[wellylug] Meeting next week (GPG Key signing)
Hugh Davenport
hugh at davenport.net.nz
Fri Jun 13 09:44:23 NZST 2014
June sounds right :-)
On 13 June 2014 9:29:33 am NZST, cryptopartyaotearoa at riseup.net wrote:
>16th June maybe?
>
>i just wanted to add that TrueCrypt, which was promoted at the
>CryptoParty
>recently, is no longer secure: http://truecrypt.sourceforge.net/
>
>cheers
>
>> As usual, I forgot the details
>>
>> Monday 16th May, 6pm, Level 3 Catalyst house (doors lock at 6, so
>arrive
>> slightly early).
>>
>> On 2014-06-09 10:20, Hugh Davenport wrote:
>>> Hi All,
>>>
>>> So far I have no speakers for next week, so if you have something,
>let
>>> me know.
>>> Otherwise I'll probably do some talk on some security stuff (to keep
>>> the theme).
>>>
>>> I'll also run a GPG key signing party. I mentioned this a few months
>>> ago.
>>>
>>> Below is some instructions that were sent round my work recently, so
>>> feel
>>> free to follow them, or some of these links. If you have any ideas
>on
>>> how to
>>> help people, reply to this, or shout out on the night. If you are
>stuck
>>> with
>>> any of this, bring a laptop or something along.
>>>
>>> You will need to bring your key fingerprint (see below), and some ID
>(I
>>> will
>>> be happy with just one form, but some people like to have 2).
>>>
>>> [1] https://wiki.debian.org/Keysigning
>>> [2] https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
>>> [3]
>>>
>http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
>>> [4] https://wiki.ubuntu.com/KeySigningParty
>>>
>>> If you are scared of command lines there's the "Passwords and Keys"
>bit
>>> of Preferences in Gnome/Unity/whatever, also called Seahorse.
>>>
>>>
>>> 1. Setting up gpg effectively
>>> =============================
>>>
>>> Stick these 4 lines in ~/.gnupg/gpg.conf so that you use a nice fast
>NZ
>>> key server, and don't end up using SHA1 which is bad:
>>>
>>> keyserver hkp://pgp.net.nz
>>>
>>> personal-digest-preferences SHA256
>>> cert-digest-algo SHA256
>>> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192
>\
>>> AES CAST5 ZLIB BZIP2 ZIP Uncompressed
>>>
>>>
>>> 2. If you don't have a PGP key and need to create one
>>> =====================================================
>>>
>>> Create a key, then send it to the server:
>>>
>>> gpg --gen-key
>>>
>>> # Enter the following:
>>> # 1 - key type RSA and RSA (default)
>>> # 4096 - key size
>>> # 0 - unless you have reasons, non-expiring key
>>> # Your Name - e.g. Harry Potter
>>> # Email - e.g. harry.potter at hogwarts.ac.uk
>>> # Comment - Leave blank, it can mess up some tools/scripts
>>>
>>> gpg --keyserver pgp.net.nz --send-key <KEYID> # your key here
>>>
>>>
>>> 3. Print off your key fingerprint
>>> =================================
>>>
>>> This is the bit we need at the key-signing party. You'll need to
>print
>>> a
>>> bunch of them to give to other people. Take the output from this
>>> command, and paste it into a document so there's a few on a page,
>then
>>> print it and cut them out into scraps to exchange on the day:
>>>
>>> gpg --fingerprint <KEYID>
>>>
>>> There is also a tool called gpg2ps in the keysigning debian package.
>>> Which
>>> does basically the same thing.
>>
>>
>> --
>> Wellington Linux Users Group Mailing List:
>wellylug at lists.wellylug.org.nz
>> To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>>
>
>
>
>--
>Wellington Linux Users Group Mailing List:
>wellylug at lists.wellylug.org.nz
>To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wellylug.org.nz/pipermail/wellylug/attachments/20140613/73828705/attachment.html>
More information about the wellylug
mailing list