Hi Mick, on Sunday, 2006-04-16 at 19:48:00, you wrote: > 1. What is the relationship between gpg-agent and ssh-agent? Do I need both?
One is for SSH, the other for GPG :) Yes, I don't think either can be made to
work for the other program.
> 2. How can I get the gpg-agent to start if I do not use KDM, but XDM
> with fluxbox? (I added eval "$(gpg-agent --daemon)" in my ~/.xsession
> with no effect).
I found this script somehwere and installed it blobally. It's called in my
.profile:
#!/bin/sh
if [ -x /usr/bin/gpg-agent ]; then
if [ -f ${HOME}/.gpg-agent-info ]; then
OLD_GPG_AGENT=`cat ${HOME}/.gpg-agent-info`
CHECK_PID=`echo ${OLD_GPG_AGENT}|cut -d ":" -f 2`
PROG=`ps -p ${CHECK_PID} |tail -n1| sed -e "s,^[^ ]* *[^ ]* *[^ ]* *,,"`
if [ "${PROG}x" != "gpg-agentx" ]; then
rm ${HOME}/.gpg-agent-info
else
export GPG_AGENT_INFO=${OLD_GPG_AGENT}
fi
fi
if [ ! -f ${HOME}/.gpg-agent-info ]; then
eval "`gpg-agent --daemon`"
echo $GPG_AGENT_INFO >${HOME}/.gpg-agent-info
fi
fi
> 3. Some mail clients do not handle gpg signing very elegantly (as in
> automatically). Neverhteless, the signature is presented as an
> attachment. How can the recipient check the validity of the
> signature? It would be useful to find this answer not just for Linux,
> but also for M$Outlook.
There is a plugin for Outlook, two in fact, I think one is linked from the GPG
site and the older one is included with WinPT.
> 4. I created two uids one for [EMAIL PROTECTED] and one for
> [EMAIL PROTECTED] I thought that I would be able to switch
> between uids depending on the domain that I use in Kmail. Things got
> rather messed up thereafter. When I try to select a Signing key id
> (Group properties on say a newsgroup/Identity/Signing key/Change) I
> always get the [EMAIL PROTECTED] as the uid, instead of the
> [EMAIL PROTECTED] as a signature. How can I switch between uids?
You can only set one as the primary UID, in fact there won't be any difference
in the signature whether you use one or the other. It's just a difference in
the key's flags.
> 5. When I revoke a uid is it also removed from the keyservers?
No. That is, they did do some cleanup in the past when there were too many
expired/invalid/revoked keys lingering around, but it's not under your control.
The UID will just be flagged as revoked and therefore be as good as gone as far
as GPG is concerned.
> 6. Is there a way of finding out what is kept with respect to my
> sigs/uids on a keyserver?
It's pretty much a verbatim copy of your key. For finding out the details, this
one may be helpful (this and the relevant RFCs, 20-something)
* app-crypt/pgpdump
Available versions: 0.22 ~0.24
Installed: 0.22
Homepage: http://pgp.iijlab.net/pgpdump.html
Description: A PGP packet visualizer
HTH
cheers!
Matthias
--
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665
pgpaoW2ZJpR0u.pgp
Description: PGP signature
