As I've already noted, Jamie isn't following the procedure I went through at my keysigning, but no matter, follow his instructions for at the meeting, but everything else applies here.
Those of you that have already generated a key, can skip directly to section 2, without passing Go and collecting $200.
In order to get your key signed, you have to have a key to sign. You can use either GPG (also known as GnuPG, or the GNU Privacy Guard), or PGP. PGP isn't free as in speech and beer, so if you don't already have a key, using GPG is the recommended path.
If you don't have GPG installed, install it, using 'apt-get install gnupg', searching rpmfind.net, or building from source on www.gnupg.org. After that's done, you need to generate a private/public key pair.
'gpg --gen-key' is the command you want. If this is the first time you are running gpg, it will write out your options, and ask to be restarted. No problem, just run the same command again. It will ask questions about what kind of key you want to generate. If you're new to this the defaults are quite okay.
Enter your e-mail address, name, and optional comment, and your private key passphrase (make it a good one), and then self-sign your own key. (GPG will prompt you for all of the above.)
You're pretty much done! Now you need to bring your key to the meeting, so other people can sign it. Another point to note is that you should upload your key to a public keyserver so other people can get your key quickly and easily. Two public keyservers that I usually use are wwwkeys.us.pgp.net and the.earth.li. An example command is: gpg --send-keys --keyserver the.earth.li [keyid]
OK, you've gone to trouble of generating a key and you want to bring it to the meeting? By far the easiest way is run 'gpg --fingerprint'. This will print out the key fingerprint for your (or all public) keys.
You should then really print the key out. It's a little troublesome to take your machine to the keysigning. You probably want to print multiple copies, so you can bug people with it and hand it around at the meeting.
A nice one-liner for printing your key is:
for i in $(seq 1 10) ; do gpg --fingerprint; done | lpr
At the meeting, you'll be given a chance to sign other people's keys. Be sure to check Personal Identification, as well as matching name on the ID with the name on the fingerprint. Collect as many fingerprints as you can, or until somebody yells at you to sit down.
So, it's 2 am in the morning, and you've staggered home from the pub? Right then, we better properly sign those keys. By far the easiest way is to have gotten a piece of paper from the person with their finger print on it. (Failing that you can always write it down.) You then receive the key from a public key server (gpg --recv-keys --keyserver wwwkeys.eu.pgp.net 0x<keyid>), you double-check and triple-check that the fingerprints are the same, you sign the key. You sign it by running 'gpg --edit-keys <distinctive part of their email >' and running 'sign'.
What I usually do myself is just run gpg --edit-key <blah>, run fpr, compare the fingerprints, and if they match, run sign.
From here, you have two choices. You can export (gpg --export) the key to a text file, and e-mail it back to the person (you can even encrypt it, since you have their public key), or you can upload the changed key to a public key server. Uploading the keys to a keyserver (gpg --send-keys) is the easiest option of the two, and less hassle for the both of you. It also allows people who next download their key to be able to send to you, via their public key, and the trust mechanism.
pub 1024D/2B302452 2001-06-14 Steve Kowalik <stevenk@debian.org>
Key fingerprint = 96CC 9BA9 7224 8F3B 7623 D50F C09D 3F5D 2B30 2452
uid Steve Kowalik <stevenk@hasnolife.com>
sub 1024g/0EDD22AC 2001-06-14
Starting from the top, 'pub' shows that this is a public key.I'm Steve Kowalik, local caring SLUG member and Debian developer, and wrote this after a monster 4 hour POE/Perl session. Any spelling error is my fault.
My mail and public key.