Caff 是 signing-party 包的一个实用工具,可以签名一个密钥并邮寄给所有者。Caff 是一个 Perl 脚本,发件需要配置 MTA(邮件传输代理)这里使用 msmtp 来连接到一个 Relay (SMTP 服务器)。
配置 MTA
配置 MTA 非常简单,先安装 msmtp, msmtp-mta 然后创建 .msmtprc 文件:
# Set default values for all following accounts.
defaults
auth on
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile ~/.msmtp.log
# autistici
account autistici
host smtp.autistici.org
port 465
tls_starttls off
from a@b.c
user a@b.c
password xxxxx
# Set a default account
account default : autistici
在配置完以后,你应该能用 mail -s "test_email" user@mailprovider.com 来发送一条测试邮件。如果出了问题可以查看 .msmtp.log。
Caff 的配置文件会在第一次运行时生成,里面有有关选项的注释。这是我的配置文件:
# .caffrc -- vim:ft=perl:
$CONFIG{'owner'} = 'William Goodspeed';
$CONFIG{'email'} = 'goodspeed@anche.no';
$CONFIG{'keyid'} = [ qw{2945CED1C88E763DB6FFBCE247FFB4C9CB4F5319} ];
$CONFIG{'local-user'} = [ qw{2945CED1C88E763DB6FFBCE247FFB4C9CB4F5319} ];
# Mail template to use for the encrypted part
$CONFIG{'mail-template'} = << 'EOM'; Hi, please find attached the user id{(scalar @uids >= 2 ? 's' : '')}
{foreach $uid (@uids) {
$OUT .= "\t".$uid."\n";
};}of your key {$key} signed by me.
If you have multiple user ids, I sent the signature for each user id
separately to that user id's associated email address. You can import
the signatures by running each through `gpg --import`.
Note that I did not upload your key to any keyservers. If you want this
new signature to be available to others, please upload it yourself.
With GnuPG this can be done using
gpg --keyserver pool.sks-keyservers.net --send-key {$key}
If you have any questions, don't hesitate to ask.
Regards,
{$owner}
EOM