#127 "Sign" action on Nautilus generate files that are incompatible with CLA

Created 9 years ago by dpaulo

When creating a CLA, we can use the graphic tool Seahorse to generate both PGP and SSH keys. Unfortunately, when we need to complete CLA validation by sending a PGP-signed file, it's not possible to use graphic tools to do that, because the Nautilus' "Sign" action generates a file that is not recognized by the Fedora Account System, forcing us to use command line do sign the file by typing "gpg -a --sign [file]".

If was possible use only graphic tools during entire CLA creation process it would be much more easy, and Fedora would lose less contributors that give up creating a Fedora account when they can't create/publish PGP/SSH keys and/or sign the file (which are the two critical steps when creating CLA).

I just installed Seahorse and I don't have a sign action in nautilus.

1) Does this happen when signing in seahorse as well.
2) Is there some other package you have installed to make nautilus have a sign action?

Blah. I needed to restart nautilus of course.

So here's the problem. The nautilus sign action creates a "detached signature". This means that the data and signature end up in separate files. This is not something that will be easy to support in the current account system code. Try using gedit's seahorse plugin instead of nautilus::

Open the CLA in gedit. Modify it as instructed in the CLA directions. Go to Edit preferences. Click on the Plugins tab. Click on the checkbox to enable "Text Encryption". Now that you have the plugin enabled you can click on Edit and then Sign to sign the document. Once signed, you should be able to save the document and then email it to the account system.

Closing as there's a graphical way to do this via gedit. Feel free to reopen if you feel the need for nautilus integration specifically.

Login to comment on this ticket.