[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: switching from PGP to GNUPG -- HOWTO?

On Tue, Sep 14, 1999 at 10:45:57AM -0500, othman@cs.wustl.edu wrote:
> I'm sure this has been asked before but after a quick run through the
> subjects I wasn't able to find anything in the list archives regarding
> this issue.  Sorry if this is a FAQ.

It is, yes..  =>

> Can someone please let me know the best way to switch from PGP to
> GNUPG?  I'd like to start signing my Debian packages with GNUPG.  Also,
> am I going to have to go through the "proof of identity" process again,
> or can I use my existing PGP key (which is on the Debian keyring) to
> prove my identity?

Create a GnuPG key with any format gpg will support, DSA and ElGammal is
the default and is compatible with pgp5 so it's probably a good idea.

Install gpg-rsaref.

Add load-extension rsaref, secret-keyring ~/.pgp/secring.pgp, and keyring
~/.pgp/pubring.pgp to your ~/.gnupg/options file.

You can now specify on the cmdline which key to use.  If ~/.pgp disappears
dpkg-buildpackage will use gpg automatically.  If not, you will need to
specify -sgpg and (as of the last version I looked at because of when the
default is set) -pgpg.  Because you've got two keys with the same email
address, you should use -k0x<keyid> with dpkg-buildpackage too.

DSA/ElGammal keys have two keyids, though I only list the encrypt keyid in
my .sig below (this probably should be changed actually) so to answer
which you use with dpkg-buildpackage you use the DSA keyid.  For
encrypting you woud specify the ElGammal keyid.  I have no idea how to
make BOTH default depending on whether signing or encrypting is happening.
If you figure it out before I do, PLEASE TELL ME!  =>

Joseph Carter <knghtbrd@debian.org>             Debian GNU/Linux developer
GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC  44F9 8FF7 D7A3 DCF9 DAB3
PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77  8E E2 29 96 C9 44 5F BE
<Oryn> anyone know if there is a version of dpkg for redhat?

Attachment: pgp6ExL7oWpq4.pgp
Description: PGP signature

Reply to: