commands for gpg keychain access
richardstoddard at mac.com
Mon Apr 16 12:10:19 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Thanks. I think I understand it all, and will tackle it this evening.
The problem I had when generating the key is that even though I
checked 4096 as the size, only the subkey is 4096. I didn't have an
option for the primary key.
On Apr 16, 2007, at 12:49 AM, Charly Avital wrote:
> Stoddard Richard wrote the following on 4/16/07 3:43 AM:
>> Thanks for the help. Another question, however. I would have liked to
>> have not used SHA1 hash, but that was the only option I saw when
>> creating my key. Will I be able to change the hash on this key or
>> will I need to create a new one? Folks on this list helped me through
>> this when I was on Windows, and now I need help with the Apple. (BTW
>> - no regrets having switched.)
>> Thanks again,
> Welcome to the Mac!
> Your key:
> pub 1024D/9D157C31 created: 2007-04-15 expires: never
> usage: SCA
> trust: unknown validity: unknown
> sub 4096g/3A4E1AB7 created: 2007-04-15 expires: never
> usage: E
> [ unknown] (1). Richard Stoddard <richardstoddard at mac.com>
> shows that the primary key, the one you use for signing, is 1024 bits,
> and as far as I can remember, one needs at least 2048 bits.
> But the good news (I think) is that it is a DSA key, and if you are
> running gpg 1.4.*, you could enable the following two options in your
> gpg.conf file:
> digest-algo SHA256 (if you want to use SHA256)
> For this, you have to edit the contents of your gpg.conf file.
> I understand you are using GPG Keychain Access. Open its
> that are also accessible from the Apple Menu/System Preferences/
> GnuPG icon.
> Click the + round button at the bottom of the GnuPG window, and add:
> enable-dsa2, hit Return.
> Click again the same button, and add, in two fields:
> digest-algo and to the value field (at the right of the previous
> field: SHA256.
> Hit Return
> You can also, in that same GnuPG (System Preferences) window, go to
> 'Expert', hit the 'Reveal in Finder' button, that will make visible
> graphically accessible the contents of /.gnupg (the gpg home
> Click the gpg.conf file, open it with a text editor (you have TextEdit
> in your operating system) and add the two separate lines:
> digest-algo SHA256
> By the way, you will see in the contents of that gpg.conf many lines
> that are preceded by #, which means that whatever follows # is not
> enabled, only "commented".
> Hope this is not too confusing...
> Your signature verifies fine.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
-----END PGP SIGNATURE-----
More information about the Gnupg-users