What's the proper way to make a key trusted?
LW
yukiko@userdefined.net
Tue May 21 03:24:01 2002
> What's the correct command to "trust" a key fully?
> I tried various combinations of=20
> gpg --trusted-key 56791C97
> gpg --trusted-key pat@cedarcreeksoftware.com
> gpg --trusted-key 0x56791C97
> But apparently that's not how you use that because they all gave errors.
I had a little trouble with the 'trusted-key' command, too.
Here's the way I got it to work (There might be an easier way I
haven't found yet.) -
For a key with the ID "spoo", you would type:
gpg --list-keys --with-colons spoo
This will give you the 8 byte key ID (which is actually 16 hex
characters) among other things. It will look something like this:
pub:q:1024:17:907CA66E6575F621:2002-05-16::64:-:GD LLC (spoo)
<info@somewhere.
.com>::scESC:
sub:q:1024:16:1A957355BCF12D77:2002-05-16::64::::e:
In this case "907CA66E6575F621" is the long key ID you need.
--trusted-key wants to decrypt by default (and won't permanently
change the trust value) on it's own.
So, to make this key trusted all the time, type:
gpg -e -r spoo --trusted-key 907CA66E6575F621 sample.txt
'sample.txt' can be any old file. It doesn't matter what it encrypts
as long as it encrypts something AND the recipient ID matches
the trusted-key ID.
If you use --edit-key spoo, you'll see that the key is ultimately
trusted now.
HTH,
Laila (still a newbie)
using gpg 1.0.6 on Win98