verifying signatures

[Gregory Nowak]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It sounds to me like you don't have your gpg set to automatically grab
keys from a key server. To set that up, edit your $HOME/.gnupg/options
file. First, you need to define which keyserver to use. The line that
I have reads:

keyserver wwwkeys.pgp.net

Next, you need to tell gpg to automatically grab keys it doesn't
already have from the keyserver. The line I have is:

keyserver-options auto-key-retrieve include-disabled include-revoked

This tells gpg to automatically get keys from the server, including
those that have been disabled and revoked.

As for the command I use to verify signatures, in my .muttrc I have:

set pgp_verify_command="gpg --no-verbose --batch --output - --verify
%s %f"

I also have:

set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint
- --check-sigs %r"

The command that imports keys is:

set pgp_import_command="gpg --no-verbose --import -v %f"

Don't ask me exactly what these do, because I simply cut and pasted
them from the mut with gpg howto, and haven't bothered examining them
in great detail, since they do what they're supposed to.

Greg


On Fri, Mar 26, 2004 at 12:31:18PM -0500, Igor Gueths wrote:
> This is the PGP output that I get: PGP output follows (current time: Fri 
> Mar 26 12:27:32 2004) --]
> gpg: Signature made Fri Mar 26 12:16:10 2004 EST using DSA key ID 
> 79725320
> gpg: Can't check signature: public key not found
> 
> [-- End of PGP output
> 
> This makes sense, since I don't have your public key imported into my 
> keyring. However it should be able to verify your signature, and of 
> course mine since I've exported it to wwwkeys.pgp.net. What is the 
> command sequence you use? 

- -- 
Free domains: http://www.eu.org/ or mail dns-manager at EU.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAZHRJ7s9z/XlyUyARAkpiAKC7phS00iY33JD9iB7gy+oPywxkDACfSwor
QduSNPGr6oX7KZ4vgbTRrEs=
=qINa
-----END PGP SIGNATURE-----