...
The new user should create a new key for him/herself with the PGP key generation command: How to Get PGP Key
Code Block pgp -kg
When prompted, use a key strength of 1024 bits and use the suggested key name format
Firstname Lastname <username@slac.stanford.edu>.The new user should export his/her PGP key for use with escrow:
Code Block escrow setupuser
This will export the user's public PGP key into a separate file which can then be imported into escrow.
An existing escrow user should add the user's key to the clique's keyring:
Code Block escrow adduser -c iepm ~*<newuser>*/.escrow/publickey
e.g.
escrow adduser -c iepm ~jaredg/.escrow/publickeyThe program will repeatedly prompt for confirmation that the key is trusted. It will also prompt you for the existing user's PGP passphrase.Note 4 MUST come after 3. An existing escrow user should add the user's key to the iepmacct list of secrets:
Code Block escrow adduser -c iepm iepmacct *<username>*
e.g.
escrow adduser -c iepm iepmacct jaredgThe program will prompt for the existing user's PGP passphrase.Add user to the AFS group cottrell:iepm
Code Block pts adduser -user kalim -group cottrell:iepm
...