[WYLUG-help] GPG in Evolution email

James Holden wylug at jamesholden.net
Sun May 21 17:27:47 BST 2006 

On Sun, May 21, 2006 at 05:18:28PM +0100, Mike Goodman wrote:
> Let's see if I can explain what I did a bit better. Using the example of
> trying to communicate with James Holden because his email address is
> here and we know he has a digital signature because it shows at the
> bottom of each of his WYLUG postings.
> 
> gpg --search-keys james at jamesholden.net
> 
> which gives me a load of gubbins including the email addresses for which
> his key is good plus the public key itself and ending with:
> 
> > created: 2003-10-22
> > Keys 1-1 of 1 for "james at jamesholden.net".  Enter number(s), N)ext, or Q)uit >
> 
> At this point I'm not sure what to do so I type q then enter:
> gpg --import-keys <James Holden's 8 hex digits public key>

Typing '1' would be the best bet! This will import key 1 (of 1) in the
list.

> and get the response:
> 
> > $ gpg --import 8hex
> > gpg: can't open `8hex': No such file or directory
> > gpg: Total number processed: 0

The --import option is to import keys from a file.

If you want my key, grab http://jamesholden.net/publickey.txt and import
that using:

gpg --import publickey.txt

> so then I try responding to Enter number(s), N)ext, or Q)uit > with n,
> which doesn't do anything, so N, ditto, so 1 which gets me to:
> 
> gpg: requesting key <James' key number> from hkp server subkeys.pgp.net
> gpg: key <James' key number>: "James Andrew Holden
> <james at jamesholden.net>" 4 new signatures
> gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
> gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
> gpg: next trustdb check due at 2007-01-14
> gpg: Total number processed: 1
> gpg:         new signatures: 4
> 
> But this has moved me no further forward, so far as I am aware. It
> certainly has not enabled me to send a signed email to James off-list to
> test. The gpg docs tell me:

Yes it has! You've imported the key!

> >         gpg --import [Filename]
> > if the filename is omitted the data will be read from stdin
> 
> What, exactly, in words I can understand, does it mean by filename? I've
> tried typing in James' public key, his name, his email address and just
> get a "no such file" error each time.

As above.

> Finally, I've tried gpg --import with no parameters and it just hangs.
> If it's taken n hour and is still importing keys, I just don't want that
> many! ;)

That'll make it read from standard input instead of a file.

> So, does that little lot help anyone to explain what it is I'm doing
> wrong?

Well, nothing really! You imported my key from the keyserver with the
gpg --search-keys james at jamesholden.net command earlier.

Try this:

$ ls -l / > plaintext.txt
$ gpg --encrypt -r james at jamesholden.net -ao encrypted.txt plaintext.txt

With a bit of luck, 'encrypted.txt' will contain an encrypted list of
your root directory. Chuck it in an email and send it to me, and I'll
tell you if it worked.


James





> 
> On Sat, 2006-05-20 at 20:05 +0100, James Holden wrote:
> > On Sat, May 20, 2006 at 06:13:20PM +0100, Mike Goodman wrote:
> > > I installed GPG some time ago and generated keys and a pass phrase. I
> > > got the relevant success messages after having initial difficulties and
> > > getting help here. However, I hadn't used it apart from a couple of
> > > tries just after I'd installed it to send signed and/or encrypted mail
> > > without success. Here's the gubbins from generating the keys:
> > > 
> > > 
> > > > gpg: /home/xxxx/.gnupg/trustdb.gpg: trustdb created
> > > > gpg: key X0X0XX00 marked as ultimately trusted
> > > > public and secret key created and signed.
> > > > 
> > > > gpg: checking the trustdb
> > > > gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
> > > > gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
> > > > gpg: next trustdb check due at 2007-01-14
> > > > pub   1024D/XXX99XXX 2006-01-14 [expires: 2007-01-14]
> > > >       Key fingerprint = 0000 000X XX00 XX00 0XXX  000X 0X00 0XX0 X0X0 XX00
> > > > uid                  Mike Goodman (Director, Stop Watch Web Limited) <mike.goodman at stopwatchweb.co.uk>
> > > > sub   2048g/0000XX00 2006-01-14 [expires: 2007-01-14]
> > 
> > All looks good!
> > 
> > > This bit could be interesting, but I don't know what to do about it:
> > > 
> > > > gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
> > 
> > Don't worry about that for now.
> > 
> > > When I receive mail from someone using a digital signature, the box at
> > > the bottom of the email says
> > > 
> > > > Valid signature, cannot verify sender
> > 
> > That's normal. What it means is that the signature is valid, but you
> > haven't trusted their key yourself so you've no idea whether it's really
> > who they say they are.
> > 
> > All you need to do to get GPGG working with Evolution is put your key ID
> > in the 'GPG/PGP Key ID' box in evolution.
> > 
> > It's the 8 hex digits after the '1024D/' in the bit you quoted above.
> > 
> > You should also submit your public key to the keyservers, like so:
> > 
> > gpg --send-keys <your_key_id>
> > 
> > 
> > Regards,
> > 
> > 
> > James
> > 
> > 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://list.wylug.org.uk/pipermail/wylug-help/attachments/20060521/062631b6/attachment.bin

More information about the Wylug-help mailing list