[wellylug] Meeting next week (GPG Key signing)

Fri Jun 13 09:35:57 NZST 2014

Sorry all

Wish I could be there and get my key signed, however I will be in sydney.

I will probably bring my fingerprint to future events and if anyone willing to check I am me and take a fingerprint away to sign that would be most appreciated.

Regards
Alexander

Alexander Neilson
Neilson Productions Limited

alexander at neilson.net.nz
021 329 681
022 456 2326

On 13/06/2014, at 9:29 am, cryptopartyaotearoa at riseup.net wrote:

> 16th June maybe?
> 
> i just wanted to add that TrueCrypt, which was promoted at the CryptoParty
> recently, is no longer secure: http://truecrypt.sourceforge.net/
> 
> cheers
> 
>> As usual, I forgot the details
>> 
>> Monday 16th May, 6pm, Level 3 Catalyst house (doors lock at 6, so arrive
>> slightly early).
>> 
>> On 2014-06-09 10:20, Hugh Davenport wrote:
>>> Hi All,
>>> 
>>> So far I have no speakers for next week, so if you have something, let
>>> me know.
>>> Otherwise I'll probably do some talk on some security stuff (to keep
>>> the theme).
>>> 
>>> I'll also run a GPG key signing party. I mentioned this a few months
>>> ago.
>>> 
>>> Below is some instructions that were sent round my work recently, so
>>> feel
>>> free to follow them, or some of these links. If you have any ideas on
>>> how to
>>> help people, reply to this, or shout out on the night. If you are stuck
>>> with
>>> any of this, bring a laptop or something along.
>>> 
>>> You will need to bring your key fingerprint (see below), and some ID (I
>>> will
>>> be happy with just one form, but some people like to have 2).
>>> 
>>> [1] https://wiki.debian.org/Keysigning
>>> [2] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
>>> [3]
>>> http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
>>> [4] https://wiki.ubuntu.com/KeySigningParty
>>> 
>>> If you are scared of command lines there's the "Passwords and Keys" bit
>>> of Preferences in Gnome/Unity/whatever, also called Seahorse.
>>> 
>>> 
>>> 1. Setting up gpg effectively
>>> =============================
>>> 
>>> Stick these 4 lines in ~/.gnupg/gpg.conf so that you use a nice fast NZ
>>> key server, and don't end up using SHA1 which is bad:
>>> 
>>>  keyserver hkp://pgp.net.nz
>>> 
>>>  personal-digest-preferences SHA256
>>>  cert-digest-algo SHA256
>>>  default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 \
>>>                          AES CAST5 ZLIB BZIP2 ZIP Uncompressed
>>> 
>>> 
>>> 2. If you don't have a PGP key and need to create one
>>> =====================================================
>>> 
>>> Create a key, then send it to the server:
>>> 
>>>  gpg --gen-key
>>> 
>>>     # Enter the following:
>>>     # 1          - key type RSA and RSA (default)
>>>     # 4096       - key size
>>>     # 0          - unless you have reasons, non-expiring key
>>>     # Your Name  - e.g. Harry Potter
>>>     # Email      - e.g. harry.potter at hogwarts.ac.uk
>>>     # Comment    - Leave blank, it can mess up some tools/scripts
>>> 
>>>  gpg --keyserver pgp.net.nz --send-key <KEYID>  # your key here
>>> 
>>> 
>>> 3. Print off your key fingerprint
>>> =================================
>>> 
>>> This is the bit we need at the key-signing party. You'll need to print
>>> a
>>> bunch of them to give to other people. Take the output from this
>>> command, and paste it into a document so there's a few on a page, then
>>> print it and cut them out into scraps to exchange on the day:
>>> 
>>>  gpg --fingerprint <KEYID>
>>> 
>>> There is also a tool called gpg2ps in the keysigning debian package.
>>> Which
>>> does basically the same thing.
>> 
>> 
>> --
>> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
>> To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>> 
> 
> 
> 
> -- 
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug