Keysigning Fosdem quick howto

step 1: Install gnugp

debian: apt-get install gnupg

fedora: yum install gnupg

step2: create your key

gpg --gen-key

you’ll have to answer several questions:

kind and key size that do you want: defaults appears to be good enough.

how long the key will be valid : your decision mine never expires.

your name and surname (Use your real name Do you trust in a person called Bart Simpson or Zero Trust?)

your email address

comment: optional

A passphrase: Don’t forget, if you lost your passphrase your encripted data will useless .

Trick: Open a flash video or run a virtual machine for create entropy .

gpg generated key

step 3: Generate a revoke key

changue mykey for your key fingerprint last characters

gpg –output revoke.asc –gen-revoke mykeyfingerprint

step 4: Export public and private keys

exporting private key

gpg –output private.gpg –export-secret-key mykeyfingerprint

exporting public key

gpg –output public.gpg –export mykeyfingerprint

step 5: Backup tour keys

Store your keys into a Floppy disk, usb memory, CD, or wherever, you can print your keys for security.

step 6: Send your public key to fosdem server

the instructions appear in the fosdem site and check the public key uploaded

step 7: Print the keys list

a few days before the fosdem start will appear a document to print. (

trick try to print the document in the minor number of pages.

step 8: Keysinging Event

Stay at time.

Wear warm clothing.

if you come later  try to find your position asking the key numbers to the participants try to Maintain the order easy for you easy for everyone

keysinging positions

fosdem 2011 keysigning

step 9; Import keys

After the Fosdem you’ll receive several emails signing your public key,  you must import the public keys.

Download the key hashes from


wget –no-check-certificate

bunzip  ksp-fosdem2011-keyring.asc.bz2

gpg –import ksp-fosdem2011-keyring.asc

now your have all the public keys in your ring

step 10: parse fosdem keys

pass your paper maks to a new copy of  the txt keys file

I create this perl script in order to get the key hashes to sing

unzip and execute

./ <path to your file>

this script show the key hashes to

step 11: configure your sSMTP

CAFF sends the sing keys using your system mail transfer agent (MTA), nowadays using your ISP ip address is a warranty  of appears in the receiver  spam box

install sSMTP

on debian: apt-get install ssmtp

on fedora:

yum install ssmtp

(select ssmtp)

alternatives –config mta

configure sSMTP :

step 12: configure CAFF

install caff

on debian: apt-get install signing-party

on fedora: yum install pgp-tools

now we’ll configure caff

first we’ll execute caff


this creates a config file named .caffrc in your home folder.

edit .caffrc file

gedit $HOME/.caffrc

complete the config file reading the instructions.

final step: send the keys

simply execute caff and paste your output.

enjoy writing your password several times.