I'm trying to upgrade my 1.4.14 GNUPG to 2.0.26 version and the repository has 1.4.14 version… I tryied removing it and building the lastest version from the official GNUPG website downloading its source code (2.0.26), but I can't do it! it is always 1.4.14! and gpg generates this key:
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1
It generates v1 keys, that's bad… I wan't the lastest version to generate my keys, is more safe, doesn't it?
How can I repair it?
Thanks in advance!
(I'm using Linux Mint, but this happened in Ubuntu too)
Best Answer
GnuPG 1 and 2
First of all, GnuPG 1.4.14 is not really outdated, there are two branches of GnuPG developed at the same time. Also see Are gnupg and gnupg2 compatible with each other?
On Debian and derivated distributions, GnuPG 1 is installed as
gpg
, whereas GnuPG 2 is installed asgpg2
(but you might need to install thegnupg2
package).Key Versions
This is not an OpenPGP v1 key, the comment just indicates that GnuPG 1 created it. Both GnuPG 1 and 2 generate OpenPGP v4 keys. You can see what format is actually used by running (no matter whether using
gpg
orgpg2
)which will output something like
(Not) Building GnuPG on Your own
I strongly recommend not building GnuPG on your own. Apart from verifying sources, you need to regularly recompile to get security updates. Mint Linux already includes a fairly recent version of GnuPG 2 (2.0.22) with all security fixes backported, it should be totally fine sticking with that until a newer distribution will bring a new minor version.