[csw-users] Instructions for importing GPG public key do not work

mark at proseconsulting.co.uk mark at proseconsulting.co.uk
Thu Aug 5 13:49:04 CEST 2010


Hi,

I was following the instructions at the bottom of this page:
http://www.opencsw.org/get-it/mirrors/
for importing the GPG public key.

Unfortunately,
# wget --output-document=/tmp/gpg.key http://www.opencsw.org/get-it/mirrors/
gives me a file that GPG doesn't like:

# gpg --import /tmp/gpg.key
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

The reason is because the BEGIN PGP block doesn't come at the start of the line, i.e.
# grep BEGIN /tmp/gpg.key
... shows up an HTML 'pre' tag before the BEGIN PGP stuff.

So, this works:
# nawk '/-----BEGIN PGP/ {sub("^[^-]*", ""); s=1} s {print} /-----END PGP/ {s=0}' /tmp/opencsw.pub | gpg --import

The instructions also fail to mention that you will need to trust the key once it has been imported.
This can be done using a manual approach:

# gpg --edit-key dm at opencsw.org trust quit
5
q

...or using a script:
http://lists.gnupg.org/pipermail/gnupg-users/2010-July/039275.html

# set-gpg-trust dm at opencsw.org 6

p.s. that's not a typo.  Trust level is 5 if you're using the manual approach, 6 if you use the script.  Both methods will set the trust level to "ultimate".

Best regards,
Mark Bannister.




More information about the users mailing list