[Dshield] configuration/gpg question
bpirie at rma.edu
Thu Mar 31 16:22:48 GMT 2005
Quick newbie question (if I'm asking in the wrong place, please accept
my apologies and point me elsewhere)
I'm trying to implement the dshield.org scripts on a test firewall, and
I'm having trouble with gpg verification. I've imported the public key
file from http://www.dshield.org/dshield_public_key.txt and signed
"<blocklist at dshield.org>" locally with --edit-key and lsign. I've
trusted it, and run --update-trustdb. The perl script fails with the
Signature not valid. Please verify manually or check if you have the
Trying to verify manually results in the following error:
[root at sparky ~]# gpg --verify /usr/tmp/0.282360723083006.asc
gpg: Signature made Thu 31 Mar 2005 10:50:07 AM EST using DSA key ID
gpg: Good signature from "DShield Blocklist (Used to Sign DShield
Blocklist) <blocklist at dshield.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
followed by the Primary key fingerprint. I've tried different methods
of signing and trusting, and applied it to different keys found in
dshield_public_key.txt, but none seem to have any effect. I'm probably
missing something obvious here, but I've never worked with gpg or pgp
before, and having found the answer in the gpg docs or by googling thus
far. Can someone point me in the right direction?
Thanks immensely for any help,
PS This is a CentOS 4 x86 box with gnupg-1.2.6-1 and perl-5.8.5-12.1.
Except for errata, it's a "stock" installation.
More information about the list