Newbie question regarding trust

Robin Szemeti robin@rszemeti.demon.co.uk
Mon Mar 19 22:00:20 2001


Hi :)

OK I have a fairly simple and probably dumb question I didn;t seem to be
able to answer from the FAQ or the docs ...

I am trying to use GPG to replace an existing PGP install on my server.
It is used for, amongst other things, allowing configuration change
commands when sent in a suitable PGP/GPG signed message.

Under PGP I used to just place a public key on the keyring and off it
would go .. but with GPG I get an error implying that the key I imported
with gpg --import <keyfile> is not trusted because I haven't signed it ..
too right I haven't .. as  presumably generating key pairs on the remote
machine is a no-no as its not secure, and I hardly want to place a copy
of my secret key on the insecure machine .. so how do I tell GPG not to
worry about if its signed or not, just to simply check if its on the
keyring and get on with it?

or can I sign the key with gpg on another machine and do it that way? ..
or am I missing somehting obvious ??

on the plus side: at least GPG compiled under Redhat 7.0 which is more
than PGP 6.5.8 would!! ;)

many thanks 

-- 
Robin Szemeti

The box said "requires windows 95 or better"
So I installed Linux!