NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

misc/42383: Developer PGP key signing example is wrong for gpg 1.4.9

>Number:         42383
>Category:       misc
>Synopsis:       Developer PGP key signing example is wrong for gpg 1.4.9
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Nov 27 13:10:00 +0000 2009
>Originator:     Andreas Gustafsson
>Release:        N/A
System: NetBSD 5.0.1 NetBSD 5.0.1 (GENERIC) #0: Thu Jul 30 
01:39:11 UTC 2009
Architecture: i386
Machine: i386

The instructions for signing PGP keys at contain the following

  % cat >>
  Hi Moe,

  please return this message to me. Please sign and encrypt it.

  % dd if=/dev/urandom count=1 | md5 >>
  % gpg --armor --encrypt >

When following this example using GnuPG version 1.4.9, two issues

1. gpg prompts you with

  You did not specify a user ID. (you may use "-r")

  Current recipients:

Would it not make more sense to specify "-r" on the
command line, thereby eliminating the user interaction, the need
to figure out what to answer, and the risk of answering incorrectly?

2. gpg prompts you with

  File `' exists. Overwrite? (y/N)

This is because gpg will actually write the encrypted message to the
file "" and not to standard output; the redirection
">" in the example is unnecessary and only has the 
of creating an empty file which triggers the "Overwrite?"  question
and which will then be overwritten if you answer "y" to the above
question.  Did some earlier version of gpg perhaps require the

To fix both issues, I think the last line of the example ought to say

  % gpg --armor --encrypt -r

but I'm not comfortable committing the change without review since
this is a security critical procedure and I actually know next to
nothing about PGP.


Try to sign a developer's key following the instructions.  Get confused.


Home | Main Index | Thread Index | Old Index