Newbie question regarding trust
Robin Szemeti
robin@rszemeti.demon.co.uk
Mon Mar 19 22:00:20 2001
Hi :)
OK I have a fairly simple and probably dumb question I didn;t seem to be
able to answer from the FAQ or the docs ...
I am trying to use GPG to replace an existing PGP install on my server.
It is used for, amongst other things, allowing configuration change
commands when sent in a suitable PGP/GPG signed message.
Under PGP I used to just place a public key on the keyring and off it
would go .. but with GPG I get an error implying that the key I imported
with gpg --import <keyfile> is not trusted because I haven't signed it ..
too right I haven't .. as presumably generating key pairs on the remote
machine is a no-no as its not secure, and I hardly want to place a copy
of my secret key on the insecure machine .. so how do I tell GPG not to
worry about if its signed or not, just to simply check if its on the
keyring and get on with it?
or can I sign the key with gpg on another machine and do it that way? ..
or am I missing somehting obvious ??
on the plus side: at least GPG compiled under Redhat 7.0 which is more
than PGP 6.5.8 would!! ;)
many thanks
--
Robin Szemeti
The box said "requires windows 95 or better"
So I installed Linux!