Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
webrsync-gpg -- How much should I trust the Gentoo Keys
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Xander314
n00b
n00b


Joined: 16 Apr 2012
Posts: 61

PostPosted: Sat May 30, 2015 9:52 am    Post subject: webrsync-gpg -- How much should I trust the Gentoo Keys Reply with quote

[url]I have decided to start using Portage's GPG verification of snapshots signed by the Gentoo team. I emerged gentoo-keys and added the appropriate lines in make.conf as described here https://wiki.gentoo.org/wiki/Project:RelEng#Release_security_and_signing.

The step I am unsure about is making the keys trusted,
Code:
gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --edit key 0x... trust

at which point GPG asks me
Code:

Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc,)
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately

What is an appropriate selection in this case. Does this actually have any effect on the GPG verification or is this just to build my "web of trust"? Initially I selected 4. If this is too high, can I change this simply by rerunning the command and choosing again?
Back to top
View user's profile Send private message
jonathan183
Guru
Guru


Joined: 13 Dec 2011
Posts: 309

PostPosted: Sat May 30, 2015 1:35 pm    Post subject: Reply with quote

My approach is to use the minimum trust to make the system work, I prefer to be asked ... so I use marginal trust.
I think the trust is only going to impact portage because of the --homedir /etc/portage/gpg setting.
I suggest you use
Code:
man gpg

and review the How to manage your keys section
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum