密钥签名派对 —— Caff 的配置与使用

Caff 是 signing-party 包的一个实用工具,可以签名一个密钥并邮寄给所有者。Caff 是一个 Perl 脚本,发件需要配置 MTA(邮件传输代理)这里使用 msmtp 来连接到一个 Relay (SMTP 服务器)。

配置 MTA

配置 MTA 非常简单,先安装 msmtp, msmtp-mta 然后创建 .msmtprc 文件:

# Set default values for all following accounts.
defaults
auth           on
tls            on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile        ~/.msmtp.log

# autistici
account        autistici
host           smtp.autistici.org
port           465
tls_starttls   off
from           a@b.c
user           a@b.c
password       xxxxx

# Set a default account
account default : autistici

在配置完以后,你应该能用 mail -s "test_email" user@mailprovider.com 来发送一条测试邮件。如果出了问题可以查看 .msmtp.log

Caff 的配置文件会在第一次运行时生成,里面有有关选项的注释。这是我的配置文件:

# .caffrc -- vim:ft=perl:

$CONFIG{'owner'} = 'William Goodspeed';
$CONFIG{'email'} = 'goodspeed@anche.no';

$CONFIG{'keyid'} = [ qw{2945CED1C88E763DB6FFBCE247FFB4C9CB4F5319} ];

$CONFIG{'local-user'} = [ qw{2945CED1C88E763DB6FFBCE247FFB4C9CB4F5319} ];

# Mail template to use for the encrypted part
$CONFIG{'mail-template'} = << 'EOM'; Hi, please find attached the user id{(scalar @uids >= 2 ? 's' : '')}
{foreach $uid (@uids) {
    $OUT .= "\t".$uid."\n";
};}of your key {$key} signed by me.

If you have multiple user ids, I sent the signature for each user id
separately to that user id's associated email address. You can import
the signatures by running each through `gpg --import`.

Note that I did not upload your key to any keyservers. If you want this
new signature to be available to others, please upload it yourself.
With GnuPG this can be done using
       gpg --keyserver pool.sks-keyservers.net --send-key {$key}

If you have any questions, don't hesitate to ask.

Regards,
{$owner}
EOM

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注