[wellylug] Meeting next week (GPG Key signing)

Mon Jun 9 10:23:47 NZST 2014

As usual, I forgot the details

Monday 16th May, 6pm, Level 3 Catalyst house (doors lock at 6, so arrive 
slightly early).

On 2014-06-09 10:20, Hugh Davenport wrote:
> Hi All,
> 
> So far I have no speakers for next week, so if you have something, let 
> me know.
> Otherwise I'll probably do some talk on some security stuff (to keep 
> the theme).
> 
> I'll also run a GPG key signing party. I mentioned this a few months 
> ago.
> 
> Below is some instructions that were sent round my work recently, so 
> feel
> free to follow them, or some of these links. If you have any ideas on 
> how to
> help people, reply to this, or shout out on the night. If you are stuck 
> with
> any of this, bring a laptop or something along.
> 
> You will need to bring your key fingerprint (see below), and some ID (I 
> will
> be happy with just one form, but some people like to have 2).
> 
> [1] https://wiki.debian.org/Keysigning
> [2] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
> [3] 
> http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
> [4] https://wiki.ubuntu.com/KeySigningParty
> 
> If you are scared of command lines there's the "Passwords and Keys" bit
> of Preferences in Gnome/Unity/whatever, also called Seahorse.
> 
> 
> 1. Setting up gpg effectively
> =============================
> 
> Stick these 4 lines in ~/.gnupg/gpg.conf so that you use a nice fast NZ
> key server, and don't end up using SHA1 which is bad:
> 
>   keyserver hkp://pgp.net.nz
> 
>   personal-digest-preferences SHA256
>   cert-digest-algo SHA256
>   default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 \
>                           AES CAST5 ZLIB BZIP2 ZIP Uncompressed
> 
> 
> 2. If you don't have a PGP key and need to create one
> =====================================================
> 
> Create a key, then send it to the server:
> 
>   gpg --gen-key
> 
>      # Enter the following:
>      # 1          - key type RSA and RSA (default)
>      # 4096       - key size
>      # 0          - unless you have reasons, non-expiring key
>      # Your Name  - e.g. Harry Potter
>      # Email      - e.g. harry.potter at hogwarts.ac.uk
>      # Comment    - Leave blank, it can mess up some tools/scripts
> 
>   gpg --keyserver pgp.net.nz --send-key <KEYID>  # your key here
> 
> 
> 3. Print off your key fingerprint
> =================================
> 
> This is the bit we need at the key-signing party. You'll need to print 
> a
> bunch of them to give to other people. Take the output from this
> command, and paste it into a document so there's a few on a page, then
> print it and cut them out into scraps to exchange on the day:
> 
>   gpg --fingerprint <KEYID>
> 
> There is also a tool called gpg2ps in the keysigning debian package. 
> Which
> does basically the same thing.