Key import - time warp or clock problem

David Shaw dshaw@jabberwocky.com
Tue Sep 2 14:38:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Sep 01, 2003 at 07:04:33PM -0400, osxvoodoo wrote:
> After badgering one of my cohorts for over a year, I finally managed to 
> get him to start using GPG - Mac OS X. I spent the better part of the 
> day today getting everything together for him - so he would have an 
> easy time installing GPG. He is quite the newbie and gives up VERY 
> easy... so all it would take would be one "type this in the terminal" 
> and he would give up on the whole process. Just the facts - I have no 
> control. He is in a remote location so I can't help him locally.
> 
> Anyway - I created a nice little shell script to get him up and 
> running, help him generate his key, send it to the keyserver, then 
> retrieve my key from the server. All went well with the script (I 
> tested it several times and have over 10+ years of PGP/GPG experience). 
> So I go and retrieve his key from the keyserver, and first of all it 
> won't import. I keep getting this error:
> 
> key XXXXXXX has been created 4133 seconds in future (time warp or clock 
> problem)
> 
> After messing with it a bit I managed to get it imported. Then I 
> started looking at the key and noticed he has no subkey. This is what I 
> get if I do a --list-keys
> 
> gpg: key XXXXXXXX has been created 4133 seconds in future (time warp or 
> clock problem)
> pub  1024D/XXXXXXXX 2003-09-01 Mr. Name <mrname@isp.com>
> 
> Thats it - no subkey listed!
> 
> So what now... how do I get him out of this mess with the least amount 
> of trouble on his end?
> What needs to be done to his key?

Two problems:

1) His clock is a little over an hour fast... or your clock is a
   little over an hour slow.  It's not much of a problem
   since the warning message should go away after an hour when the
   clocks catch up with each other, but he (or you) should fix the
   clocks anyway.

2) He needs an encryption subkey, so he needs to do:
   gpg --edit mrname@isp.com
   addkey
   (type passphrase)
   3
   (pick a size.  The default is reasonable).
   (pick an expiration date.  The default is reasonable).
   y
   y
   quit
   y

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.3-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iHEEARECADEFAj9Uj28qGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJiYIAn3p1akBGv2q3QB8VF7w0yikuFo/rAJ9O
x0qrowuWJiDDFhddb3XYmuWJRA==
=9HSC
-----END PGP SIGNATURE-----