Our usual BoF Key signing party is returning again this year, thanks again to the help of our gracious volunteers. It will be held from 7 – 9pm Friday, October 7th in Union Room A. Like any amazing party, attendees will need to do some 1) preparation before the party, some 2) participation during the party, and some 3) post-event follow-up after the party.
- install GnuPG (or other PGP workalike software)
- generate a key pair, if you have not already
- extract your public key and send it to the meeting organizer (rmt AT casita DOT net) with subject ‘OLF PGP key’
- extract your “fingerprint” and print a copy
- bring your printed fingerprint
- bring additional paper and a pen or pencil
- bring a valid government issued photo ID
- fingerprints will be read (orally)
- photo IDs will be checked (visually)
You do NOT need to bring a laptop or tablet or other device during the meeting. The meeting itself is about face-to-face verification.
- import the bundle of public keys (collected by the organizer)
- sign each participant’s public key
- send each participant’s signed key back to them OR. . .
- . . . upload signed keys to a reputable public key server
Depending on your Linux flavor, issue one of the commands below using root account/privileges:
pacman -S gnupg
apt-get install gnupg
RedHat, Fedora, CentOS, Azure Duck (yum)
yum install gnupg
Ubuntu / Mint (apt-get/aptitude)
sudo apt-get install gnupg
SUSE and OpenSUSE (zypper)
zypper install gnupg
- As your normal user, issue the command (and all others):
- When prompted, select RSA at 4096 bits.
- Leave the “comment” blank, but enter your name and email address.
- You can have multiple email addresses on your key. Your key will be referenced either by the key ID (a hexadecimal string) or by your email address.
NOTE: remember your passphrase but do not share it with anyone
NOTE: protect your secret key (private key) and do not share it or upload it
gpg --armor --export firstname.lastname@example.org > pubkeyfile.asc
Then send the file pubkeyfile.asc to the organizer (rmt AT casita DOT net). Include “OLF PGP key” in the subject of your message when sending so it doesn’t get buried under other email. The file can be sent as an attachment or can be embedded into the e-mail.
Run the following command as your user:
gpg --fingerprint email@example.com > fingerprint.txt
Remember to print your fingerprint.txt file and bring it with you to the meeting.