From 8de1ee1b2b676b0d07586f0752750dd6b0fb7511 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 11:59:15 +0200 Subject: Adding upstream version 2.2.27. Signed-off-by: Daniel Baumann --- doc/instguide.texi | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 doc/instguide.texi (limited to 'doc/instguide.texi') diff --git a/doc/instguide.texi b/doc/instguide.texi new file mode 100644 index 0000000..bf99a5c --- /dev/null +++ b/doc/instguide.texi @@ -0,0 +1,77 @@ +@c instguide.texi - Installation guide for GnuPG +@c Copyright (C) 2006 Free Software Foundation, Inc. +@c This is part of the GnuPG manual. +@c For copying conditions, see the file gnupg.texi. + +@node Installation +@chapter A short installation guide + +Unfortunately the installation guide has not been finished in time. +Instead of delaying the release of GnuPG 2.0 even further, I decided to +release without that guide. The chapter on gpg-agent and gpgsm do +include brief information on how to set up the whole thing. Please +watch the GnuPG website for updates of the documentation. In the +meantime you may search the GnuPG mailing list archives or ask on the +gnupg-users mailing list for advise on how to solve problems or how to +get that whole thing up and running. + +** Building the software + +Building the software is described in the file @file{INSTALL}. Given +that you are already reading this documentation we can only give some +extra hints. + +To comply with the rules on GNU systems you should have build time +configured @command{gnupg} using: + +@example +./configure --sysconfdir=/etc --localstatedir=/var +@end example + +This is to make sure that system wide configuration files are searched +in the directory @file{/etc} and variable data below @file{/var}; +the default would be to also install them below @file{/usr/local} where +the binaries get installed. If you selected to use the +@option{--prefix=/} you obviously don't need those option as they are +the default then. + + +** Notes on setting a root CA key to trusted + +X.509 is based on a hierarchical key infrastructure. At the root of the +tree a trusted anchor (root certificate) is required. There are usually +no other means of verifying whether this root certificate is trustworthy +than looking it up in a list. GnuPG uses a file (@file{trustlist.txt}) +to keep track of all root certificates it knows about. There are 3 ways +to get certificates into this list: + +@itemize +@item +Use the list which comes with GnuPG. However this list only +contains a few root certificates. Most installations will need more. + +@item +Let @command{gpgsm} ask you whether you want to insert a new root +certificate. This feature is enabled by default; you may disable it +using the option @option{no-allow-mark-trusted} into +@file{gpg-agent.conf}. + +@item +Manually maintain the list of trusted root certificates. For a multi +user installation this can be done once for all users on a machine. +Specific changes on a per-user base are also possible. +@end itemize + +@c describe how to maintain trustlist.txt and /etc/gnupg/trustlist.txt. + + +@c ** How to get the ssh support running +@c +@c XXX How to use the ssh support. + + +@c @section Installation Overview +@c +@c XXXX + + -- cgit v1.2.3