GPG: adding an expiration date
I you have read my previous post, GPG Best Practices, you will know that I am a fan of setting expiration dates on my GPG keys.
This has not always been the case. As with many computer users I tend towards the lazy, and if I can keep from having to re-learn a password by never changing it, then I have been guilty of doing so.
Recently, however, I have decided that this is not the best thing to do when it comes to computer security. So while restoring my computer this weekend after a rebuild of the OS to get rid of some cruft that had built up, I decided I needed to add expiration dates to all of my GPG keys.
Now I had already established one for my work e-mail at the time I created the key, but now I needed to go back and add ones to my personal keys. After reading the man page on GPG, it looked pretty easy. Just go into edit mode for the key I wanted to change, the add an expiration date. Simple enough, right? Wrong.
Turns out the what I wanted to do was feasible, just not readily apparent. I didn’t just want to set a date relative to the current date in day, months, weeks, or years. What I wanted to do was use a specific date.
Well, after some diligent searching on Google, I found the following in a post on the gnupg-users list:
>>Is it possible to set an explicit date (e.g. 31 Dec) rather than a
>>duration? I suppose I could compute the number of days, but that’s
>>annoying.
Problem solved, mission accomplished.
Related posts
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
