Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




19.3. Importing keys

Once our own key-pair is created, we can begin to put into our public keyring database of all keys we have from some trusted third partly in order to be able to use his/her keys for future encryption and authentication communication. To import Public Keys to your keyring, use the following command:
          [root@deep] /# gpg --import <file>

Example 19-1. Importing using gpg

          [root@deep] /# gpg --import redhat2.asc

          gpg: key DB42A60E: public key imported
          gpg: /root/.gnupg/trustdb.gpg: trustdb created
          gpg: Total number processed: 1
          gpg:               imported: 1
The above command will append all new keys to our keyring database and will update all already existing keys. It is important to note that GnuPG does not import keys that are not self-signed. In the above example we import the Public Key file redhat2.asc from the company Red Hat Linux, downloadable from the Red Hat Internet site, into our keyring.

19.3.1. Key signing

When you import keys into your public keyring database and are sure that trusted third party is really the person they claim, you can start signing his/her keys. Signing a key certifies that you know the owner of the keys. To sign a key for the company RedHat that we have added on our keyring above, use the following command:
          [root@deep] /# gpg --sign-key <UID>

Example 19-2. Signing key

[root@deep] /# gpg --sign-key RedHat

          pub  1024D/DB42A60E  created: 1999-09-23 expires: never      trust: -/q
          sub  2048g/961630A2  created: 1999-09-23 expires: never
          (1)  Red Hat, Inc <[email protected]>
          pub  1024D/DB42A60E  created: 1999-09-23 expires: never      trust: -/q
          Fingerprint: CA20 8686 2BD6 9DFC 65F6  ECC4 2191 80CD DB42 A60E
          Red Hat, Inc <[email protected]>
          Are you really sure that you want to sign this key
          with your key: "Gerhard Mourani <[email protected]>"
          Really sign? y
          You need a passphrase to unlock the secret key for
          user: "Gerhard Mourani <[email protected]>"
          1024-bit DSA key, ID E92D6C97, created 1999-12-30
          Enter passphrase:

Note: You should only sign a key as being authentic when you are Absolutely sure that the key is really authentic! You should never sign a key based on any assumption.

  Published under the terms of the Open Publication License Design by Interspire