verify after export/import of secret key

Adrian 'Dagurashibanipal' von Bidder avbidder at fortytwo.ch
Fri Oct 17 19:06:38 CEST 2003


On Friday 17 October 2003 16:10, Andreas Korn wrote:
> Hi,
> when I generate a key pair, import the public key of a friend, sign his
> public key and verify a signed mail of him this works fine.
> But when I export my public and secret keys (gpg --export / gpg
> --export-secret-keys), empty the keyrings (rm ~/.gnupg/*), import them
> again (gpg --import) and then do the same a before (import pub-key of
> friend, sign it, verify mail) the verification fails. gpg always tells
> me that it is a good signature but untrusted:
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.

You need to tell gpg that your own key is trusted. Do

 $ gpg --edit <yourkey>
 ... 
 Command> trust

and chose ultimate (5) trust.

cheers
-- vbi


-- 
MuMlutlitithtrhreeaadededd s siigngnatatuurere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 331 bytes
Desc: signature
Url : /pipermail/attachments/20031017/45698a17/attachment.bin


More information about the Gnupg-users mailing list