epcim
2/28/2017 - 4:14 PM

GPG

GPG

Signing someone else key

Get key to sign

gpg --list-keys

Sign the key

gpg --sign-key --ask-cert-level 0xXXXXXXXXX

Export the signed key and encrypt it with the recipient public key

gpg --armor --export 0xXXXXXXXXX | gpg --encrypt -r 0xXXXXXXXXX --armor --output 0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc

Send the signed, encrypted key to the recipient (email or whatever, but encrypted !)

The recipient will decrypt and import the signature into his keychain

gpg -d /tmp/0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc
gpg --import /tmp/0xXXXXXXXXX-signedBy-0xMYOWNKEY.asc

The recipient will upload the key to a key server

gpg --send-key 0xXXXXXXXXX