What's the proper way to make a key trusted?

LW yukiko@userdefined.net
Tue May 21 03:24:01 2002


> What's the correct command to "trust" a key fully?

> I tried various combinations of=20
> gpg --trusted-key  56791C97
> gpg --trusted-key pat@cedarcreeksoftware.com
> gpg --trusted-key 0x56791C97

> But apparently that's not how you use that because they all gave errors.

I had a little trouble with the 'trusted-key' command, too.
Here's the way I got it to work (There might be an easier way I
haven't found yet.) -

For a key with the ID "spoo", you would type:

gpg --list-keys --with-colons spoo

This will give you the 8 byte key ID (which is actually 16 hex
characters) among other things.  It will look something like this:

pub:q:1024:17:907CA66E6575F621:2002-05-16::64:-:GD LLC (spoo)
<info@somewhere.
.com>::scESC:
sub:q:1024:16:1A957355BCF12D77:2002-05-16::64::::e:

In this case "907CA66E6575F621" is the long key ID you need.

--trusted-key wants to decrypt by default (and won't permanently
change the trust value) on it's own.
So, to make this key trusted all the time, type:

gpg -e -r spoo --trusted-key 907CA66E6575F621 sample.txt

'sample.txt' can be any old file.  It doesn't matter what it encrypts
as long as it encrypts something AND the recipient ID matches
the trusted-key ID.

If you use --edit-key spoo, you'll see that the key is ultimately
trusted now.

HTH,
Laila (still a newbie)
using gpg 1.0.6 on Win98