This is a plugin to GNU Privacy Guard to connect to DNS-based key servers.
If you do not know what GnuPG, DNS or DNS-based key servers is, I suggest using the following resources.
The latest release is available at http://josefsson.org/gpgkeys_jkp/gpgkeys_jkp.
It is a Perl script, and it needs two external libraries:
After making sure you have installed the libraries, put the script
in your $PATH
and add the following to your
~/.gnupg/options
file:
keyserver jkp://dnskeys.josefsson.org
That's it. If it isn't, it is a bug, please let me know.
You can also grab the tarball, which includes the script, this HTML page and the Net::DNS patch.
You can contact the author at simon@josefsson.org. Unless the list managers objects, I'd prefer discussion to occur on the gnupg-devel mailinglist.
The server software is CKS and CKS-DNS.
Verifying some data without having the key locally:
bash-2.05a$ gpg < /data1/redhat/MD5SUM gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! gpg: Warning: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information 8ea0ba529e62554d15f26d5f46ba6646 limbo-i386-disc1.iso aa6b2d73c4a7923b3b82cf67b876509f limbo-i386-disc2.iso 85a84e06bbb16554c41ff055c924be25 limbo-i386-disc3.iso dc2199c6945c99ee56b81b9df9b19a77 limbo-i386-disc4.iso 8cdd5ab0c19cb5561314a9d4bb391a0f limbo-i386-disc5.iso gpg: Signature made Wed Jul 3 05:55:10 2002 CEST using DSA key ID DB42A60E gpgkeys: requesting key 0x219180CDDB42A60E from x-jkp://dnskeys.josefsson.org: gpgkeys: key 0xDB42A60E retrieved from dnskeys.josefsson.org gpg: key DB42A60E: public key "Red Hat, Inc" imported gpg: Total number processed: 1 gpg: imported: 1 gpg: Good signature from "Red Hat, Inc " gpg: checking the trustdb gpg: checking at depth 0 signed=0 ot(-/q/n/m/f/u)=0/0/0/0/0/1 gpg: next trustdb check due at 2003-05-05 gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Fingerprint: CA20 8686 2BD6 9DFC 65F6 ECC4 2191 80CD DB42 A60E bash-2.05a$
Sending your own key to the keyserver:
bash-2.05a$ gpg --send-keys 5C980097 gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! gpg: Warning: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information gpgkeys: sending key 5C980097 to dnskeys.josefsson.org gpgkeys: trying server latte.josefsson.org gpgkeys: key 0x5C980097 sent to dnskeys.josefsson.org bash-2.05a$