GPGP for Linux
The following is the command to get or rather download a key from a public key server to your public key ring.
gpg --import neukey.asc In the above the words ' neukey.asc ' stand for the file. I mean the name of the key which you download. [ This is my understanding. I may be wrong.] ---------------------------------------------------------------------- I looked at a server to get a public key. For example, the following one. [ pub 1024/4AB2BE38 2005/05/05 Pawe?\x82 Rumian (gorky@jabberpl.org) <prumian@poczta.onet.pl> Key fingerprint = A9E8 0878 EB08 0A0E 4E21 5A48 CE75 1951 4AB2 BE38 ] ------------------------------------------------------------------------ How can I get the above key and attached to my key ring? When I double click to download, I got the lot of binary stuff. Please read the following Public Key Server -- Get ``0x4ab2be38 '' -----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.0.10 mQGiBEJ6o/gRBADC2tGliVmBuf5T3dO8Qj1avng76NlPkC9t0erh3pv1s/OwRzkyy/xWHvl9 xM84eFKTAy+uDIeDoXHuYhBgmkN/puS8nPHNoXA10UdgnY5LtqeqT2iZ97IrXJpXBqrthMOW 8OyPK6g/m+f5pFwmPe0HGhEA/NG//NYD1GuyMMybJwCgp9JtkOtklVNWolQssjSQboUOWtUD /i/syGhe6RtDWc7d8i2ppTr37IsFZlOJp4Oh0gXI1bdTmMGfLe2hIFIoyqdKrZt/hT20RZ/9 A/8e2I4efiS6nZl39A5KSYYjEAdZXLV9eqgjnHjBra/SY8E6wvMhNxqO+RuHVHMgvdFX9uMJ brHDNZCfiU3Z9WVim5ufBWMqKcDGBACBn5wRB4hMlA31ee384ABqZa60zFwDR4C8G88wNUap ykwNSmAkgka6mVW1dzy9ipdMqwFYISc/wm9W5S0KkV3bqyrFj8T2YHtCRxumyCxoQV5IQth7 Pl4xjuMzkFOhSNeqkhvNUAuJ4qXFtR2WvNn2pUsll6LAqUWwVZgtYH29ybQ7UGF3ZcWCIFJ1 bWlhbiAoZ29ya3lAamFiYmVycGwub3JnKSA8cHJ1bWlhbkBwb2N6dGEub25ldC5wbD6IXgQT EQIAHgUCQnqj+AIbAwYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDOdRlRSrK+OJ2xAJ47dNIx 1lBJM2m4aGlpejbJ3eTmGACfX1bonSLjhW2tm0dvFud/S6C2pre5Ag0EQnqj/xAIAKxoHZLg xYnPmnMlDqA1kngEawq30hC7ktEU43qSoqo9hr4dN9ym1HD07Ne8RaVWcs3EWuNwm6cV4l+Q JyTe7mjqyG7s5k+vTNv4+/r+8EZ6XBEt+/WCbzwffQd+7D2eM6kOAdpCbUX3Q/3oQUutuVNT aDLAknPICvlqkAaxhB0ABL4QIvx9xfqlEDpCuAFnCiVc//03L2DPuPMZZrpm+cqAX4oXPCZW HNkSibBc4LYVOn9B2YM07lo26yBNmvHXL4mFtDJdMLNy9MSwhH74Wwaaz8NmSfbh0v/RksUc L+kLHpkc7aMDbaT6wgmc9kKI7FnEPqO/eKFbCM3JbizkbCsAAwYIAJddjyklFKgLm6X/npn5 t2shvy3KBmhG8DmN4fBBh9nx1mexKfp4g+5N3Emgsxh96Syi6zuXqIU4DlnOp+0x8pDcfH0l 7JLR+vDcBdIDCkBFYHxzFn7UwxiW22rMvcptZ82u+b4MyT4v8upViF4Id+IHkrCxGFy41qxX DqR6HtAzVjEg/PjUPasDHTr3mDjSy2a/462Z9mcxk86z78oLM8YSXleYYomyJEev8QjXk6St Eu578fGAK1iIj13mca7+HmcA/94vjqNx8fXJBqKLPisHXqAgXvETjw8RjwruKV7JO7sVmu4o Wh5imKfCIymNX4qy36+ehrescKqhX5wJLoCISQQYEQIACQUCQnqj/wIbDAAKCRDOdRlRSrK+ OLJ1AJ49ju2qyzzFvIDf2yfKsw0BnyRGXQCdE0Cu6r0WaLSrWsGCZ4uLTiBCJ3w= =OizN -----END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------- How can I attach the above key to my public key ring? Your help is appreciated. |
That's what an "exported" public key looks like. See man gpg, --export.
|
Thanks introuble for the reply.
The man page doesn't give me the information I want. I just want to know the command to import a key and vice versa. I got the following from man page. It doesn't tell me the way to import and export a key. --------------------------------------------------------------------------------------- --gen-revoke name Generate a revocation certificate for the complete key. To revoke a subkey or a signature, use the --edit command. --desig-revoke name Generate a designated revocation certificate for a key. This allows a user (with the permission of the keyholder) to revoke someone else's key. --export [names] Either export all keys from all keyrings (default keyrings and those registered via option --keyring), or if at least one name is given, those of the given name. The new keyring is written to stdout or to the file given with option "out- put". Use together with --armor to mail those keys. --send-keys [names] Same as --export but sends the keys to a keyserver. Option --keyserver must be used to give the name of this keyserver. Don't send your complete keyring to a keyserver - select only those keys which are new or changed by you. --export-secret-keys [names] --export-secret-subkeys [names] Same as --export, but exports the secret keys instead. This is normally not very useful and a security risk. The second form of the command has the special property to render the secret part of the primary key useless; this is a GNU exten- sion to OpenPGP and other implementations can not be expected to successfully import such a key. See the option --simple-sk-checksum if you want to import such an exported key with an older OpenPGP implementation. --import [files] --fast-import [files] Import/merge keys. This adds the given keys to the keyring. The fast version is currently just a synonym. There are a few other options which control how this command works. Most notable here is the --keyserver-option merge- only option which does not insert new keys but does only the merging of new signatures, user-IDs and subkeys. --recv-keys key IDs Import the keys with the given key IDs from a keyserver. Option --keyserver must be used to give the name of this key- server. |
I tried in vain the following:
[root@c83-250-110-112 nissanka]# gpg -a 'http://keyserver.veridis.com:11371/search?q=Ranjith' gpg: can't open `http://keyserver.veridis.com:11371/search?q=Ranjith' [root@c83-250-110-112 nissanka]# What is the problem? [It seems to me that many of our friends who contriute to this forum are not familiar with gpg. Because I don't get the response I expect.] --------------- I found the public key in the following website. http://keyserver.veridis.com:11371/search?q=Ranjith |
You can't armor a URL.
Cheers, Tink |
Thanks Tinkster for taking time to reply me.
Now I found out the way to download a key from a public server. Please read the following: [root@c83-250-110-112 nissanka]# gpg --keyserver http://wwwkeys.ch.pgp.net/ --recv-keys 4E706F5719AFA1CF gpg: requesting key 19AFA1CF from http server wwwkeys.ch.pgp.net gpgkeys: key 4E706F5719AFA1CF not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0 [root@c83-250-110-112 nissanka]# -------------------------------------------------- The key words are 'keyserver' and 'recv-keys' You can't alter those words. [root@c83-250-110-112 nissanka]# gpg --keyserver <URL of the key server> --recv-keys <Key ID> For some reason, this doesn't work. I have been trying this for more than 2 hours. Do you know why? |
Quote:
Code:
-----BEGIN PGP PUBLIC KEY BLOCK----- |
Thanks Happy for taking time to reply me.
So the following command wouldn't help to download a key. [niss@c83-250-110-112 ~]$ gpg --keyserver <URL of the key server> --recv-keys <Key ID> I found it on a website. I am a newbie to gpg. So your comments are valuble. Please do comment on this. |
Mate ... look at the man-page again :}
It's not http:// ... it's hkp:// to begin with. Cheers, Tink |
Quote:
|
Thanks Tinkster taking time to reply me.
I always state those bloody man pages are user unfriendly. They don't write in a simple manner. By reading those pages, I can't get the answer I want. I simply want the command to download the keys from a public key server. I don't get what I want from the following 'man page' details. -------------------------------------------------------------- --keyserver name Use name as your keyserver. This is the server that --recv- keys, --send-keys, and --search-keys will communicate with to receive keys from, send keys to, and search for keys on. The format of the name is a URI: `scheme:[//]keyserver- name[:port]' The scheme is the type of keyserver: "hkp" for the HTTP (or compatible) keyservers, "ldap" for the NAI LDAP keyserver, or "mailto" for the Graff email keyserver. Note that your particular installation of GnuPG may have other keyserver types available as well. Keyserver schemes are case-insensitive. Most keyservers synchronize with each other, so there is gen- erally no need to send keys to more than one server. The keyserver "hkp://subkeys.pgp.net" uses round robin DNS to give a different keyserver each time you use it. --keyserver-options parameters This is a space or comma delimited string that gives options for the keyserver. Options can be prepended with a `no-' to give the opposite meaning. Valid import-options or export- options may be used here as well to apply to importing (--recv-key) or exporting (--send-key) a key from a key- server. While not all options are available for all key- server types, some common options are: -------------------------------------------------------------- The name of the server is ---> http://pgp.mit.edu The key ID is ---> 3BFB3F5F The user ID is ---> Gunnar Johansson <info@gunnar-johansson.se> [ Could you write me the command to download the above mentioned public key from the above mentioned server? ] Those bloody 'man pages' are hopeless, as far as I am concerned. |
Quote:
gpg: requesting key 3BFB3F5F from hkp server pgp.mit.edu gpg: key 3BFB3F5F: public key "Gunnar Johansson <info@gunnar-johansson.se>" imported gpg: Total number processed: 1 gpg: imported: 1 |
Thanks so much Happy Tux. So you solved a big problem.
-------------------------------------------------------------- [root@c83-250-110-112 nissanka]# gpg --keyserver pgp.mit.edu --recv-keys 3BFB3F5F gpg: requesting key 3BFB3F5F from hkp server pgp.mit.edu gpg: key 3BFB3F5F: public key "Gunnar Johansson <info@gunnar-johansson.se>" imported gpg: Total number processed: 1 gpg: imported: 1 [root@c83-250-110-112 nissanka]# --------------------------------------------------------------- So our friend Tinkster made a mistake by suggesting some 'hpk' to precede with the downloading server's address.This is a tall order. I mean not everybody knows pros cons of gpg. The next step is to attached it to my key ring. I guess I must know the location of this key or rather the file to go ahead with the attaching. [root@c83-250-110-112 nissanka]# find / -name 3BFB3F5F [root@c83-250-110-112 nissanka]# [root@c83-250-110-112 nissanka]# find -name 3BFB3F5F [root@c83-250-110-112 nissanka]# [root@c83-250-110-112 nissanka]# locate 3BFB3F5F [root@c83-250-110-112 nissanka]# How do I find the downloaded file? I guess it has an .asc ending. Please help me. Now I want to attache it to the key ring. |
The command you used downloaded and imported it into your keyring use gpg --list-keys and you will see it there.
|
I tried the command ' [root@c83-250-110-112 nissanka]# locate *asc '
Please read the following output. I don't know which one to select. -------------------------------------------------------------------------- [root@c83-250-110-112 nissanka]# locate *asc /etc/RPM-GPG-KEYS/22458a98.asc /etc/RPM-GPG-KEYS/70771ff3.asc /etc/RPM-GPG-KEYS/9b4a4024.asc /home/nissanka/Desktop/gnupg-1.4.4/doc/samplekeys.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-3.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/secring.skr.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-2o.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/pubring.pkr.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-2.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1-pgp.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/pubdemo.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-3o.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/secdemo.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/secring.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/pubring.asc /home/nissanka/Desktop/gnupg-1.4.4/checks/plain-1o.asc /usr/share/doc/gnupg-1.4.2.2/samplekeys.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/div.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/pod.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfadv.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfbasic.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtffull.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfloop.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/cmp/rtfmeta.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/match/div.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/pod/pod.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfbasic.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfadv.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtffull.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfloop.asc /usr/share/doc/apache-HTML-Embperl-2.0.54_2.0.0/test/html/rtf/rtfmeta.asc /usr/share/printer-testpages/testpage.asc [root@c83-250-110-112 nissanka]# |
All times are GMT -5. The time now is 08:35 PM. |