I know, everybody hates GPG these days (and for good reasons), but I’ve been looking at the Emacs bug database and getting annoyed with all the SMIME etc bugs that aren’t getting fixed, and thought I should do something about it.
I last used GPG in the nineties, and I’ve forgotten everything I possibly could have know about it, so I thought I, as a complete born-again novice, would be in a good position to write a how to set it up, so I started with
rm -r ~/.gnupg
gpg – gen-key
and I then got to
What… century… is… this.
On my laptop, it stayed that way for ten minutes, until it got enough entropy, because /dev/urandom is obviously too insecure.
And then I got:
gpg: agent_genkey failed: No such file or directory Key generation failed: No such file or directory
Which after some Duckgoing is because I removed the .gnupg directory, and the gpg agent doesn’t understand that, and gpg of course didn’t say anything about this until after collecting entropy for ten minutes.
So did I have a gpg agent running?
Err… apparently? About five hundred?
None of the recommended ways of restarting the agent worked (presumably because the .gnupg directory was removed, which makes sense), so I just
and went through creating the key again, and waited another ten minutes, and then everything was created, even the revocation certificate, which all the recipes on the Interweb says I have to create by hand?
Anyway, then interweb recipes say I should send the key to a key
gpg – keyserver gpg.mit.edu – send-keys 29AEBB3
and then gpg helpfully says:
larsi@marnie:~$ gpg – keyserver gpg.mit.edu – send-keys 29AEBB3DDF5E83147CB9EC61EE84A168D288B04F gpg: sending key EE84A168D288B04F to hkp://gpg.mit.edu gpg: keyserver send failed: No name gpg: keyserver send failed: No name
What could that mean? No name? In the key? Didn’t I enter my name there? No, it turns out that the “gpg.mit.edu” domain name doesn’t resolve. Which the error message could have said, you’d think? No?
It’s “pgp.mit.edu”. After which the command apparently works, because there’s no feedback, which is the universal way to say “yes, that worked”, I guess?
OK, now everything is set up, so I just have to figure out how to use it on the Gnus/Message side, I think?
How about if I test with a
C-c C-m C-c
and I get a
It worked! I sent an encrypted message! To myself! And Gnus decrypted it automatically, and Emacs used the gpg agent so I didn’t have to type the passphrase a billion times.
Hey, now I’m totally qualified to finally have a look at the SMIME bug reports.