authenticate flag
Alphax
alphasigmax at gmail.com
Fri Dec 15 09:22:31 CET 2006
Aaron J. Graves wrote:
> I have created a key that for some reason does not have the "authenticate"
> flag set. Is there a way I can somehow set this flag? Or do I have to start
> from scratch?
>
> Here's an example. From the key in question:
>
> pub 1024D/9FB54294 created: 2006-09-17 expires: never usage: SC
> trust: ultimate validity: ultimate
> sub 4096g/DE94A6C4 created: 2006-09-17 expires: never usage: E
>
> And from another key that has the flag set:
> pub 1024D/34BAFE51 created: 2006-08-26 expires: 2011-08-25 usage: SCA
> trust: ultimate validity: ultimate
> sub 4096g/84400184 created: 2006-08-26 expires: 2011-08-25 usage: E
>
> Notice the "A" in the usage section. How can I add that to my other key?
> Or if it's not necessary, would it be possible to ask why?
>
As someone wiser than me said about a year and a half ago, a key with
the "authenticate" flag could be used to eg. unlock your PC instead of
using a username/password.
To set the flag during key creation, use gpg --expert --gen-key:
> Please select what kind of key you want:
> (1) DSA and Elgamal (default)
> (2) DSA (sign only)
> (3) DSA (set your own capabilities)
> (5) RSA (sign only)
> (7) RSA (set your own capabilities)
> Your selection?
Select (7) and toggle the "A" option.
Adding it to an existing key requires a deep understanding of the
OpenPGP spec (RFC 2440) and a hex editor; alternatively, you could add a
subkey with this capability (gpg --expert --edit 0x<keyid>, addkey,
<passphrase>, 7, A, Q).
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 542 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20061215/d597cc12/attachment.pgp
More information about the Gnupg-users
mailing list