Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Brian Dolbec <dolsen@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] First release of Gentoo Keys
Date: Mon, 12 Jan 2015 01:34:24
Message-Id: 20150111173402.4b5c400d.dolsen@gentoo.org
In Reply to: Re: [gentoo-dev] First release of Gentoo Keys by Rich Freeman
1 On Sun, 11 Jan 2015 12:06:18 -0500
2 Rich Freeman <rich0@g.o> wrote:
3
4 > On Sun, Jan 11, 2015 at 11:43 AM, Brian Dolbec <dolsen@g.o>
5 > wrote:
6 > > Of the remaining devs, only 16 keys total pass the GLEP 63
7 > > requirements. More info can be found in the First-Use wiki page
8 > > [4]
9 >
10 > If you just create a gpg key with 5yr expiry and otherwise-default
11 > options, typing a larger number into the keysize prompt, do you get a
12 > compliant key? The guides talk about editing your gpg.conf, and it
13 > looks like the tool does it for you, but is any of that necessary to
14 > generate a compliant key? I'd prefer raw gpg commands and not a
15 > script that automates everything.
16 >
17 > Would this work:
18 > gpg --gen-key
19 > option 2 - DSA and Elgamal
20 > size 3072 (the max)
21 > expires 5y
22 > Enter your name, email, and passphrase.
23 >
24 > I've been putting off generating a new key until this all settles
25 > down, and would prefer to mess with it as infrequently as possible.
26 > Most likely I'll just switch to Gentoo-dedicated key for the tree.
27 >
28
29 Wait for Kristian to reply about the algorythm choice.
30
31 But for the rest, yes, you don't need gkeys to create your key, It is
32 just most people seem to know little about using gpg, so creating the
33 template where you just filled out name, email, password, makes it easy.
34
35 From the above, it looks like you also need to create a signing subkey
36 with a preferred 1 yr. expiry. But it can be 5 years max. too. You
37 may also want to add an encryption subkey for encrypted email and such.
38
39 I added a little more info to the First-Use wiki page, I included a
40 link to a great webpage about setting up gpg keys.
41
42 https://alexcabal.com/creating-the-perfect-gpg-keypair/
43
44 there are lots more, but I like that one, it is clear, concise,...
45
46 --
47 Brian Dolbec <dolsen>

Replies

Subject Author
Re: [gentoo-dev] First release of Gentoo Keys Rich Freeman <rich0@g.o>
Re: [gentoo-dev] First release of Gentoo Keys Kristian Fiskerstrand <k_f@g.o>
Report Message
Find on MARC Find on Google Groups