Disaster Key Recovery - Unix
Henry Hertz Hobbit
hhhobbit at securemecca.net
Sat Oct 14 23:21:41 CEST 2006
On Sat, 2006-10-14 at 03:21 -0600, hhhobbit at securemecca.net wrote:
<SNIP>
> [8] IMPORT somebody ELSE'S key and sign it; Werner's signing
<snip>
> Command> # SIGN TO THE LEVEL YOU KNOW THIS KEY IS REALLY HIS
> # beats me if it really is his key - others seem to think it
> # is and it verifies GnuPg as valid.
GnuPG - sorry.
> Command> save
> $ gpg --list-secret-keys
> $ gpg --list-keys
>
> If everything looks okay after step 8, then import somebody's
> key that you regularly send encrypted and or signed email to.
> Then do the usual tests of both of you sending:
>
> a. Signed email
> b. Encrypted email
> c. Signed & encrypted email
>
> If all of them work fine both ways, then you are probably okay.
> NOW DO STEP 2 AGAIN AND STORE IT IN A SAFE PLACE. DO IT OFTEN!
> BACK UP, BACK UP, BACK UP, BACK UP, BACK UP, BACK UP, BACK UP!
I should add that if the person on the other end is using the
Evolution MUA and you are using Thunderbird or some other MUA that
has both PGP-Inline and PGP/MIME to make sure you that you select
PGP/MIME. Evolution does not understand PGP-Inline, and Outlook
and Outlook Express with WinPT don't understand PGP/MIME:
http://privacy.movingsucks.org/
Johannes Schmid's <johannes.schmid at gmx.de> keys have been resurrected.
Sorry about not remembering that tidbit about Evolution Johannes. Your
keys are fine. You could probably have done it without creating the
bogus signing key but that is just one extra thing to make sure all is
well. Case closed.
Ciao
HHH
More information about the Gnupg-users
mailing list