Sign key with externalized master key

Xavier Maillard xavier at
Wed Feb 11 06:41:18 CET 2015


May I ask how one would sign public keys when a "master key" is
stored onto an USB stick ?

I followed instructions from [1]. Now I am in the process of
announcing my key transition to all old signers *but*, as a last
test, I just tested public signature with my "master key" and this is
where troubles occur:

LANG=C gpg --home /Volumes/FSF/.gnupg --recv-keys <A KEYID>
gpg: WARNING: unsafe permissions on homedir `/Volumes/FSF/.gnupg'
gpg: external program calls are disabled due to unsafe options file permissions
gpg: keyserver communications error: General error
gpg: keyserver receive failed: General error

So what ? My USB stick is formated using extFat so permissions are
something unknown.

Do you have any way to workaround that ? Or better, USB stick storage
best practice ? My environment is very hetereogenous but I may only
sign from my OS X machine so there can be a better choice than extFat
I presume.

I did something odd as a very short temporary workaround:

umask 077; mkdir /tmp/_gpg-to-sign
gpg --home /tmp/_gnupg-to-sign --import

then did my keysigning.

Thank you very much.


Sent with my mu4e

More information about the Gnupg-users mailing list