Skip to content

Instantly share code, notes, and snippets.

@epcim

epcim/gpg-signing.md

Forked from klyr/gist:3f09e55183d9f287d6fe6f8076a4ccc3
Last active March 24, 2017 14:40
Show Gist options
  • Save epcim/400e2e5f6cccc87e5740d56bfabc1ab3 to your computer and use it in GitHub Desktop.
Save epcim/400e2e5f6cccc87e5740d56bfabc1ab3 to your computer and use it in GitHub Desktop.
Download ZIP
gpg signing
Raw
gpg-signing.md

Signing someone else key

Get key to sign

gpg --list-keys

Sign the key

gpg --sign-key --ask-cert-level 0xXXXXXXXXX

Export the signed key and encrypt it with the recipient public key

gpg --armor --export 0xXXXXXXXXX | gpg --encrypt -r 0xXXXXXXXXX --armor --output 0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc

Send the signed, encrypted key to the recipient (email or whatever, but encrypted !)

The recipient will decrypt and import the signature into his keychain

gpg -d /tmp/0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc
gpg --import /tmp/0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc

The recipient will upload the key to a key server

gpg --send-key 0xXXXXXXXXX
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment