Expire of elgamal sub

Faramir faramir.cl at gmail.com
Wed Jan 7 02:46:44 CET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Patrick,

> A much more time later I saw, that my elgamal still has got an
> expiration date and I can not find anything how I could change it.

 gpg -edit--key 7A5A6CC7 (press enter)
 key 1 (press enter -this will select the subkey to edit)
 expire (press enter -this will tell gpg you want to modify the
expiration date)
and then, select the new expiration time. 0 means it will never expire,
(n)w means it will expire in n weeks... gpg will show you the available
options.
 Once everything is ok, use the 'save' command to save the changes, and
all you need to do after that, is to send your public key to your
friends (or to upload it again to keyservers) in order to let them know
your subkey is not going to expire.


> Then I added a new elgamal, the 2048g/610BB46C one.
> Is this right so? Can I edit the expire of the elgamal? What would

  Well, you can always add more subkeys... but *never* delete them, even
if they expire or are revoked... if you delete an encrypting subkey, you
will be unable to decrypt anything encrypted to that subkey...

> happen *now* if the elgamal 2048g/D6395C9A has been expired?

  If that elgamal subkey expires, people (including you) will be unable
to use it to encrypt messages. But since you already have another
elgamal subkey with encryption capability, *I think* you would not
notice anything strange (unless your friends don't have the updated
public key containing the new subkey... if they don't have it, they
won't be able to send you encrypted things). Anyway, old messages
encrypted to the expired subkey can still be decrypted, as long as you
don't delete the expired subkey.

> Please CC my while I am not subscribed and thanks. :-)

  Done... but maybe you would like to subscribe... I think the list
always carries interesting stuff.

  Now, I will paste an example about how to edit the expiration date of
your subkey. Unfortunately, the language is Spanish, but I think that
won't be a big problem, since it's very few text... My comments go
behind '//' signs:
//this is a comment, not a command

Orden> gpg -edit--key 88EB95D7 //Orden = Command
pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
                       confianza: absoluta      validez: absoluta
sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
sub  2048g/0x53AD1366  creado: 2009-01-07  caduca: 2009-01-14  uso: E
[  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>
//since the subkey I need to edit is the second one displayed,
//I need to select the subkey number 2. I think you will need to select
//your subkey number 1

Orden> key 2  //this will select it

pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
                       confianza: absoluta      validez: absoluta
sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
sub* 2048g/0x53AD1366  creado: 2009-01-07  caduca: 2009-01-14  uso: E
[  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>
//please note the '*' sign near the selected subkey. If you select the
//wrong one, repeat the command to deselect it, and then select the
//right one

Orden> expire
Cambiando fecha de caducidad de subclave.
Por favor, especifique el período de validez de la clave.
         0 = la clave nunca caduca
      <n>  = la clave caduca en n días
      <n>w = la clave caduca en n semanas
      <n>m = la clave caduca en n meses
      <n>y = la clave caduca en n años
¿Validez de la clave (0)? 0
//here I had to enter how much time I want to give it before
//it expires. I entered 0 to set it to never expire
La clave nunca caduca
¿Es correcto? (s/n) s

//gpg ask me if it is right to never expire it. I told it it was right

Necesita una frase contraseña para desbloquear la clave secreta
del usuario: "Tester3 (for test purposes) <test at aaaaa.aaa>"
clave $s de $u bits, ID $s, creada el $s

pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
                       confianza: absoluta      validez: absoluta
sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
sub* 2048g/0x53AD1366  creado: 2009-01-07  caduca: nunca       uso: E
[  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>

//gpg request the passphrasse in order to be able to make the changes

Orden> save
//I gave the 'save' command to save the changes, and that's all

Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJZAmEAAoJEMV4f6PvczxARVAH+gJZ/YK7Az2z82SRst2e241W
xwgX7MCUe8I/DxIT81E8MC+C01Uqd9ZhVtH27AIcuxAhNEruGpLfirkP4VKYDf2c
voYyMx3qwVGkAucMbc+NIZeZAKogsF3nCjmz2sUeRQldL6c12eUti3M9wkm8KMLC
4Atl7nA4tF866dHkFjWsj6VZeAV2P4S+pENfUYi3HohILuHb28P+f2uXXA/edVYX
M//Hd/S5zstIPKLvjLbN2C0f5VWFqTf9KBpitmbOpZbGO8VV8oV9yBbVVhTsxcl7
5aRSkfTuLqzB37hygZxZABXIlkhvJ7vd4xQlbTAWdqQj+0iEsnuUBWOVqpP572w=
=yaNK
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list