Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: a3@a3.nl.invalid (Adri Verhoef) Newsgroups: news.admin.hierarchies Subject: Upgrading/changing from PGP to GnuPG for nl.* Date: Thu, 25 Apr 2024 22:40:08 GMT Organization: A3, The Netherlands Lines: 40 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Date: Fri, 26 Apr 2024 01:09:02 +0200 (CEST) Injection-Info: dont-email.me; posting-host="7fcd1a7ea22a0ace8b625b787374b27a"; logging-data="3434913"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/kXr3zhze8XaLPVyy2lqRvlVyB5lPfFN8=" Cancel-Lock: sha1:6JKMbgWase+nFfu9fxmkJd/Xm1U= X-Newsreader: trn 4.0-test77 (Sep 1, 2010) X-Editor: Vim Bytes: 2811 Hi, Julien invited me to join news.admin.hierarchies. As administrator for nl.* I'm still using PGP-2 and that doesn't seem to do its work anymore on a modern Fedora 40 system without 32-bit libraries. $ file /usr/local/bin/pgp /usr/local/bin/pgp: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, stripped $ readelf -a /usr/local/bin/pgp | grep NEEDED 0x00000001 (NEEDED) Shared library: [libc.so.6] $ rpm -qa | grep i686 | wc -l 0 $ dnf provides /lib/libc.so.6 | grep x86_64 glibc32-2.39-8.fc40.x86_64 : The GNU libc libraries (32-bit) In the past I've compiled PGP-2.6.3is myself and configured 'signcontrol' for the nl-hierarchy. It doesn't compile anymore, not necessarily a disaster, as we will see. Now I could go ahead and install the necessary compatible libraries for PGP, but there's also the option of moving to a more modern approach and the use of GnuPG: $ rpm -q gnupg2 gnupg2-2.4.4-1.fc40.x86_64 Before I can use GPG in the Usenet-hierarchy 'nl' I need to register its key and this is probably the first thing that I should do. Where do I do that? Before registering I also need to generate the new key. How do I do that? A step-by-step-approach works best for me as I don't want to make any fatal mistakes. The next thing to do is probably configuring a new 'signcontrol' (Perl) and getting that new 'signcontrol' to work. Julien already pointed me to https://ftp.isc.org/pub/pgpcontrol/signcontrol and there's much resemblance to my version from 1998. I've made some local changes there to accommodate a few particular needs for nl.* (in 2002). The version from 1998 is v1.6. From 1.9: "# -- Fix error reporting around lock files with PGP." - was that the error that I fixed in 2002? :-) [variable $lock vs. $pgplock] Adri