LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   GPGP for Linux (https://www.linuxquestions.org/questions/linux-software-2/gpgp-for-linux-473425/)

Gins 08-13-2006 03:26 AM

GPGP for Linux
 
The following is the command to get or rather download a key from a public key server to your public key ring.


gpg --import neukey.asc

In the above the words ' neukey.asc ' stand for the file. I mean the name of the key which you download.
[ This is my understanding. I may be wrong.]
----------------------------------------------------------------------

I looked at a server to get a public key. For example, the following one.

[ pub 1024/4AB2BE38 2005/05/05 Pawe?\x82 Rumian (gorky@jabberpl.org) <prumian@poczta.onet.pl>

Key fingerprint = A9E8 0878 EB08 0A0E 4E21 5A48 CE75 1951 4AB2 BE38 ]

------------------------------------------------------------------------

How can I get the above key and attached to my key ring?


When I double click to download, I got the lot of binary stuff. Please read the following


Public Key Server -- Get ``0x4ab2be38 ''

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.0.10

mQGiBEJ6o/gRBADC2tGliVmBuf5T3dO8Qj1avng76NlPkC9t0erh3pv1s/OwRzkyy/xWHvl9
xM84eFKTAy+uDIeDoXHuYhBgmkN/puS8nPHNoXA10UdgnY5LtqeqT2iZ97IrXJpXBqrthMOW
8OyPK6g/m+f5pFwmPe0HGhEA/NG//NYD1GuyMMybJwCgp9JtkOtklVNWolQssjSQboUOWtUD
/i/syGhe6RtDWc7d8i2ppTr37IsFZlOJp4Oh0gXI1bdTmMGfLe2hIFIoyqdKrZt/hT20RZ/9
A/8e2I4efiS6nZl39A5KSYYjEAdZXLV9eqgjnHjBra/SY8E6wvMhNxqO+RuHVHMgvdFX9uMJ
brHDNZCfiU3Z9WVim5ufBWMqKcDGBACBn5wRB4hMlA31ee384ABqZa60zFwDR4C8G88wNUap
ykwNSmAkgka6mVW1dzy9ipdMqwFYISc/wm9W5S0KkV3bqyrFj8T2YHtCRxumyCxoQV5IQth7
Pl4xjuMzkFOhSNeqkhvNUAuJ4qXFtR2WvNn2pUsll6LAqUWwVZgtYH29ybQ7UGF3ZcWCIFJ1
bWlhbiAoZ29ya3lAamFiYmVycGwub3JnKSA8cHJ1bWlhbkBwb2N6dGEub25ldC5wbD6IXgQT
EQIAHgUCQnqj+AIbAwYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDOdRlRSrK+OJ2xAJ47dNIx
1lBJM2m4aGlpejbJ3eTmGACfX1bonSLjhW2tm0dvFud/S6C2pre5Ag0EQnqj/xAIAKxoHZLg
xYnPmnMlDqA1kngEawq30hC7ktEU43qSoqo9hr4dN9ym1HD07Ne8RaVWcs3EWuNwm6cV4l+Q
JyTe7mjqyG7s5k+vTNv4+/r+8EZ6XBEt+/WCbzwffQd+7D2eM6kOAdpCbUX3Q/3oQUutuVNT
aDLAknPICvlqkAaxhB0ABL4QIvx9xfqlEDpCuAFnCiVc//03L2DPuPMZZrpm+cqAX4oXPCZW
HNkSibBc4LYVOn9B2YM07lo26yBNmvHXL4mFtDJdMLNy9MSwhH74Wwaaz8NmSfbh0v/RksUc
L+kLHpkc7aMDbaT6wgmc9kKI7FnEPqO/eKFbCM3JbizkbCsAAwYIAJddjyklFKgLm6X/npn5
t2shvy3KBmhG8DmN4fBBh9nx1mexKfp4g+5N3Emgsxh96Syi6zuXqIU4DlnOp+0x8pDcfH0l
7JLR+vDcBdIDCkBFYHxzFn7UwxiW22rMvcptZ82u+b4MyT4v8upViF4Id+IHkrCxGFy41qxX
DqR6HtAzVjEg/PjUPasDHTr3mDjSy2a/462Z9mcxk86z78oLM8YSXleYYomyJEev8QjXk6St
Eu578fGAK1iIj13mca7+HmcA/94vjqNx8fXJBqKLPisHXqAgXvETjw8RjwruKV7JO7sVmu4o
Wh5imKfCIymNX4qy36+ehrescKqhX5wJLoCISQQYEQIACQUCQnqj/wIbDAAKCRDOdRlRSrK+
OLJ1AJ49ju2qyzzFvIDf2yfKsw0BnyRGXQCdE0Cu6r0WaLSrWsGCZ4uLTiBCJ3w=
=OizN
-----END PGP PUBLIC KEY BLOCK-----

-----------------------------------------------------------------

How can I attach the above key to my public key ring?
Your help is appreciated.

introuble 08-13-2006 04:40 AM

That's what an "exported" public key looks like. See man gpg, --export.

Gins 08-13-2006 07:08 AM

Thanks introuble for the reply.

The man page doesn't give me the information I want. I just want to know the command to import a key and vice versa.

I got the following from man page. It doesn't tell me the way to import and export a key.
---------------------------------------------------------------------------------------

--gen-revoke name
Generate a revocation certificate for the complete key. To
revoke a subkey or a signature, use the --edit command.

--desig-revoke name
Generate a designated revocation certificate for a key. This
allows a user (with the permission of the keyholder) to
revoke someone else's key.

--export [names]
Either export all keys from all keyrings (default keyrings
and those registered via option --keyring), or if at least
one name is given, those of the given name. The new keyring
is written to stdout or to the file given with option "out-
put". Use together with --armor to mail those keys.

--send-keys [names]
Same as --export but sends the keys to a keyserver. Option
--keyserver must be used to give the name of this keyserver.
Don't send your complete keyring to a keyserver - select only
those keys which are new or changed by you.

--export-secret-keys [names]

--export-secret-subkeys [names]
Same as --export, but exports the secret keys instead. This
is normally not very useful and a security risk. The second
form of the command has the special property to render the
secret part of the primary key useless; this is a GNU exten-
sion to OpenPGP and other implementations can not be expected
to successfully import such a key.

See the option --simple-sk-checksum if you want to import
such an exported key with an older OpenPGP implementation.

--import [files]

--fast-import [files]
Import/merge keys. This adds the given keys to the keyring.
The fast version is currently just a synonym.

There are a few other options which control how this command
works. Most notable here is the --keyserver-option merge-
only option which does not insert new keys but does only the
merging of new signatures, user-IDs and subkeys.

--recv-keys key IDs
Import the keys with the given key IDs from a keyserver.
Option --keyserver must be used to give the name of this key-
server.

Gins 08-13-2006 09:26 AM

I tried in vain the following:

[root@c83-250-110-112 nissanka]# gpg -a 'http://keyserver.veridis.com:11371/search?q=Ranjith'
gpg: can't open `http://keyserver.veridis.com:11371/search?q=Ranjith'
[root@c83-250-110-112 nissanka]#

What is the problem?
[It seems to me that many of our friends who contriute to this forum are not familiar with gpg. Because I don't get the response I expect.]
---------------
I found the public key in the following website.
http://keyserver.veridis.com:11371/search?q=Ranjith

Tinkster 08-13-2006 01:46 PM

You can't armor a URL.


Cheers,
Tink

Gins 08-13-2006 02:28 PM

Thanks Tinkster for taking time to reply me.

Now I found out the way to download a key from a public server. Please read the following:

[root@c83-250-110-112 nissanka]# gpg --keyserver http://wwwkeys.ch.pgp.net/ --recv-keys 4E706F5719AFA1CF
gpg: requesting key 19AFA1CF from http server wwwkeys.ch.pgp.net
gpgkeys: key 4E706F5719AFA1CF not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
[root@c83-250-110-112 nissanka]#

--------------------------------------------------

The key words are 'keyserver' and 'recv-keys'
You can't alter those words.

[root@c83-250-110-112 nissanka]# gpg --keyserver <URL of the key server> --recv-keys <Key ID>

For some reason, this doesn't work. I have been trying this for more than 2 hours.

Do you know why?

HappyTux 08-13-2006 02:32 PM

Quote:

Originally Posted by Gins

How can I attach the above key to my public key ring?
Your help is appreciated.

Save the part where the Public Block starts to where it ends to a file then gpg --import file_name.??? to import it into the keyring. eg save this

Code:

-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: SKS 1.0.10
 
 mQGiBEJ6o/gRBADC2tGliVmBuf5T3dO8Qj1avng76NlPkC9t0erh3pv1s/OwRzkyy/xWHvl9
 xM84eFKTAy+uDIeDoXHuYhBgmkN/puS8nPHNoXA10UdgnY5LtqeqT2iZ97IrXJpXBqrthMOW
 8OyPK6g/m+f5pFwmPe0HGhEA/NG//NYD1GuyMMybJwCgp9JtkOtklVNWolQssjSQboUOWtUD
 /i/syGhe6RtDWc7d8i2ppTr37IsFZlOJp4Oh0gXI1bdTmMGfLe2hIFIoyqdKrZt/hT20RZ/9
 A/8e2I4efiS6nZl39A5KSYYjEAdZXLV9eqgjnHjBra/SY8E6wvMhNxqO+RuHVHMgvdFX9uMJ
 brHDNZCfiU3Z9WVim5ufBWMqKcDGBACBn5wRB4hMlA31ee384ABqZa60zFwDR4C8G88wNUap
 ykwNSmAkgka6mVW1dzy9ipdMqwFYISc/wm9W5S0KkV3bqyrFj8T2YHtCRxumyCxoQV5IQth7
 Pl4xjuMzkFOhSNeqkhvNUAuJ4qXFtR2WvNn2pUsll6LAqUWwVZgtYH29ybQ7UGF3ZcWCIFJ1
 bWlhbiAoZ29ya3lAamFiYmVycGwub3JnKSA8cHJ1bWlhbkBwb2N6dGEub25ldC5wbD6IXgQT
 EQIAHgUCQnqj+AIbAwYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDOdRlRSrK+OJ2xAJ47dNIx
 1lBJM2m4aGlpejbJ3eTmGACfX1bonSLjhW2tm0dvFud/S6C2pre5Ag0EQnqj/xAIAKxoHZLg
 xYnPmnMlDqA1kngEawq30hC7ktEU43qSoqo9hr4dN9ym1HD07Ne8RaVWcs3EWuNwm6cV4l+Q
 JyTe7mjqyG7s5k+vTNv4+/r+8EZ6XBEt+/WCbzwffQd+7D2eM6kOAdpCbUX3Q/3oQUutuVNT
 aDLAknPICvlqkAaxhB0ABL4QIvx9xfqlEDpCuAFnCiVc//03L2DPuPMZZrpm+cqAX4oXPCZW
 HNkSibBc4LYVOn9B2YM07lo26yBNmvHXL4mFtDJdMLNy9MSwhH74Wwaaz8NmSfbh0v/RksUc
 L+kLHpkc7aMDbaT6wgmc9kKI7FnEPqO/eKFbCM3JbizkbCsAAwYIAJddjyklFKgLm6X/npn5
 t2shvy3KBmhG8DmN4fBBh9nx1mexKfp4g+5N3Emgsxh96Syi6zuXqIU4DlnOp+0x8pDcfH0l
 7JLR+vDcBdIDCkBFYHxzFn7UwxiW22rMvcptZ82u+b4MyT4v8upViF4Id+IHkrCxGFy41qxX
 DqR6HtAzVjEg/PjUPasDHTr3mDjSy2a/462Z9mcxk86z78oLM8YSXleYYomyJEev8QjXk6St
 Eu578fGAK1iIj13mca7+HmcA/94vjqNx8fXJBqKLPisHXqAgXvETjw8RjwruKV7JO7sVmu4o
 Wh5imKfCIymNX4qy36+ehrescKqhX5wJLoCISQQYEQIACQUCQnqj/wIbDAAKCRDOdRlRSrK+
 OLJ1AJ49ju2qyzzFvIDf2yfKsw0BnyRGXQCdE0Cu6r0WaLSrWsGCZ4uLTiBCJ3w=
 =OizN
 -----END PGP PUBLIC KEY BLOCK-----


Gins 08-14-2006 02:10 AM

Thanks Happy for taking time to reply me.

So the following command wouldn't help to download a key.

[niss@c83-250-110-112 ~]$ gpg --keyserver <URL of the key server> --recv-keys <Key ID>

I found it on a website.

I am a newbie to gpg. So your comments are valuble. Please do comment on this.

Tinkster 08-14-2006 03:42 AM

Mate ... look at the man-page again :}

It's not http:// ... it's hkp:// to begin with.


Cheers,
Tink

HappyTux 08-14-2006 09:00 AM

Quote:

Originally Posted by Gins
Thanks Happy for taking time to reply me.

So the following command wouldn't help to download a key.

[niss@c83-250-110-112 ~]$ gpg --keyserver <URL of the key server> --recv-keys <Key ID>

I found it on a website.

I am a newbie to gpg. So your comments are valuble. Please do comment on this.

Yes that should do it just use the address itself eg www.abc.def no need for http:// or hpk:// in front and for the key id you only need the last eight digits/letters in the id eg from above 19AFA1CF. The problem you are having is that key is not on the server that you are trying to get it from.

Gins 08-14-2006 09:01 AM

Thanks Tinkster taking time to reply me.

I always state those bloody man pages are user unfriendly.

They don't write in a simple manner.

By reading those pages, I can't get the answer I want. I simply want the command to download the keys from a public key server.

I don't get what I want from the following 'man page' details.
--------------------------------------------------------------
--keyserver name
Use name as your keyserver. This is the server that --recv-
keys, --send-keys, and --search-keys will communicate with to
receive keys from, send keys to, and search for keys on. The
format of the name is a URI: `scheme:[//]keyserver-
name[:port]' The scheme is the type of keyserver: "hkp" for
the HTTP (or compatible) keyservers, "ldap" for the NAI LDAP
keyserver, or "mailto" for the Graff email keyserver. Note
that your particular installation of GnuPG may have other
keyserver types available as well. Keyserver schemes are
case-insensitive.

Most keyservers synchronize with each other, so there is gen-
erally no need to send keys to more than one server. The
keyserver "hkp://subkeys.pgp.net" uses round robin DNS to
give a different keyserver each time you use it.

--keyserver-options parameters
This is a space or comma delimited string that gives options
for the keyserver. Options can be prepended with a `no-' to
give the opposite meaning. Valid import-options or export-
options may be used here as well to apply to importing
(--recv-key) or exporting (--send-key) a key from a key-
server. While not all options are available for all key-
server types, some common options are:

--------------------------------------------------------------

The name of the server is ---> http://pgp.mit.edu
The key ID is ---> 3BFB3F5F
The user ID is ---> Gunnar Johansson <info@gunnar-johansson.se>

[ Could you write me the command to download the above mentioned public key from the above mentioned server? ]

Those bloody 'man pages' are hopeless, as far as I am concerned.

HappyTux 08-14-2006 09:21 AM

Quote:

Originally Posted by Gins

The name of the server is ---> http://pgp.mit.edu
The key ID is ---> 3BFB3F5F
The user ID is ---> Gunnar Johansson <info@gunnar-johansson.se>

[ Could you write me the command to download the above mentioned public key from the above mentioned server? ]

Those bloody 'man pages' are hopeless, as far as I am concerned.

>$ gpg --keyserver pgp.mit.edu --recv-keys 3BFB3F5F
gpg: requesting key 3BFB3F5F from hkp server pgp.mit.edu
gpg: key 3BFB3F5F: public key "Gunnar Johansson <info@gunnar-johansson.se>" imported
gpg: Total number processed: 1
gpg: imported: 1

Gins 08-14-2006 10:30 AM

Thanks so much Happy Tux. So you solved a big problem.
--------------------------------------------------------------
[root@c83-250-110-112 nissanka]# gpg --keyserver pgp.mit.edu --recv-keys 3BFB3F5F
gpg: requesting key 3BFB3F5F from hkp server pgp.mit.edu
gpg: key 3BFB3F5F: public key "Gunnar Johansson <info@gunnar-johansson.se>" imported
gpg: Total number processed: 1
gpg: imported: 1
[root@c83-250-110-112 nissanka]#
---------------------------------------------------------------
So our friend Tinkster made a mistake by suggesting some 'hpk' to precede with the downloading server's address.This is a tall order. I mean not everybody knows pros cons of gpg.

The next step is to attached it to my key ring. I guess I must know the location of this key or rather the file to go ahead with the attaching.

[root@c83-250-110-112 nissanka]# find / -name 3BFB3F5F
[root@c83-250-110-112 nissanka]#

[root@c83-250-110-112 nissanka]# find -name 3BFB3F5F
[root@c83-250-110-112 nissanka]#

[root@c83-250-110-112 nissanka]# locate 3BFB3F5F
[root@c83-250-110-112 nissanka]#

How do I find the downloaded file? I guess it has an .asc ending. Please help me. Now I want to attache it to the key ring.

HappyTux 08-14-2006 10:35 AM

The command you used downloaded and imported it into your keyring use gpg --list-keys and you will see it there.

Gins 08-14-2006 10:35 AM

I tried the command ' [root@c83-250-110-112 nissanka]# locate *asc '
Please read the following output. I don't know which one to select.
--------------------------------------------------------------------------



[root@c83-250-110-112 nissanka]# locate *asc
/etc/RPM-GPG-KEYS/22458a98.asc
/etc/RPM-GPG-KEYS/70771ff3.asc
/etc/RPM-GPG-KEYS/9b4a4024.asc
/home/nissanka/Desktop/gnupg-1.4.4/doc/samplekeys.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-3.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/secring.skr.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-2o.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/pubring.pkr.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-2.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1-pgp.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/pubdemo.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-3o.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/secdemo.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/secring.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/pubring.asc
/home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1o.asc
/usr/share/doc/gnupg-1.4.2.2/samplekeys.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/div.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/pod.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfadv.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfbasic.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtffull.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfloop.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfmeta.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/match/div.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/pod/pod.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfbasic.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfadv.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtffull.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfloop.asc
/usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfmeta.asc
/usr/share/printer-testpages/testpage.asc
[root@c83-250-110-112 nissanka]#


All times are GMT -5. The time now is 08:30 AM.