On Thu, 2008-12-11 at 17:12 -0700, LuKreme wrote: > On 11-Dec-2008, at 14:29, Karsten Bräckelmann wrote:
> I read a hell of a lot of stuff about all this, and have been running > SA since 2.mumble If you are a plug-n-play sysadmin, then no > problem. If you are already well-versed in the vagaries of gpg, then > fine, you already know this. If you are coming at this newly, the > documentation is unclear, incomplete, and in some cases points at > pages that are several years old. Lu, please -- constructive criticism, and at the very least proof. If there is outdated docs, it needs to be fixed. > [...] several times before anyone was able to even begin to explain where > this number comes from other than "the author". Well, it doesn't, in > fact, come from the author. [...] Author: "Here's how to use sa-update with my third-party channel. You can find the GPG key here, it's this Key ID." From the author... The author tells you, which key is being used. The fact that usually you can download the key from the same place is just a convenience. Frankly, that's what key-servers are for. > > IIRC (too lazy to look up the details for you) it accepts key IDs, > > fingerprints, email-addresses, names, and any substring at least of the > > latter two. Did you try it? It's enlightening... > > really? Yes. (Read the "IIRC" as "IIRC, and I *did* test all the above before writing". I just didn't re-read the GPG docs to confirm.) > mail# gpg --list-keys rele...@spamassasin.org > gpg: error reading key: No public key You missed to point gpg to the sa-update keyring, thus it queries your default keyring. We covered that before. This is not SA related. See the gpg documentation. > the only command that seems to do anything is: > gpg --list-keys --no-default-keyring --keyring sa-update-keys/ pubring.gpg Yes, of course! See above. See the previous thread. See gpg docs. > even this command, posted to the list as a way to get the --gpgkey > value: > gpg --no-default-keyring --keyring > /etc/mail/spamassassin/sa-update-keys/pubring.gpg > > returns: > gpg: Go ahead and type your message ... You did not tell gpg to list the keys here. I'll just assume you're not deliberately trying to spread confusion. If something doesn't work, please do at least think twice about the command that failed, *before* venting your broken syntax to the list. > On 11-Dec-2008, at 14:56, Karsten Bräckelmann wrote: > > FWIW, here would be a good place to start. > > http://wiki.apache.org/spamassassin/RuleUpdates > > That's a bit late in the thread to be posting that, but and it gives a > brand new piece of information which no one else has yet to mention: Huh, I /thought/ this has been mentioned before. *shrug* In either case, you've been pointed to the man-pages and wiki a few times. > [...] As far as I can tell, ever > single person who posted in this thread and said anything about gpg > and keys got at least something wrong except for you. And even you > left out what I consider some fairly crucial information. Thanks, but I'm quite sure I used some wrong terminology, too. ;) Anyway, *what* exactly is the information left out? Care to elaborate on this? We might be able to fix the docs and add more info. (Please, facts only, no whining.) BTW, did you read the sa-update man-page by now? It does tell you what the --gpgkey option is for, and even briefly outlines reasoning. > [...] so the critical flags of [...] > are missing from those instructions (and those flags are required for > both the --list-keys and the --fingerprint to work). So I checked > google for help, now that I know EXACTLY what to search for: "sa- > update list-keys no-default-keyring" No surprise this doesn't yield hits... Seriously. The options are *GPG* options, neither sa-update nor SA related options in general. This is a question about GPG, not sa-update. > The only hits are from today. this tells me there is not a single > page indexed on Google that gives full and complete instructions on > how to get the --gpgkey value. Not until I hit send, at least. :) Once again -- the key ID is given to you by the author! Why the hell should you trust the just downloaded key more than the words of the author, given both come from the very same server? Anyway, this thread long ago turned into a GPG question. I don't see anything SA specific here. guenther -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
