|
Home > Archive > Mutt Email Client > October 2004 > mutt and gpg: (semi-)automatic public-key fetching
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
mutt and gpg: (semi-)automatic public-key fetching
|
|
| Ulrich Spoerlein 2004-10-15, 9:07 pm |
| Hello group,
TFM has this to say:
# set pgp_getkeys_command=""
#
# Name: pgp_getkeys_command
# Type: string
# Default: ""
#
# This command is invoked whenever mutt will need public key information.
# %r is the only printf-like sequence used with this format.
# (PGP only)
and
# The PGP command formats have their own set of printf-like sequences:
# ...
# %r One or more key IDs.
But %r gets exanded to the email address and not to the key ID! This
won't work with 'gpg --recv-key' because that command requires a real
key id, not an email address.
I'm using this command, as can be found in several .muttrc on the net
set pgp_getkeys_command="gpg -q --no-verbose --batch --recv-keys %r"
and this results in the slightly garbled output when trying to open a
signed mail and the key is not yet in the keyring.
F sching0PGP key...gtian Hirisng invalid key ID "4711@chello.at"
PGP signature could NOT be verified.
I'm not the only one to find out about this, see [1]
set pgp_long_ids=yes
has no effect either...
Am I right, that %r and pgp_long_ids only work when the key is already
in the keyring?
Any good macros/shell scripts to import the key of a signed email on
keypress?
[1] http://www.wlug.org.nz/.muttrc
Ulrich Spoerlein
--
PGP Key ID: F0DB9F44 Encrypted mail welcome!
PGP Fingerprint: F1CE D062 0CA9 ADE3 349B 2FE8 980A C6B5 F0DB 9F44
Ok, which part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn."
didn't you understand?
| |
| Rocco Rutte 2004-10-15, 9:07 pm |
| * Ulrich Spoerlein wrote:
> # Name: pgp_getkeys_command
[...]
> But %r gets exanded to the email address and not to the key ID! This
> won't work with 'gpg --recv-key' because that command requires a real
> key id, not an email address.
Correct. The/your problem is that mutt is created with the ability to
have different crypto backends. That means, mutt would have to implement
at least enough of PGP/GnuPG and future choices to extract to key's ID
=66rom the signature. As even SMTP support isn't included, I don't expect
this to happen, too.
> Any good macros/shell scripts to import the key of a signed email on
> keypress?
Just set pgp_verify_sig to "ask-yes" and set up GnuPG to automatical
fetch keys. That should do.
bye, Rocco
--=20
:wq!
--
:wq!
| |
| Peter H. Coffin 2004-10-15, 9:07 pm |
| On Mon, 11 Oct 2004 18:30:33 +0200, Ulrich Spoerlein wrote:
> Hello group,
>
> TFM has this to say:
> # set pgp_getkeys_command=""
> #
> # Name: pgp_getkeys_command
> # Type: string
> # Default: ""
> #
> # This command is invoked whenever mutt will need public key information.
> # %r is the only printf-like sequence used with this format.
> # (PGP only)
>
> and
> # The PGP command formats have their own set of printf-like sequences:
> # ...
> # %r One or more key IDs.
>
> But %r gets exanded to the email address and not to the key ID! This
> won't work with 'gpg --recv-key' because that command requires a real
> key id, not an email address.
Why is this a problem? Setting keyserver options in ~/.gnupg/options
makes gpg tick off the --recv-key function in it's own code, not Mutt's.
keyserver pgp.mit.edu
keyserver-options auto-key-retrieve
> I'm using this command, as can be found in several .muttrc on the net
> set pgp_getkeys_command="gpg -q --no-verbose --batch --recv-keys %r"
> and this results in the slightly garbled output when trying to open a
> signed mail and the key is not yet in the keyring.
Skip it, and use the above instead.
> F sching0PGP key...gtian Hirisng invalid key ID "4711@chello.at"
> PGP signature could NOT be verified.
>
> I'm not the only one to find out about this, see [1]
>
> set pgp_long_ids=yes
> has no effect either...
>
> Am I right, that %r and pgp_long_ids only work when the key is already
> in the keyring?
>
> Any good macros/shell scripts to import the key of a signed email on
> keypress?
It already does it, once you remember you're using gpg, and not pgp, and
therefore not all the settings will apply. The *function* is there,
though.
--
87. My vats of hazardous chemicals will be covered when not in use. Also, I
will not construct walkways above them.
--Peter Anspach's list of things to do as an Evil Overlord
| |
| Ulrich Spoerlein 2004-10-15, 9:07 pm |
| On 2004-10-11, Peter H. Coffin wrote:
> Why is this a problem? Setting keyserver options in ~/.gnupg/options
> makes gpg tick off the --recv-key function in it's own code, not Mutt's.
>
> keyserver pgp.mit.edu
> keyserver-options auto-key-retrieve
D'oh!
Thanks!
Ulrich Spoerlein
--
PGP Key ID: F0DB9F44 Encrypted mail welcome!
PGP Fingerprint: F1CE D062 0CA9 ADE3 349B 2FE8 980A C6B5 F0DB 9F44
Ok, which part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn."
didn't you understand?
|
|
|
|
|