Next, you should verify the certificate’s finger print.Now, you will need to use the following parameters in This is useful because (1) it prevents someone from designating an insecure method for pulling their key and (2) if the server designated uses hkps, the refresh will fail because the ca-cert will not match, so the keys will never be refreshed.This is not ideal because if the keyserver fails, or even worse, if it appears to work but is not functioning properly, you may not receive critical key updates.
The keyserver might have given you a different key than the one you just asked for.
If you have gpg with version less than 2.1, then you must manually confirm the fingerprint after you have downloaded the key (versions 2.1 and later will refuse to accept incorrect keys from the keyserver).
The best way to do this on Debian and Ubuntu is to use parcimonie: Parcimonie is a daemon that slowly refreshes your keyring from a keyserver over Tor -.
It uses a randomized sleep, and fresh Tor circuits for each key.
The canonical free Open PGP implementation is Gnu PG, and it is available for every major modern operating system.
It is not enough to install Gnu PG and forget about it, though. In order to receive these updates, you must first ensure that you are using a keyserver that is functioning properly.The purpose is to make it hard for an attacker to correlate the key updates with your keyring.You should not use or the refresh keys menu item on your email client because you disclose to anyone listening, and the keyserver operator, the whole set of keys that you are interested in refreshing.You must keep it up to date so that critical security flaws are fixed. If you are running: If you do not regularly refresh your public keys, you do not get timely expirations or revocations, both of which are very important to be aware of! Then, you have to configure your machine to receive key updates in a regular fashion.Most Open PGP clients come configured with a single, specific keyserver.You can print your ticket any time before departure at any self-service terminal or ticket office.