- In order to use a key, that key must also be trusted.
- Once a key is trusted at a high-enough trust level, signing a key will no longer be necessary to use it.
- A key can become trusted it by signing it or explicitly trusting it.
- For a summary of how trust relationships work and the Web of Trust model, see here.
We will only provide instructions for explicitly trusting a key using the gpg command:
All commands must be run from the hrstgif service account on either stageprodapp01 or stagetestapp01.
Create a file which contains the new public encryption key. This can be transferred to the host via scp or simply cut and pasted into a file. It will be similar to contents below:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBFvt5zoBCADUBZmcivJbCsO3xjWszn01SsqLewp+Ur7isbvyTeLJ+Ui95s1Y KGjDqK5ZYeK/Rq0yWc2g5Ejsb7Ot4N0vEWP9pfeQFderHnPCURLm3j9coMzLKcTH x5Habk5/F2mwAZIHIiUmuYWfbPCiUR5kG4MrgmWzalWG7UVzK77Vuw/l13slZBMC 1o8IPCGfQsGCrEM8EMoOUjTxF+6N0E8eXMYyt774RvTEgol8R2O6pchascFD2w+o Ka/JHBrGMyEuldXq5H9/8kU5EXlRp2/5Ls6YrSy/OzwDPEREQG9vcAqxCROsuVME xpOie7JDjZuwwDO90WlfyJqQh5AcvdIZeXMBABEBAAG0LGVxdWlmYXh3czA3MTcy MDE5IDxlcXVpZmF4d3NwZ3BAZXF1aWZheC5jb20+iQE+BBMBCAAoAhsDBQkBQWzW Ah4BAheABQJb7mN8BgsJCAcDAgYVCAIJCgsEFgIDAQAKCRCz3sFhiZcwZUdqCAC5 uIzqo+dfZQXvcdacDQqjfvDdYTS2QlZg+T607GjnbAoqkDNT+xPl6sl+cB07mtRy 8Y78vzHwEa7z2yvNwq+3NoUWe5UqnpCu7nk+kSVcI5N3izrU7KJV2MTHl8Ri+4c6 82FSG54++uRh/hrc/uNFGakCgph0Nc1GN96w8EryoYenI4IVvFaN4E0t7PE5biXr 3KNldlUhf+sEAWoIzhg7Rf1hYLNUjR94KCSgaNxLrzMbhP26lq/pfW7gzYL9oNeH FZcM4OEn7yLCU/l2y/wqEDIdqLe43gCXSjxLtfN/6SUg1gFeRn+s9tWRx3fxYJGy Hg5g10WsztVCz1epvadZuQENBFvt5zoBCAD5yjPWGYt47ap4eoHEC4ygxk7mVOo0 N13nxPo+HmbtFj7mAMQhztX+lnSWVcBvOBzl6uyIsRtacblphSnE1D5RCMJPSZ8W SHkh7L79egC1KqgEwwWP8y76Bn0G1UKGusFBwlDw+CNWDFBe8dB2ddA5TV6p0Zed i3QO6AVGqYFk7PJmCV+4uWfz25kCB6CBQHsKjOfZ2EoDu+VPxnqJjruV5Dm6ySDD cYSYaxQN9OAYKAL5hNyKjDbrDuM6RJi2EVmtkgCUZUOdiI39wr4sjbJEstn7coGk 1+iLsQJi32vXx0T4OBuW2kYDm6kwRy75S0ez8dgNCg5MOw0A52Tv6OrjABEBAAGJ ASUEGAEIAA8FAlvt5zoCGwwFCQFBbNYACgkQs97BYYmXMGX4xQgAxkzsltY0JWMw cxn6yTFBn02l2Jh8AR+8BKhTvNfSo1IW6lT6g+Dg4ChBbfL/M5bhRcw9OFHkp5Uh m+PDyi+N9plzASpl4XIyQbJjDEu8SUeF3zkz8apsJYiGR2XoaoHM0DMG+ciqHEa+ UhfgxbWqMRXMRr2ZOdQFXdafzwnPJKR2blJVP5IGKoKHVtaBOgEQFPxUwKzwY44b UM5nZT6BIvoQl6GcI3RfHDperKGbJr+/K9GaALV7LxdqQ61456y/kqVX3qwPrKLA oSsLKCW4JxsN5U5OPmAfae0qedSRIhJvSEEJq6xayB+TDIpBunKQlDkntp5orb3S MWigDoOYZw== =OdeH
-----END PGP PUBLIC KEY BLOCK-----
References
- https://en.wikipedia.org/wiki/Public-key_cryptography
- https://en.wikipedia.org/wiki/RSA_(cryptosystem)
- https://en.wikipedia.org/wiki/Pretty_Good_Privacy
- https://en.wikipedia.org/wiki/GNU_Privacy_Guard
- https://www.gnupg.org/gph/en/manual/x334.html
- https://www.gnupg.org/gph/en/manual/c235.html
- http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-key-signatures.html
- http://www.iusmentis.com/technology/remailers/selfsign.html
- http://www.heureka.clara.net/sunrise/pgpsign.htm
- https://idea-instructions.com/public-key/
Add Comment