Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It is not certain that the key belongs to the person named in the user id. If you really know what you are doing, you may answer the next question with yes
Use this key anyway? (y/N)
My question is there a way to skip this prompt and/or have it automatically enter y?
if it matters i am running linux debian 4.9.168...
Are you encrypting files to keep yourself or are you emailing them to someone? I only encrypted files to keep for myself so I can't speak as to how to use gpg with email.
I've never done this but is the public key imported into your configuration so gpg knows it exists? Guessing "MyReciever" is an alias or just placeholder for the recipient's email address so you don't post it publicly here?
Sorry for the vague answers but as I mentioned, I have never used gpg to send an encrypted file. I am quite familiar with PKI though, just not that implementation.
as a side note the entire encryption process works fine. i can encrypt a message without issue. i am trying to do it in a script which is why i am trying to avoid the
It is not certain that the key belongs to the person named in the user id. If you really know what you are doing, you may answer the next question with yes
Use this key anyway? (y/N)
The message indicates that in the web of trust no connection can be made between you and the selected key and that confidence in the authenticity of that key has not yet been established.
This is what key-signing is about.
What you do normally in this case is a
Code:
:~$ gpg -kv [userid or key-id]
to see the details of the key. Then you either phone up the holder of the key or (better) visit her/him at home to compare these data with those that she/he can establish for her/his own key. This way the identity of the user's key with the one that you have is established.
Next, you sign the key with your own to certify the validity of the key. You created a new connection in the web of trust and GnuPG will no longer ask for confirmations. Even other people, who trust *your* key already, can now trust the other user's key.
See also: Key-signing party.
See also: TOFU
See also: Self-signing a key
thanks for the clarification
is there a way to avoid signing the key and still generating a valid encrypted file?
I am sorry, but I do not understand the question. GnuPG asks “use this key anyway?”, and I bet your English is better than mine.
Quote:
basically, if i didn't care and just wanted to encrypt the file since i have the public key of the receiver?
This is what it is all about. Maybe I have not been clear enough in my previous post. You say, you have the key of the receiver.
If you know that the key is authentic, GnuPG lets you set a trust-level for the key. ALL is in the manuals. The manuals to GnuPG are among the best ever written for any software.
That way you'll be able to automate it into a script without worrying about the prompt, if you don't care about understanding gpg and its whole gpg-web-of-trust thing.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.