does gpg gpg2 use same gpg.conf file in home directory what are the best practices to create gpg2 signature ?
hi all, i have sent an e-mail to debian-users for generating a new key. a member has suggested to ask directly here. herewith i am sending the e-mail without any much modifications. i am using up to date debian sid. i am planning to create a gpg2 key. i have googled and read some articles ideas on the web. i have some comprehensions doubts about creation use of gpg2 key. i request members to provide your valuable advice suggestions if possible warnings [1] i have 2 packages in my system : gnupg 1.4.16-1.1 gnupg2 2.0.22-3. there is no .gnupg directory. should i create a ~/.gnupg directory along with gpg.conf with the configuration given at [0]. [2] does creation of directory config file before creation of gpg2 key pose any issues ? i mean when i start to create key, does gpg2 look into my home directory for config file ? [3] does the configuartion file will through up any errors if i try to create a signature [ god forbid ] with gnupg 1.4 version ? [4] do i need to absolutely create another singing only key as mentioned at [1], the link is not more than year old but it seems to be author is creating a key suing gpg 1.4. is creation of a single key with gpg2 is enough ? [5] should i simply follow the advice for creating keys given at [3] ? it makes sense after reading the comment at [4] about It turns out there is some UK legislation whereby folks are compelled to give a copy of private keys to the UK government if they are used for signatures. [6] i am concerned about the comment Why a 4096b key? I have had interoperability problems with keys that size in the past so usually do not use more than 2048b. Is there an RSA 2048b compromise you are aware of or are you just being through? on link [4]. the comment is almost 4 years old is this still relevant today ? usually adopt the highest number if given a choice blindly. [7] does the article at [5] about OpenPGP Key IDs are not useful apply to gpg2 also ? [8] the most important : does merely pasting the of paperkey -v --output printable.txt --secret-key backup.secret a2ps -2 --no-header -o printable.ps printable.txt in email signature or email body is enough for cryptographically protecting ? [0] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices [1] https://alexcabal.com/creating-the-perfect-gpg-keypair/https://alexcabal.com/creating-the-perfect-gpg-keypair/ [3] http://blog.bofh.it/debian/id_437 [4] http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ [5] https://www.debian-administration.org/users/dkg/weblog/105 regards, war.dhan p.s. please c.c. me. i am not subscribed to mailing list. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: does gpg gpg2 use same gpg.conf file in home directory what are the best practices to create gpg2 signature ?
Hello war, Yes gpg and gpg2 use the same gpg.conf file, the .gnupg directory will be created on your fist usage gpg or gpg2. On debian, the first time you use it a generic gpg.conf file is also generated. Do you use a smartcard ? or do you want to use one ? You can first look at this link : http://www.bootc.net/archives/2013/06/07/generating-a-new-gnupg-key/, seems a pretty good fist guide. Best Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: does gpg gpg2 use same gpg.conf file in home directory what are the best practices to create gpg2 signature ?
On Friday 23 May 2014 04:36 PM, tux.tsn...@free.fr wrote: Hello war, Yes gpg and gpg2 use the same gpg.conf file, the .gnupg directory will be created on your fist usage gpg or gpg2. On debian, the first time you use it a generic gpg.conf file is also generated. Do you use a smartcard ? or do you want to use one ? hi tux, right now i am concerned about creating a proper key with best settings or any inherent flaws. i don't use a smartcard. but i will decide about after sometime. i have bookmarked the url will look into on saturday or sunday. thank you. You can first look at this link : http://www.bootc.net/archives/2013/06/07/generating-a-new-gnupg-key/, seems a pretty good fist guide. Best Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: does gpg gpg2 use same gpg.conf file in home directory what are the best practices to create gpg2 signature ?
Hello War, Don't worry, part 5 to 8 and are commun for without or with smartcard GunPG key. Part 9 is only for smartcard but don't forgot part 10. Creating a revocation certificate Good reading. Best Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
