group options

DBSMITH at OhioHealth.com DBSMITH at OhioHealth.com
Thu Mar 3 19:43:38 CET 2005


> I use PGP to encrypt data for sending to various end users by
> encrypting files using their public key they have provided.  To make
> it possible for me to associate their key with a meaningful user_id
> , I use the PGP --group-add option to create a group name containing
> a meaninful user_id and then add their public key to the group.
> Now, I can call --encrypt with the meaningful user_id, instad of
> having to use the actual key id.  I'm looking for a similar "alias"
> functionality in GPG but I can't find anything that works quite like
> that.  The adduid command requires that I have the private key also
> that goes with the public key I want to associate with a meaningful
> user_id.
>
> Does anyone know of a solution that is part of the GPG
> functionality?

Yes, there is a --group command.  Stick in your gpg.conf file:

group name_you_want_to_use = keyid1 keyid2 keyid3 keyid4

David



I tried this and the error I am getting is:

gpg: no = sign found in group definition "HlthStream"


my conf file is

group HlthStream = keyid1 keyid2
no-tty
no-secmem-warning
no-mdc-warning

Any ideas?

thank you,

Derek B. Smith
OhioHealth IT
UNIX / TSM / EDM Teams
614-566-4145



                                                                           
             Neil Williams                                                 
             <linux at codehelp.c                                             
             o.uk>                                                      To 
             Sent by:                  "GnuPG Users"                       
             gnupg-users-bounc         <gnupg-users at gnupg.org>             
             es at gnupg.org                                               cc 
                                                                           
                                                                   Subject 
             10/13/2003 02:35          Re: non root users                  
             PM                                                            
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




On Monday 13 Oct 2003 6:45 pm, DBSMITH at OhioHealth.com wrote:
> All,
>
> I am running version 1.2.1 and I want to allow non-root users to be able
> to list the keys and encrypt for support issues.   In my options file I
> have stated
> - -no-secmem-warning,  but as a test user I still receive that messages
> about the memory.
> When I run gpg --list-keys as a test user I get nothing back...???   I

Missed the --homedir option? gpg will create an empty .gnupg/ directory in
the
home directory of that test user. As the test user, do:
$ cd ~
$ ls -a

Probably an easier way is to import the keyring into the .gnupg folder,
that'll allow you to set options in the conf file (which is also reset per
user). The warning about secmem should be solvable - I'm sure others here
will help with that but you would be best providing more information on
exactly how you have used chmod.

If the keyring is < 500 keys, it's not a problem to have duplicate keyrings
-
one for each user. You can either add the --refresh-keys to the lexicon
used
by ordinary users or leave the keyrings alone if the keys don't change
often.

It's not usual for everyone to need the same keys, that's why GnuPG runs
with
a lot of configuration and all keyrings dictated by that user alone.
There's
not much for root to do, once installation is complete.

--

Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/

http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
(See attached file: att7ouei.dat)
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: att7ouei.dat
Type: application/octet-stream
Size: 196 bytes
Desc: not available
Url : /pipermail/attachments/20050303/b48afaa3/att7ouei.obj


More information about the Gnupg-users mailing list