Tuesday, July 29, 2008

Manually updating key server

Well, I could not technically conclude, why the signatures did not sync between the http://subkeys.pgp.net:11371/ and http://pgp.mit.edu:11371/ key server, but thought of doing a manual update to http://pgp.mit.edu:11371/ server. I know that it is risky to play with the gpg key without proper backup. My instinct was so strong to just check whether I can sync it manually, so I just edited my 'gpg.conf', after taking a backup;

keyserver hkp://pgp.mit.edu
#keyserver hkp://subkeys.pgp.net

and used,

prasad@mayobhava:~$ gpg --send-keys A526A4A5
gpg: sending key A526A4A5 to hkp server pgp.mit.edu
prasad@mayobhava:~$

Then I just verified the signatures on the web and now they are synced. Have a look at the screen shots below.









Cheers !!

--
When in doubt, use brute force. - Ken Thompson

Monday, July 28, 2008

Confusing key servers

I have an understanding that the key servers internally sync all the details, but this is not happening with MIT key server. My 'gpg.conf' file updates the 'subkeys.pgp.net' server.

'keyserver hkp://subkeys.pgp.net' in 'gpg.conf' confirms the same, but when I verify my signatures on the web, it is intact with http://subkeys.pgp.net:11371/, but the same signatures are not reflected in http://pgp.mit.edu:11371/. Not sure what I am failing to understand. I have done some basic RTFM with gpg command too.







--

Any technology that is distinguishable from magic is not sufficiently advanced. - Gregory Benford