GPG and Mutt Help Needed
Igor Gueths
igueths at lava-net.com
Fri Sep 17 14:09:13 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, Sep 17, 2004 at 01:14:10PM -0500, Thomas Stivers wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Fri, Sep 17 2004 at 10:00:04AM -0400, Janina Sajka wrote:
> > I need some help with my GPG configuration in Mutt. I think I have it
> > working mostly. The rest might even be just a misunderstanding on my
> > part about how it should work.
>
> Congratulations.
>
> > I have successfully created a key pair for myself and submitted to the
> > key servers.
>
> Sounds good, just remember to stay away from keyserver.net" key servers
> as they are widely known to be broken. somthing like "subkeys.pbp.net"
> is probably your best bet.
Either that or pgp.net keyservers...Those are the ones I use.
>
> > I believe my outgoing mail is being signed. If I haven't sent a message
> > for some time, I'm prompted for my pass phrase. That all sounds right.
>
> Well this message wasn't signed, but maybe you meant it that way. You'll
> probably want to use old style inline signing most of the time or the
> outlook express users will howl about attachments. To do this use "set
> pgp_create_traditional=yes" in your .muttrc.
Not to mention that Mailman, as is configured for the Speakup list, will silently drop attachments...Including the message body if one uses attached signatures. Also, depending on the version
of Mutt that you have, you may need to patch your Mutt source so that pgp_create_traditional is parced propperly. I have an already patched Tarball if interested. However the version i patched
was Mutt-1.4.2
>
> > And, when I receive mail I can even get messages about whether the
> > signature in the incoming message can be trusted, or not.
>
> I have a handy script which I use as mutts display_filter which gets rid
> of all the verbose pgp messages so you just get the verification on the
> status line unless you togle the messages back on. Let me know if you
> want this.
>
> > Alt-E always works, and Ctrl-K never does, in other words. All I get
> > from Ctrl-K is:
> >
> > gpg: no valid OpenPGP data found.
> > gpg: Total number processed: 0
> > Press any key to continue...
> >
> > Do I misunderstand? Shouldn't Ctrl-K extract the key in the email? And,
> > do what with it exactly? I guess that's where I'm confused. Shouldn't it
> > validate the key against the email address with one of the keyservers?
>
> A signed message doesn't have the key in it, just a signature. You have
> to retriev the key from the key server.
>
> > Or, do I have to go add each individual by hand to my keyring? Euch.
> > Argyh. Hope not.
>
> Nope you don't have to do that, putting a line like the following in
> your .gnupg/gpg.conf or .gnupg/options file (whichever you have) will
> tell gpg to get keys it doesn't have automatically.
>
> keyserver-options auto-key-retrieve
>
> Also if you don't already have it you probably want a line in there
> defining your default keyserver.
>
> keyserver subkeys.pgp.net
>
> This should have you up and running.
>
> HTH
>
> - --
> "Debugging is twice as hard as writing the code in the first place.
> Therefore, if you write the code as cleverly as possible, you are,
> by definition, not smart enough to debug it." - Brian W. Kernighan
>
> Thomas Stivers e-mail: stivers_t at tomass.dyndns.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (GNU/Linux)
>
> iD8DBQFBSyly5JK61UXLur0RAsFBAJ9iaq5wcMpym8554Wuaa5YGADhGBwCfUYaW
> 6QbGDxxrl32b0GF0kvCA+PY=
> =X948
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
- --
Failure is not an option, it comes bundled with your Microsoft product.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBSyhJNohoaf1zXJMRAmSlAJ90AZVY5ZRhGBwNMAjzde1X7Q6V2wCgmdmi
3C+xcBqKxpghW9eBXe/g/10=
=CMTV
-----END PGP SIGNATURE-----
More information about the Speakup
mailing list