Expire of elgamal sub

Patrick Matthäi patrick.matthaei at web.de
Sat Jan 10 22:05:06 CET 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Faramir schrieb:
> Hello Patrick,
> 
>> A much more time later I saw, that my elgamal still has got an
>> expiration date and I can not find anything how I could change it.
> 
>  gpg -edit--key 7A5A6CC7 (press enter)
>  key 1 (press enter -this will select the subkey to edit)
>  expire (press enter -this will tell gpg you want to modify the
> expiration date)
> and then, select the new expiration time. 0 means it will never expire,
> (n)w means it will expire in n weeks... gpg will show you the available
> options.
>  Once everything is ok, use the 'save' command to save the changes, and
> all you need to do after that, is to send your public key to your
> friends (or to upload it again to keyservers) in order to let them know
> your subkey is not going to expire.

Hm the key 1 one was the right thing I searched weeks for!
I just thought I could select keys etc with 1,2,3 etc, with key I also
could select my elgamal :)


>> Then I added a new elgamal, the 2048g/610BB46C one.
>> Is this right so? Can I edit the expire of the elgamal? What would
> 
>   Well, you can always add more subkeys... but *never* delete them, even
> if they expire or are revoked... if you delete an encrypting subkey, you
> will be unable to decrypt anything encrypted to that subkey...
> 
>> happen *now* if the elgamal 2048g/D6395C9A has been expired?
> 
>   If that elgamal subkey expires, people (including you) will be unable
> to use it to encrypt messages. But since you already have another
> elgamal subkey with encryption capability, *I think* you would not
> notice anything strange (unless your friends don't have the updated
> public key containing the new subkey... if they don't have it, they
> won't be able to send you encrypted things). Anyway, old messages
> encrypted to the expired subkey can still be decrypted, as long as you
> don't delete the expired subkey.
> 
>> Please CC my while I am not subscribed and thanks. :-)
> 
>   Done... but maybe you would like to subscribe... I think the list
> always carries interesting stuff.
> 
>   Now, I will paste an example about how to edit the expiration date of
> your subkey. Unfortunately, the language is Spanish, but I think that
> won't be a big problem, since it's very few text... My comments go
> behind '//' signs:
> //this is a comment, not a command
> 
> Orden> gpg -edit--key 88EB95D7 //Orden = Command
> pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
>                        confianza: absoluta      validez: absoluta
> sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
> sub  2048g/0x53AD1366  creado: 2009-01-07  caduca: 2009-01-14  uso: E
> [  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>
> //since the subkey I need to edit is the second one displayed,
> //I need to select the subkey number 2. I think you will need to select
> //your subkey number 1
> 
> Orden> key 2  //this will select it
> 
> pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
>                        confianza: absoluta      validez: absoluta
> sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
> sub* 2048g/0x53AD1366  creado: 2009-01-07  caduca: 2009-01-14  uso: E
> [  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>
> //please note the '*' sign near the selected subkey. If you select the
> //wrong one, repeat the command to deselect it, and then select the
> //right one
> 
> Orden> expire
> Cambiando fecha de caducidad de subclave.
> Por favor, especifique el período de validez de la clave.
>          0 = la clave nunca caduca
>       <n>  = la clave caduca en n días
>       <n>w = la clave caduca en n semanas
>       <n>m = la clave caduca en n meses
>       <n>y = la clave caduca en n años
> ¿Validez de la clave (0)? 0
> //here I had to enter how much time I want to give it before
> //it expires. I entered 0 to set it to never expire
> La clave nunca caduca
> ¿Es correcto? (s/n) s
> 
> //gpg ask me if it is right to never expire it. I told it it was right
> 
> Necesita una frase contraseña para desbloquear la clave secreta
> del usuario: "Tester3 (for test purposes) <test at aaaaa.aaa>"
> clave $s de $u bits, ID $s, creada el $s
> 
> pub  1024D/0x88EB95D7  creado: 2009-01-07  caduca: nunca       uso: SCA
>                        confianza: absoluta      validez: absoluta
> sub  2048g/0xDEF0DD90  creado: 2009-01-07  caduca: nunca       uso: E
> sub* 2048g/0x53AD1366  creado: 2009-01-07  caduca: nunca       uso: E
> [  absoluta ] (1). Tester3 (for test purposes) <test at aaaaa.aaa>
> 
> //gpg request the passphrasse in order to be able to make the changes
> 
> Orden> save
> //I gave the 'save' command to save the changes, and that's all
> 
> Best Regards

Okay now I understand it with the "key" cmd. Much thanks also for your
complete howto! :-)

- --
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi

E-Mail: patrick.matthaei at web.de

Comment:
Always if we think we are right,
we were maybe wrong.
*/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklpDYIACgkQ2XA5inpabMeVuwCcDQeLZUSbSdoF1L/uyKTtWHXj
dmwAn0unPEjXwRFySQ+95sZg1nYbqzp1
=dWF1
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list