GPG Key-Signing Party

Barcamp Rochester, November 2nd, 2013

Slides available at

What is GPG (wikipedia quote time)

Cases where you might use GPG

Visualizing the Web of Trust

$ gpg --list-sigs --keyring ~/.gnupg/pubring.gpg | sig2dot > ~/.gnupg/
$ neato -Tps ~/.gnupg/ > ~/.gnupg/
$ convert ~/.gnupg/ ~/.gnupg/pubring.gif
$ eog ~/.gnupg/pubring.gif

What signing another key means

Let's do it!

Creating your first GPG key

Choosing default options are fine. Make sure to choose a passphrase:

$ gpg --gen-key

Take a look in ~/.gnupg/ to see what it created.

Your fingerprint can be found with:

$ gpg --fingerprint

Upload your public key to a keyserver (there are many such):

$ gpg --keyserver hkp:// --send-key KEYNAME

Let's do it!

Signing others' keys

There is a good way to run a key signing party, and an easy way. We're going to do the easy way since there was no pre-registration. See this page for a good description of the better way.

We'll sit in an oblong circle with each person across from another. Pass your identification to the person across from you and tell them your fingerprint hash. For the purposes of this slide, we'll use my fingerprint: 971095FF.

Get their public key from the key server:

$ gpg --keyserver hkp:// --recv-keys 971095FF

Begin the process of signing their key. Verify that the name on the key matches the identification provided. Legit?

$ gpg --sign-key 971095FF

Send the signed copy of their key back to the keyserver:

$ gpg --keyserver hkp:// --send-key 971095FF

The problem here is that we have verified that the name on their key matches the name on their identification, but we haven't verified that they have control over the email address listed on their key. See the link above for how to do that. Forgive me.

Once others have signed your key and sent it back to the key-server, you can import their signatures with:

$ gpg --keyserver hkp:// --recv-keys YOUR_KEY


Presented by:

Slides available at

Left, Down, Page DownNext slide
Right, Up, Page UpPrevious slide
POpen presenter console
HToggle this help