[sclug] Key signing

[Chris Aitken]

> As indicated last month, it's probably worthwhile making key signing
> part of the monthly meeting. If you want to take part then bring a copy
> (or copies) of your key fingerprint and some (Government issued)
> photographic ID, e.g. driving licence or passport.
> 
> Here's a summary of the procedure if you're unfamiliar with it.
> 
> 1. If you don't have one already, create a key ('gpg --gen-key'). Opt
> for a DSA and ElGamal key and pick a strong passphrase. I'd recommend
> creating a 2048 bit key, although the default is 1024.
> 
> 2. Upload the public key to a key server. This can be done by putting
> 'keyserver wwwkeys.uk.pgp.net' in the ~/.gnupg/options file and running
> 'gpg --send-keys <keyid>', where the key ID is the eight digit hex.
> number (mine is 7D6AA912, for example).
> 
> 3. Bring a copy of the key fingerprint with you for verification.
> There's a script[1] which prints out a page full for cutting up and
> handing out during key signing sessions.
> 
> 4. We'll tell you the rest. :-) Alternatively, read the comprehensive
> (if somewhat paranoid) HOWTO[2]. The man page for gnupg is also
> worthwhile browsing through.
> 
> S.

Hyothetically, If i was stupid enough to make a key as root, instead of my normal user, is there anyway I can import all the details, and take over the identity (assuming I had the correct keyphrase)?

Cheers

Chris


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.