From owner-freebsd-questions  Fri Mar  9 10:50:41 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from ns1.coastsight.com (ns1.coastsight.com [208.46.230.17])
	by hub.freebsd.org (Postfix) with ESMTP id 461EA37B719
	for <freebsd-questions@freebsd.org>; Fri,  9 Mar 2001 10:50:38 -0800 (PST)
	(envelope-from maillist@coastsight.com)
Received: from ns1.coastsight.com ([208.46.230.17])
	by ns1.coastsight.com with esmtp (Exim 2.05 #1)
	id 14bZSm-0002MJ-00
	for freebsd-questions@freebsd.org; Fri, 9 Mar 2001 18:50:36 -0800
Date: Fri, 9 Mar 2001 18:50:36 -0800 (PST)
From: Rick Duvall <maillist@coastsight.com>
To: freebsd-questions@freebsd.org
Subject: PGP Command Line for FreeBSD
Message-ID: <Pine.BSF.4.21.0103091845340.9041-100000@ns1.coastsight.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I installed PGP out of the ports collection.  I then created a keypair on
my windows box, and exported the public key and stuck it on the FreeBSD
box.  My supervisor refuses to allow me to have ANY private keys
whatsoever on the FreeBSD box.  The problem is, the only key that is on
FreeBSD is the public key from my windows box.  When I go to encrypt a
file, I get:

--------------------------------------------------------------
Key for user ID: TLC Loan Applications <loans@tlcfcu.org>
1024-bit DSS key, Key ID 0xDD81786C, created 2001/03/09
WARNING:  Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key
actually belongs to: "TLC Loan Applications <loans@tlcfcu.org>".

Are you sure you want to use this public key (y/N)?y
-------------------------------------------------------------

The problem with this is that it asks for user input.  Since I am doing
the PGP and then sending it through email via a CGI script, I can't have
the CGI script put in that user input.  To get around it, I need to create
a signing key on the FreeBSD box and sign the public key so that it won't
ask, it just trusts it.  But, my supervisor says that he won't allow me to
do that, that I have to find another way.

I would be very appreciative if somebody would help me out here, wether it
be a way to have the CGI do a "Y(return)" to get past the user input
prompt, or a way where it trusts the key without having a signing key
sitting on the FreeBSD box.

Sincerely,

Rick Duvall


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message