a check by telephone (if you know the voice). To specify the level of the check, you need to add the –ask-cert-level parameter: gpg -u -ask-cert-level -sign-key Define certification expiry timeĪ PGP key pair can (should) have an expiration date. This ensures that old keys that are no longer in use become unusable. Furthermore, it is possible to change the expiration time of the key pair if necessary, i.e. Level 3 describes a thorough check with personal meeting and ID, Level 2 e.g. The certification level indicates how it was verified that the key actually belongs to the registered owner (name and e-mail address). The following levels are available: (0) I will not answer. gpg -u -sign-key Define certification level To avoid mistakes, you should use the fingerprint of the matching key pair. Define your key pairs to be usedįirst of all, if you have several keys, it is important to define exactly which key you want to use for the signature. You can do this in GnuPG with the parameter -u. In practical terms, the signature is therefore worthless. In addition, the expiration date of the signature is set to the same date as the key. This is not wrong for now, but there may be cases where you want to explicitly define a different date. This command creates a signature that says nothing about whether and how you verified the identity of the owner of the key. The fastest way to generate a signature for a key is the following command ( please do not use that!): gpg -sign-key Please read below to understand what you are doing! Simple Signing
Here the Copy&Paste command (because people usually just take the first code they see): gpg -ask-cert-level -ask-cert-expire -sign-key With GnuPG it is very easy to sign foreign public keys. GnuPG offers a selection of options to configure the creation of the signature. I will introduce the most important ones here. ownership of this key). This post describes the process of signing PGP keys with GnuPG. An essential part of PGP is the mutual validation of key pairs. This confirms that the information about the owner stored in the key corresponds to reality (e.g.