Difference between revisions of "Talk:GnuPG"

From ArchWiki
Jump to navigation Jump to search
m (/usr/bin/pinentry is no longer a symlink: remove closed discussion)
(How to revoke a key: new section)
Line 16: Line 16:
  
 
[[User:NuSkool|NuSkool]] ([[User talk:NuSkool|talk]]) 04:09, 26 September 2016 (UTC)
 
[[User:NuSkool|NuSkool]] ([[User talk:NuSkool|talk]]) 04:09, 26 September 2016 (UTC)
 +
 +
== How to revoke a key ==
 +
 +
The accuracy flag indicates that a key cannot be revoked simply uploading a revocation certificate to a key server. But, the GnuPG FAQ does seem to indicate that one can do that [https://www.gnupg.org/faq/gnupg-faq.html#lost_passphrase]:
 +
 +
:If you can’t remember your passphrase, the best thing to do is use your pre-made revocation certificate to revoke your old certificate, upload the revocation to the keyserver network, and start anew with a fresh certificate.
 +
 +
Thus, the current text on the page seems to be correct. But, the manpage does indicate another process (import the revocation certificate into the key and then send the key).  -- [[User:Rdeckard|Rdeckard]] ([[User_talk:Rdeckard|talk]]) 13:31, 23 March 2019 (UTC)

Revision as of 13:31, 23 March 2019

System login with gnupg smartcard (yubikey, p-card, rsa token, etc)

gnupg with poldi can be used for system login. There is a thread asking whether it is possible to use gpg for system login. A new tip section explaining gnupg smartcard for logging into Arch Linux system is a nice addition here.

Alive4ever (talk) 02:27, 4 August 2016 (UTC)

User configuration files not created

Per the wiki, it states, "You will find skeleton files in /usr/share/gnupg. These files are copied to ~/.gnupg the first time gpg is run if they do not exist there."

I could very well be doing something wrong so I'd ask that this could be verified. If we need to copy skel configuration files, it should be clearly explained in the wiki shouldn't it?

I was unable to import public keys until I manually created a blank ~/.gnupg/gpg.conf with just keyserver pgp.mit.edu in it.

I also found this when searching for info, https://manned.org/gpgv2/2862e42d. It states: There are no configuration files and only a few options are implemented.

NuSkool (talk) 04:09, 26 September 2016 (UTC)

How to revoke a key

The accuracy flag indicates that a key cannot be revoked simply uploading a revocation certificate to a key server. But, the GnuPG FAQ does seem to indicate that one can do that [1]:

If you can’t remember your passphrase, the best thing to do is use your pre-made revocation certificate to revoke your old certificate, upload the revocation to the keyserver network, and start anew with a fresh certificate.

Thus, the current text on the page seems to be correct. But, the manpage does indicate another process (import the revocation certificate into the key and then send the key). -- Rdeckard (talk) 13:31, 23 March 2019 (UTC)