Sign key with externalized master key
Xavier Maillard
xavier at maillard.im
Wed Feb 11 06:41:18 CET 2015
Hello,
May I ask how one would sign public keys when a "master key" is
stored onto an USB stick ?
I followed instructions from [1]. Now I am in the process of
announcing my key transition to all old signers *but*, as a last
test, I just tested public signature with my "master key" and this is
where troubles occur:
LANG=C gpg --home /Volumes/FSF/.gnupg --recv-keys <A KEYID>
gpg: WARNING: unsafe permissions on homedir `/Volumes/FSF/.gnupg'
gpg: external program calls are disabled due to unsafe options file permissions
gpg: keyserver communications error: General error
gpg: keyserver receive failed: General error
So what ? My USB stick is formated using extFat so permissions are
something unknown.
Do you have any way to workaround that ? Or better, USB stick storage
best practice ? My environment is very hetereogenous but I may only
sign from my OS X machine so there can be a better choice than extFat
I presume.
I did something odd as a very short temporary workaround:
umask 077; mkdir /tmp/_gpg-to-sign
gpg --home /tmp/_gnupg-to-sign --import
/Volumes/FSF/2015-02-09/{public+private}.gpg
then did my keysigning.
Thank you very much.
Footnotes:
[1] https://alexcabal.com/creating-the-perfect-gpg-keypair/
--
Sent with my mu4e
More information about the Gnupg-users
mailing list