How to use a keyserver
Charly Avital
shavital@netbox.com
Wed Jan 15 15:11:02 2003
At 1:09 PM +0100 1/15/03, Per Tunedal wrote:
>1) entering
>- --keyserver http://keyserver.kjsl.com:80
>in the gpg.conf-file
Try:
keyserver x-hkp://keyserver.kjsl.com
>and then in a command window:
>
>gpg --recv-keys <ingo.kloecker@epost.de>
Try
gpg --recv-keys [key ID]
or
gpg --search-keys Ingo Kloecker
>GPG said I hadn't specified any keyserver ...
Probably you hadn't specified any keyserver, because if you really typed:
--keyserver [whatever], the two dashes at the beginning of the line make that entry invalid.
If you didn't type the two dashes, and started correctly the line with:
keyserver , then http://...etc... is not, in my opinion, the correct syntax.
It should be, as pointed out before: x-hkp://...etc...
>2) I tried:
>gpg --keyserver http://keyserver.kjsl.com:80
>
>GPG replied "Please enter your message:"
>
>and then I entered:
>
>- --recv-keys <ingo.kloecker@epost.de>
>
>Nothing happened.
Nothing should happen.
I think that after the prompt "Please enter your message", or "gpg: Go ahead and type your message ..." you are supposed to enter the text of a message
I use that method to copy/paste an encrypted message, in order to find out what keys were used to encrypt it.
>3) Then I tried:
>
>- --recv-keys F661F608
What happened?
If you had set a keyserver as an option in the gpg.conf file, or typed:
gpg --keyserver [keyserver's name + correct syntax], then the --recv-keys option followed by the argument F661F608 (key ID) you should have obtained a valid output (see further)
>I am using WindowsXP.
I am using Mac OS X, but I believe the platform is not an issue.
To sum up, I think that:
- if you want to set any server as your default server, you should enter its name, using the correct syntax, in a unmarked line in your gpg.conf file, and, for good luck, hit [return] at the end of the server's name, to create an empty line after the line containing the servers's name. e.g.
keyserver x-hkp://keyserver.kjsl.com
- if you want to use, on a one-time basis, a certain server, you should type
gpg --keyserver [keyserver's name/correct syntax] --search-keys [name], or
--recv-keys [key ID].
Actual example:
==================================================
[---------]% gpg --keyserver x-hkp://keyserver.kjsl.com --search-keys Ingo Kloecker
gpg: searching for "Ingo Kloecker" from HKP server keyserver.kjsl.com
Keys 1-2 of 2 for "Ingo Kloecker"
(1) Ingo Kl\xf6\x63ker <Kloecker@ESIK.de>
1024 bit DSA key F661F608, created 2002-01-24
(2) Ingo Kloecker <ingo@matha.rwth-aachen.de>
1024 bit RSA key AC0EB35D, created 1997-03-12
Enter number(s), N)ext, or Q)uit >
==================================================
Please note that "Kl\xf6\x63ker" is, I think, the server's rendition of:
Kl[o+umlaut]cker.
I hope this helps.
Charly
>Per Tunedal
[...]
>-----BEGIN GPG OUTPUT-----
>gpg: Signature made Wed Jan 15 14:09:27 2003 IST using DSA key ID 7905AAA9
>gpg: Good signature from "RADVIS <pt@radvis.nu>"
>gpg: aka "Info RADVIS Tjanstekvalitet <info@radvis.nu>"
>gpg: aka "Jobb RADVIS Tjanstekvalitet <jobb@radvis.nu>"
>gpg: please do a --check-trustdb
>gpg: WARNING: This key is not certified with a trusted signature!
>gpg: There is no indication that the signature belongs to the owner.
>Primary key fingerprint: 09D5 1EA1 8056 0D6C 1684 4D22 57E5 A315 7905 AAA9
>-----END GPG OUTPUT-----