recieving/updating Public Keys from SKS keyserver to pubring.gpg

Faramir faramir.cl at gmail.com
Wed Aug 4 23:24:44 CEST 2010


El 04-08-2010 3:14, Prasanth Thandra escribió:
> Hi,

Hello,

> and i configured each users e-mail client (EVOLUTION) using their
> KEYIDes. When a user receives an encrypted mail from his peer ... he is
> able to read the mail only after receiving the KEY of sender to his
> pubring.gpg . But the problem here is each user has to receive KEYs of
> all the other one after another....which i dont think is the correct way.

  I'm not sure if I understood it right, as far as I know, you need to
have the public key of the recipient of the message before you can send
him an encrypted message. The recipient can decrypt the message even
without having the public key of the sender, that key is required just
in case of wanting to reply, or to check the signature of the message.

  I think downloading they keys one by one, is usually the correct way,
because most people operate with public keyservers, and of course, they
just want the keys of people they know. But that doesn't apply to your
case, since you have your own (private) keyserver.

> ??????? is there any way of receiving all the Public-keys that are
> available with the local SKS keyserver ???????

  I don't know if there is a command to do that, and also, I know very
little about using GnuPG at the command line (I always use a GUI), but a
possible workaround could be if one user (probably an administrator)
download all the keys (one by one or whatever), and then export all the
public keys into a single file, which could be distributed to each user.
But then, there would be no need of the keyserver, except to keep track
of revocations.
  Maybe you can configure Evolution to automatically download keys when
needed...

  I hope someone else with more knowledge about the subject can help you.

> how to update users pubring.gpg periodically or  when ever a new KEY is
> received by the KEYSERVER?

   Ah, I saw something about auto refreshing the keyring at PGP-Basics
list... I searched but I just found this:

that is a crontab (whatever a crontab is)

gpg2 -q --batch --refresh-keys

gpg2 -q --batch --update-trustdb

   Sorry for not providing a better answer.

  Best Regards



More information about the Gnupg-users mailing list