Sunday 25 May 2014

OpenStack Summit Keysigning

It's been a while since I've gone to a GPG keysigning, but at the Juno OpenStack Summit in Atlanta I joined in.  After all, it was my first summit and getting some id authentication is worthwhile.

After the keysigning party I made use of caff to sign all those keys.  But of course I needed to configure SMTP first in my development VM.  There's a nice guide to getting postfix working with gmail which helped that go quickly.  Just remember that gmail likes Application-specific passwords nowadays.

Oh, and another thing.  GPG has awful error messages.  When you receive your key signed by a third-party and you try to gpg --import it and you get the dreaded:

$ gpg --import your-signed-key.asc 
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
$ file your-signed-key.asc 
your-signed-key.asc: PGP message

...remember that the key has probably been encrypted with your public key so only you can read it.  The way around this is a simple:

$ gpg --decrypt your-signed-key.asc | gpg --import

Things would be mush easier if gnupg provided suggestions, but life often isn't that easy :)