[wellylug] Meeting next week (GPG Key signing)
cryptopartyaotearoa at riseup.net
cryptopartyaotearoa at riseup.net
Fri Jun 13 09:29:33 NZST 2014
16th June maybe?
i just wanted to add that TrueCrypt, which was promoted at the CryptoParty
recently, is no longer secure: http://truecrypt.sourceforge.net/
cheers
> As usual, I forgot the details
>
> Monday 16th May, 6pm, Level 3 Catalyst house (doors lock at 6, so arrive
> slightly early).
>
> On 2014-06-09 10:20, Hugh Davenport wrote:
>> Hi All,
>>
>> So far I have no speakers for next week, so if you have something, let
>> me know.
>> Otherwise I'll probably do some talk on some security stuff (to keep
>> the theme).
>>
>> I'll also run a GPG key signing party. I mentioned this a few months
>> ago.
>>
>> Below is some instructions that were sent round my work recently, so
>> feel
>> free to follow them, or some of these links. If you have any ideas on
>> how to
>> help people, reply to this, or shout out on the night. If you are stuck
>> with
>> any of this, bring a laptop or something along.
>>
>> You will need to bring your key fingerprint (see below), and some ID (I
>> will
>> be happy with just one form, but some people like to have 2).
>>
>> [1] https://wiki.debian.org/Keysigning
>> [2] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
>> [3]
>> http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
>> [4] https://wiki.ubuntu.com/KeySigningParty
>>
>> If you are scared of command lines there's the "Passwords and Keys" bit
>> of Preferences in Gnome/Unity/whatever, also called Seahorse.
>>
>>
>> 1. Setting up gpg effectively
>> =============================
>>
>> Stick these 4 lines in ~/.gnupg/gpg.conf so that you use a nice fast NZ
>> key server, and don't end up using SHA1 which is bad:
>>
>> keyserver hkp://pgp.net.nz
>>
>> personal-digest-preferences SHA256
>> cert-digest-algo SHA256
>> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 \
>> AES CAST5 ZLIB BZIP2 ZIP Uncompressed
>>
>>
>> 2. If you don't have a PGP key and need to create one
>> =====================================================
>>
>> Create a key, then send it to the server:
>>
>> gpg --gen-key
>>
>> # Enter the following:
>> # 1 - key type RSA and RSA (default)
>> # 4096 - key size
>> # 0 - unless you have reasons, non-expiring key
>> # Your Name - e.g. Harry Potter
>> # Email - e.g. harry.potter at hogwarts.ac.uk
>> # Comment - Leave blank, it can mess up some tools/scripts
>>
>> gpg --keyserver pgp.net.nz --send-key <KEYID> # your key here
>>
>>
>> 3. Print off your key fingerprint
>> =================================
>>
>> This is the bit we need at the key-signing party. You'll need to print
>> a
>> bunch of them to give to other people. Take the output from this
>> command, and paste it into a document so there's a few on a page, then
>> print it and cut them out into scraps to exchange on the day:
>>
>> gpg --fingerprint <KEYID>
>>
>> There is also a tool called gpg2ps in the keysigning debian package.
>> Which
>> does basically the same thing.
>
>
> --
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>
More information about the wellylug
mailing list