(gnupg.info.gz) Installation
Info Catalog
(gnupg.info.gz) Top
(gnupg.info.gz) Top
(gnupg.info.gz) Invoking GPG-AGENT
1 A short installation guide.
*****************************
Unfortunately the installation guide has not been finished in time.
Instead of delaying the release of GnuPG 2.0 even further, I decided to
release without that guide. The chapter on gpg-agent and gpgsm do
include brief information on how to set up the whole thing. Please
watch the GnuPG website for updates of the documentation. In the
meantime you may search the GnuPG mailing list archives or ask on the
gnupg-users mailing listsfor advise on how to solve problems or how to
get that whole thing up and running.
** Building the software
Building the software is decribed in the file `INSTALL'. Given that
you are already reading this documentation we can only give some extra
hints
To comply with the rules on GNU systems you should have build time
configured `dirmngr' using:
./configure --sysconfdir=/etc --localstatedir=/var
This is to make sure that system wide configuration files are
searched in the directory `/etc/gnupg' and variable data below `/var';
the default would be to also install them below `/usr/local' where the
binaries get installed. If you selected to use the `--prefix=/' you
obviously don't need those option as they are the default then.
** Explain how to setup a root CA key as trusted
Such questions may also help to write a proper installation guide.
[to be written]
XXX Tell how to setup the system, install certificates, how dirmngr
relates to GnuPG etc.
** Explain how to setup a root CA key as trusted
X.509 is based on a hierarchical key infrastructure. At the root of
the tree a trusted anchor (root certificate) is required. There are
usually no other means of verifying whether this root certificate is
trustworthy than looking it up in a list. GnuPG uses a file
(`trustlist.txt') to keep track of all root certificates it knows
about. There are 3 ways to get certificates into this list:
* Use the list which comes with GnuPG. However this list only
contains a few root certificates. Most installations will need
more.
* Let `gpgsm' ask you whether you want to insert a new root
certificate. To enable this feature you need to set the option
`allow-mark-trusted' into `gpg-agent.conf'. In general it is not
a good idea to do it this way. Checking whether a root
certificate is really trustworthy requires decisions, which casual
users are not up to. Thus, by default this option is not enabled.
* Manually maintain the list of trusted root certificates. For a
multi user installation this can be done once for all users on a
machine. Specific changes on a per-user base are also possible.
XXX decribe how to maintain trustlist.txt and
/etc/gnupg/trustlist.txt.
** How to get the ssh support running
XXX How to use the ssh support.
1.1 Installation Overview
=========================
XXXX
Info Catalog
(gnupg.info.gz) Top
(gnupg.info.gz) Top
(gnupg.info.gz) Invoking GPG-AGENT
automatically generated by
info2html