon January 28 2008, s. keeling wrote: Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? I've been wondering this myself since my old ISP went TU. I've considered generating a new key and signing it with the old key. Presumably, that would produce a reliable enough lineage. What's the right way? This is probably a faq. Hmm, aptitude search gnupg-docis a hit. when you find out, let me know. I screwed up my main key by adding an email address ( the one for this list). It seems to have taken over the main email address now, so I obviously did it wrong... -- Paul Cartwright Registered Linux user # 367800 Registered Ubuntu User #12459 signature.asc Description: This is a digitally signed message part.
Re: A GPG question
Dan H. skrev: Hello folks, this is not s strict Debian question but it is so small and easy that it's not worth subscribung to a GPG list for. Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? Thanks, --D. You'd better consult the list for GnuPG users: http://lists.gnupg.org/pipermail/gnupg-users/ If I remember correctly you should revoke the old userid (e-mail address). Yours, Per Tunedal -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A GPG question
Dan H. skrev: On Mon, Jan 28, 2008 at 03:54:42AM -0600, Ron Johnson wrote: You can revoke identities from your key. 'gpg --edit the key' and then use 'revuid'. Don't forget to save and upload to a keyserver your modified key afterwards. But will you lose access to any data that you have encrypted under the old key? No, I think the key itself stays valid. It's just the UID. --D. Yes, only the userid is made unusable if you revoke it. The key is still valid. BTW if you revoke a key it is made unusable for encryption, but you can still use it for decryption. Per Tunedal -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A GPG question
Paul Cartwright [EMAIL PROTECTED]: On Mon January 28 2008, s. keeling wrote: Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? I've been wondering this myself since my old ISP went TU. I've considered generating a new key and signing it with the old key. Presumably, that would produce a reliable enough lineage. What's the right way? This is probably a faq. Hmm, aptitude search gnupg-docis a hit. when you find out, let me know. I screwed up my main key by adding an email address ( the one for this list). It seems to have taken over the main email address now, so I obviously did it wrong... I've no idea whether it's authoratative, but: http://www.dcglug.org.uk/linux_doc/startgnupg.html#revoke lists two reasons why to revoke a key (compromised or forgot passphrase), neither of which applies here. So far, it seems the most reasonable action is to create a new keypair, sign it with the old one, and upload new to keyserver. Maybe wait a year/decade/century then upload the revoke of the original (or never?) and revisit the question then? I'm floundering here too. Don't take my advice. BTW, the faq doesn't mention this, and neither does gnupg-doc. -- Any technology distinguishable from magic is insufficiently advanced. (*)http://blinkynet.net/comp/uip5.html Linux Counter #80292 - -http://www.faqs.org/rfcs/rfc1855.htmlPlease, don't Cc: me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
A GPG question
Hello folks, this is not s strict Debian question but it is so small and easy that it's not worth subscribung to a GPG list for. Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? Thanks, --D. signature.asc Description: Digital signature
Re: A GPG question
Dan H. wrote: Hello folks, this is not s strict Debian question but it is so small and easy that it's not worth subscribung to a GPG list for. Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? You can revoke identities from your key. 'gpg --edit the key' and then use 'revuid'. Don't forget to save and upload to a keyserver your modified key afterwards. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus.therning@gmail.com http://therning.org/magnus What if I don't want to obey the laws? Do they throw me in jail with the other bad monads? -- Daveman signature.asc Description: OpenPGP digital signature
Re: A GPG question
On Mon, Jan 28, 2008 at 03:54:42AM -0600, Ron Johnson wrote: You can revoke identities from your key. 'gpg --edit the key' and then use 'revuid'. Don't forget to save and upload to a keyserver your modified key afterwards. But will you lose access to any data that you have encrypted under the old key? No, I think the key itself stays valid. It's just the UID. --D. signature.asc Description: Digital signature
Re: A GPG question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/08 03:09, Magnus Therning wrote: Dan H. wrote: Hello folks, this is not s strict Debian question but it is so small and easy that it's not worth subscribung to a GPG list for. Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? You can revoke identities from your key. 'gpg --edit the key' and then use 'revuid'. Don't forget to save and upload to a keyserver your modified key afterwards. But will you lose access to any data that you have encrypted under the old key? - -- Ron Johnson, Jr. Jefferson LA USA I'm not a vegetarian because I love animals, I'm a vegetarian because I hate vegetables! unknown -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHnaZiS9HxQb37XmcRArSNAKDY1i5BI2Hk9Jcr1UTfAf5m/dUGaACgrlU7 /F/u8nbsOArAR7N3cKY2BHM= =kxVi -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A GPG question
On Mon, 28 Jan 2008 03:54:42 -0600 Ron Johnson [EMAIL PROTECTED] wrote: Hello Ron, But will you lose access to any data that you have encrypted under the old key? All that's changed is one of the identities on the public key. The key itself, and the private key remain unchanged. The short answer to your question; No, you won't lose access. -- Regards _ / ) The blindingly obvious is / _)radnever immediately apparent Never much liked playing there anyway Banned From The Roxy - Crass signature.asc Description: PGP signature
Re: A GPG question
Dan H. [EMAIL PROTECTED]: Q: How can I remove an email address from my GPG key? I'm changing jobs, so one of my three addresses won't be valid any more. Do I have to make a new key pair from scratch? If so, how can my web of trust (I don't have one so this is rather theoretical) be transferred from the old to the new key? I've been wondering this myself since my old ISP went TU. I've considered generating a new key and signing it with the old key. Presumably, that would produce a reliable enough lineage. What's the right way? This is probably a faq. Hmm, aptitude search gnupg-docis a hit. -- Any technology distinguishable from magic is insufficiently advanced. (*)http://blinkynet.net/comp/uip5.html Linux Counter #80292 - -http://www.faqs.org/rfcs/rfc1855.htmlPlease, don't Cc: me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: gpg question / sub key creating
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This should do the job for you: gpg --edit-key 'id' Mark Walter wrote: Hi all, gpg --list-key 'id' doesn't show me a sub key. How can I create a sub key afterwards ? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEDxBX+5RipWxMFtsRAmb9AKCfPBTkA+x/6U0TYbXZPDP+jeqd8ACgmGt0 u/+duxEPXRPaGgKCUmox6tw= =oyDB -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: gpg question / sub key creating
On Wed, Mar 08, 2006 at 06:08:38PM +0100, Mark Walter wrote: Hi all, gpg --list-key 'id' doesn't show me a sub key. How can I create a sub key afterwards ? I'd recommend reading the GNU Privacy Handbook. It answers this, and many more questions. You can find it online: http://www.gnupg.org/gph/en/manual.html or in the package gnupg-doc. /M -- Magnus Therning(OpenPGP: 0xAB4DFBA4) [EMAIL PROTECTED] http://therning.org/magnus Software is not manufactured, it is something you write and publish. Keep Europe free from software patents, we do not want censorship by patent law on written works. $my_args = shift; system(gcc $my_args); print I prefer C\n; -- Robert Dieterich's contribution to the 2004 Perl Haiku Contest, Haikus in Perl - 'Dishonerable Mention' winner pgpOjoDXgZTNK.pgp Description: PGP signature
Re: stupid mutt/gpg question...
On Thu, Feb 10, 2000 at 09:39:51PM -0500, Jonathan Lupa wrote: I use www.pgpkeys.net and it seems to work better than search.keyserver.net from here. No thoughts as to why from me, but perhaps someone else can enlighten us. Since I upgraded mutt from .95 to 1, I get the following error when mutt tries to learn keys [-- PGP output follows (current time: Thu Feb 10 21:31:05 2000) --] gpg: Signature made Wed Feb 9 06:43:01 2000 EST using DSA key ID 917A225E gpg: requesting key 917A225E from search.keyserver.net ... gpg: [fd 7]: read error: Connection reset by peer gpg: Total number processed: 0 gpg: no valid OpenPGP data found. gpg: Can't check signature: public key not found [-- End of PGP output --] -- Nate Duehr [EMAIL PROTECTED] GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2 Public Key available upon request, or at wwwkeys.pgp.net and others. pgpRnxq24aA6b.pgp Description: PGP signature
stupid mutt/gpg question...
This must have been covered before, but I couldn't turn anything up on a quick deja search. Apologies ahead of time for using this guys fingerprint in vain, but I snagged it from the debian lists, so... :) Since I upgraded mutt from .95 to 1, I get the following error when mutt tries to learn keys [-- PGP output follows (current time: Thu Feb 10 21:31:05 2000) --] gpg: Signature made Wed Feb 9 06:43:01 2000 EST using DSA key ID 917A225E gpg: requesting key 917A225E from search.keyserver.net ... gpg: [fd 7]: read error: Connection reset by peer gpg: Total number processed: 0 gpg: no valid OpenPGP data found. gpg: Can't check signature: public key not found [-- End of PGP output --] Gpg works fine from the commandline: Rankor:~$gpg --recv-keys 917A225E gpg: requesting key 917A225E from search.keyserver.net ... gpg: key 917A225E: public key imported gpg: Total number processed: 1 gpg: imported: 1 The mutt version is as follows: Rankor:~$mutt -v Mutt 1.0i (1999-10-22) Copyright (C) 1996-9 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 2.2.12 [using slang 10202] Compile options: -DOMAIN -HOMESPOOL -USE_SETGID -USE_DOTLOCK +USE_FCNTL -USE_FLOCK +USE_IMAP +USE_POP +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_PGP5 +HAVE_PGP2 +HAVE_GPG -BUFFY_SIZE -EXACT_ADDRESS +ENABLE_NLS SENDMAIL=/usr/sbin/sendmail MAILPATH=/var/spool/mail SHAREDIR=/usr/share/mutt SYSCONFDIR=/etc ISPELL=/usr/bin/ispell _PGPPATH=/usr/bin/pgp _PGPV2PATH=/usr/bin/pgp _PGPV3PATH=/usr/bin/pgp _PGPGPGPATH=/usr/bin/gpg To contact the developers, please mail to [EMAIL PROTECTED]. I __know__ its got to be something stupid that I just missed. (/usr/bin/pgp is soft linked to /usr/bin/gpg). Thanks... -Jonathan muttrc set pgp_default_version = gpg set pgp_gpg = /usr/bin/gpg set pgp_autosign unset pgp_autoencrypt -- [EMAIL PROTECTED] GPG public key available from http://www.jamdata.net/~jjlupa/gpg.asc pgpPyhnFGug7d.pgp Description: PGP signature