[clue-tech] Some thoughts about GnuPG.

David L. Anselmi anselmi at anselmi.us
Thu Sep 16 20:22:45 MDT 2010

OK, last steps to get ready for the key signing:

* First, make sure you have a recent GnuPG.  Something later than 2.0.12 or 1.4.10 (either 1.x or 
2.x is fine).

* Second, make sure you're configured to avoid SHA1.  Put this in your ~/.gnupg/gpg.conf (don't wrap 
the last line):

     personal-digest-preferences SHA512
     cert-digest-algo SHA512
     default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 \
         ZIP Uncompressed

* Now follow the steps at this link.  When you get to the part about uploading keys, use the command:

     gpg --keyserver pgp.mit.edu --send-keys <key id>


That's it, you're ready to go!

(I'll also be creating a signing sub-key and a revocation cert, more on that later.)


More information about the clue-tech mailing list