How to verify the trust path to a gpg key

cryptographygnupgpgppublic-key-encryption

I want to check whether the gpg key used by Julien Danjou for his emacs snapshot repository can be trusted. There are many trust paths from my key to Juliens key. But I can't believe that there shouldn't be any gpg command which just answers this simple question from my local keyring. Or is there?

Apparently I'm not the only one having this problem.

Best Answer

You're right to be concerned; that Julien Danjou guy is slippery. (Kidding!)

I believe you're looking for this command:

gpg --list-keys --list-options show-uid-validity 8B78A5C2

Related Solutions

How to work around blocked outbound hkp port for apt keys

This has been fixed in the upcoming Natty version of Ubuntu: https://launchpad.net/ubuntu/natty/+source/software-properties/0.78.1

Those using an older version need to edit ppa.py:

sudo gedit /usr/lib/python2.6/dist-packages/softwareproperties/ppa.py

Where it says:

keyserver.ubuntu.com

change to:

hkp://keyserver.ubuntu.com:80

Save, exit, then you're hopefully good to go.

How to manage GPG keys across multiple systems

Well, this is a bit embarrassing. I've spent hours over the course of a week trying to figure this problem out, and the answer appears to lie with subkeys--a topic the GnuPG manual and FAQ glosses over.

While researching what subkeys are and why they might be used instead of --gen-key, I stumbled across this gem: http://wiki.debian.org/subkeys.

Debian's wiki explains how to implement option #2 (see OP) using a master key with subkeys, and further explains how to remove the master key from any system after storing it on a backup medium (e.g. a flash drive). The subkeys can then be distributed among my keyrings on each device.

Pros:

Does not rely mainly on password to protect master key,
If any system is compromised, the master key is not immediately available (unless I foolishly leave my flash drive plugged in, or attach said drive to a compromised system),
This is a practice implemented by the Debian development team.
Uses the subkey feature of GnuPG. Which seems a bit more organized than having a bunch of loose keys on your keyring, yes?

Relevant portion from Debian Subkey Wiki

Make backups of your existing GnuPG files ($HOME/.gnupg). Keep them safe. If something goes wrong during the following steps, you may need this to return to a known good place. (note: umask 077 will result in restrictive permissions for the backup.)
- umask 077; tar -cf $HOME/gnupg-backup.tar -C $HOME .gnupg
Create a new subkey for signing.
- Find your key ID: gpg --list-keys yourname
- gpg --edit-key YOURMASTERKEYID
- At the gpg> prompt: addkey
- This asks for your passphrase, type it in.
- Choose the "RSA (sign only)" key type.
- It would be wise to choose 4096 (or 2048) bit key size.
- Choose an expiry date (you can rotate your subkeys more frequently than the master keys, or keep them for the life of the master key, with no expiry).
- GnuPG will (eventually) create a key, but you may have to wait for it to get enough entropy to do so.
- Save the key: save
You can repeat this, and create an "RSA (encrypt only)" sub key as well, if you like.
Now copy $HOME/.gnupg to your USB drives.
Here comes the tricky part. You need to remove the private master key, and unfortunately GnuPG does not provide a convenient way to do that. We need to export the subkey, remove the private key, and import the subkey back.
- Export the subkeys: gpg --export-secret-subkeys YOURMASTERKEYID >secret-subkeys (to choose which subkeys to export, specify the subkey IDs each followed with an exclamation mark: gpg --export-secret-subkeys SUBKEYID! [SUBKEYID! ..])
- Remove your master secret key: gpg --delete-secret-key YOURMASTERKEYID
- Import the subkeys back: gpg --import secret-subkeys
- Verify that gpg -K shows a sec# instead of just sec for your private key. That means the secret key is not really there. (See the also the presence of a dummy OpenPGP packet in the output of gpg --export-secret-key YOURMASTERKEYID | gpg --list-packets).
- Optionally, change the passphrase protecting the subkeys: gpg --edit-key YOURMASTERKEYID passwd. (Note that the private key material on the backup, including the private master key, will remain protected by the old passphrase.)

Your computer is now ready for normal use.

When you need to use the master keys, mount the encrypted USB drive, and set the GNUPGHOME environment variable:

export GNUPGHOME=/media/something
gpg -K

or use --home command-line argument:

gpg --home=/media/something -K

The latter command should now list your private key with sec and not sec#.

Multiple Subkeys per Machine vs. One Single Subkey for All Machines

Excerpt from Debian subkey wiki. Originally noted in comments. [Paraphrasing] and emphasis mine.

One might be tempted to have one subkey per machine so that you only need to exchange the potentially compromised subkey of that machine. In case of a single subkey used on all machines, it needs to be exchanged on all machines [when that single subkey is or suspected to be compromised].

But this only works for signing subkeys. If you have multiple encryption subkeys, gpg is said to encrypt only for the most recent encryption subkey and not for all known and not revoked encryption subkeys.