Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My company makes extensive use of gpg, and we are constantly getting keys from our customers. We're looking to automatically import those keys (or at least pseudo-automatically), and grant a minimal trust level. I've done some reading on this, and found a couple different pages that have suggestions, but none seem to work. Most give me this:
Code:
gpg --edit-key ########
trust
1 -- or other numeric value corresponding to trust level
save
This is all well and good, but doesn't quite meet our needs. We'd like to script the process if we could. We've got everything automated up to the trust. Is there a way to grant a level of trust that can be executed from outside the gpg application so it can be scripted?
Last edited by mstone0802; 04-25-2011 at 06:08 PM.
Reason: Removed redundant exit code from the -- well -- code.
1. Create directory which will contain all gpg keys.
2. If they start with a particular name or end with particular extension you can go with gpg --import abc.* or *.abc and this will get the key imported to your system.
3. Schedule a crontab job to run this task every midnight.
Thank you for the reply, but that's the part that we've already got automated. Our problem is that once the keys are imported, they have a trust level of 1 (which is default). If you look at them in gpg, the trust level will report as "Unknown". We'd like to give them a trust level of 3 (marginal), but to do that, we have to follow the steps I previously mentioned. We're looking to upgrade that trust level within the script that does the initial import.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.