What follows is a much easier method for those of you who sent off SHA-1 signatures, and want to 'fire and forget' an update with the stronger SHA-2 hash signatures: 1. Do this first: > To be sure you send the right SHA-2 capable hash signatures, or to fix > the fact that you sent SHA-1 signatures you just need to set the > following in your ~/.caff/gnupghome/gpg.conf: > > cat >> ~/.caff/gnupghome/gpg.conf > cert-digest-algo SHA512 > personal-digest-preferences SHA512 > EOF 2. Now change directory into the dated caff directory which corresponds to the day you sent off your signatures: cd ~/.caff/keys/<some date here> 3. Do the following for loop: $ for keyid in `ls | cut -d. -f1 | sort | uniq` do GNUPGHOME=~/.caff/gnupghome gpg --export-options export-minimal --export $keyid > /tmp/$keyid.key GNUPGHOME=~/.caff/gnupghome gpg --delete-key $keyid GNUPGHOME=~/.caff/gnupghome gpg --import < /tmp/$keyid.key caff --no-download $keyid done 4. profit! I'm pretty sure this will do as you need. Be sure to set your .caff/gnupgphome/gpg.conf configurations first!
Attachment:
signature.asc
Description: Digital signature