Re: Cannot decrypt this file for the life of me
webdevlv schreef: I am a complete newbie to GPG so bare with. I have a gpg encrypted file and two .asc files... file_sec.asc and file.asc (pubilc and secret key? I have no clue what the terminology is). I also have a passphrase that needs to be used. Ok, I understand your issue. The bits you have are: - the encrypted file (I assume it's file.gpg) - the secret key (file_sec.asc) - the public key (file.asc) - the password to use the secret key. What you must do: 1. import the keys into your key ring (gpg --import file_sec.asc on the command line) 2. decrypt the file using the passphrase (gpg file.gpg on the command line) -- Raphael signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing vs. encrypting was: Cipher v public key
On Thu, Jun 01, 2006 at 11:33:14AM -0400, [EMAIL PROTECTED] wrote: Todd Zullinger tmz at pobox.com wrote on Thu Jun 1 11:46:48 CEST 2006 : While I prefer gnupg to pgp myself, I did just happen to see a reference to pgp command line today the cost is *astronomical* have played around with it when it was released as a free command line pgp 8.5 beta has a few features unique to pgp, which may or may not be of interest to the customers: - ADK's This may be somewhat emulated with GPG (mandated encrypt-to) - split-key / shared-key capablilty (this happens to be nice and useful any chance for a 'feature request' :-) ? ) I once thought of implementing this over gpg -- but it is notrivial to do it right and really it is a specialized application somewhat requiring a dedicated machine trusted by all the untrusting parties, to operate. A;ex ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG asks for confirmation...
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hello ! Mark Brown [EMAIL PROTECTED] wrote: Why is someone sending an encrypted message to this list? It's not encrypted. It's just signed and armored. Doesn't your mail client automatically display this for you? Many mail clients will assume that any GPG message is encrypted and prompt for a passphrase prior to invoking GPG. Are you sure? Security wouldn't be compromised if passphrase is given to anything else then gpg? - -- Laurent Jumet KeyID: 0xCFAF704C -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) iD8DBQFEgDeB9R1toM+vcEwRA/IJAJ94cYSGch26vubs+lDki6sDIDAA+gCgvMKk /8wC6zZZ6LWc5em3Ibl54EA= =iqz9 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG asks for confirmation...
* Laurent Jumet [EMAIL PROTECTED] wrote: Many mail clients will assume that any GPG message is encrypted and prompt for a passphrase prior to invoking GPG. Are you sure? Security wouldn't be compromised if passphrase is given to anything else then gpg? F.e. mutt itself asks for a passphrase and passes it on to gpg. It's a normal thing for email clients to do, as with frontends for gpg as well. In case an attacker replaces the gpg binary with a wrapper... well, security is compromised the moment when an attacker gains system access anyway. Btw, good to see GoldEd still floating around. How's fidonet? -- 2:2433/480 Sorry to the people I drove nuts back then, hehe pgpuLcMMaWO04.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG asks for confirmation...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Brown wrote: On Thu, Jun 01, 2006 at 10:59:54PM -0400, Todd Zullinger wrote: engage wrote: Why is someone sending an encrypted message to this list? It's not encrypted. It's just signed and armored. Doesn't your mail client automatically display this for you? Many mail clients will assume that any GPG message is encrypted and prompt for a passphrase prior to invoking GPG. I guess I just take it for granted because using mutt along with gpg-agent, I don't get such a password request. I'd be curious if kmail would do the same if configured to use the gpg-agent. Without the agent, mutt prompts as well. It's just been a long long time since I wasn't using gpg-agent. :) - -- ToddOpenPGP - KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp == Nothing says, Obey me! like a bloody head on a fence post. -- Stewie Griffin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl. iG0EARECAC0FAkSAg2kmGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt ei5hc2MACgkQuv+09NZUB1qhxQCggs0wv8cejnK4Q4Wjdt632zMzX2UAoJz7rb3m KbVGtmAeLGjkE//lkFuf =gim2 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG Smartcard and Authentication Key
* On Sun, 28 May 2006 23:12:34 +0200, * Volker Dormeyer [EMAIL PROTECTED] wrote: * On Sun, 28 May 2006 16:30:55 -0400, * David Shaw [EMAIL PROTECTED] wrote: On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote: Hello all, recently I received a message which is encrypted with my public authentication key instead of my encryption key. I wonder how this can happen, because I thought GnuPG does not use the authentication key as encryption key. Am I wrong? Further, I am not able to decrypt the message. I tried it manually with --try-all-secrets, but it doesn't seem to work. Basically it should work. I mean, I have the authentication private key. This is unfortunately turning into a FAQ. Basically, you've run into an old PGP bug. It was recently fixed (I don't recall exactly in what version), but there are countless installations of PGP that predate the fix. This is what I read in the gnupg-users archive before I send the question. I have to admit, I do not understand exactly, because I know that the user who sent me the message is using GnuPG. It shows -BEGIN PGP MESSAGE- Version: GnuPG v1.2.5 (GNU/Linux) Just thought a bit about it... Is it possible, that GnuPG prior to version 1.4 was not able to interpret those key flags? I didn't use an authentication with versions prior to 1.4 for myself. in the ASCII armored cipher text. OpenPGP keys have key flags that indicate what a key is to be used for (encryption, signing, or authentication). GnuPG honors these flags and will not encrypt to any key that isn't marked for encryption. The bug is that PGP is not properly looking at the key and will happily encrypt to a signing or authentication key. I am aware of the different key flags. This was the reason why I wondered how this could be happen. As to what you can do about it, your best bet is to contact the sender and ask for a retransmission encrypted to the proper key. It might be possible to write a program that can essentially trick the smartcard into decrypting the message by pretending it is a signature that needs to be verified but it depends on how exactly the card handles signatures. In any event, no such program exists today. Thanks, Volker -- Volker Dormeyer [EMAIL PROTECTED] Join the Fellowship and protect your Freedom!(http://www.fsfe.org) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Error generating new keys on Windows with gnupg 1.4.3
Whenever I try to generate a new secret key on Windows with gnupg 1.4.3, I get the following output immediately following the second request for my passphrase: gpg: NOTE: you should run 'diskperf -y' to enable the disk statistics A few seconds after that, a Windows error box pops up with this message: Microsoft Visual C++ Runtime Library Runtime Error! Program: z:\gnupg\gpg.exe This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. Has anyone seen anything like this or know where to start debugging it? I don't know if it makes any difference, but I have HKLU\Software\GNU\gpgProgram set to z:\gnupg\gnupg.exe and HomeDir is set to z:\gnupg. Please keep me in CC on any replies as I am not subscribed. Thanks in advance, Ras ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Error generating new keys on Windows with gnupg 1.4.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/2/2006 6:24 PM, Jee Kay wrote: Whenever I try to generate a new secret key on Windows with gnupg 1.4.3, I get the following output immediately following the second request for my passphrase: gpg: NOTE: you should run 'diskperf -y' to enable the disk statistics A few seconds after that, a Windows error box pops up with this message: Microsoft Visual C++ Runtime Library Runtime Error! Program: z:\gnupg\gpg.exe This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. Has anyone seen anything like this or know where to start debugging it? I don't know if it makes any difference, but I have HKLU\Software\GNU\gpgProgram set to z:\gnupg\gnupg.exe and HomeDir is set to z:\gnupg. Please keep me in CC on any replies as I am not subscribed. Thanks in advance, Ras ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users Did you try using an environmental variable instead of using the registry? Assuming you're using WinXP, open up the system properties (right-click My ComputerProperties). In the Advanced tab, click the Environmental Variables button on the bottom. You should now see a popup with 2 panes, one on top and one on the bottom. If you have admin access, open the Path variable. You going to want to add the path to the GnuPG EXECUTABLE (not the keyrings, unless they're in the same folder) at the end (make sure that you separate your addition from the string before it with a semicolon [;]. look at the rest of the Path variable to see an example of how they are separated). For example this is my Path variable before the addition: %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem Notice the semicolons between them and the lack of spaces. This is what mine looks like with the addition (just replace my GnuPG path with whatever yours is): %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\program file\gnu\gnupg Make sure that you do NOT put it in quotes (as we are used to doing in the command prompt when a filename had spaces). What the Path addition does is it tells the Windows Shell where to look for executable files (like when you say cmd at the run dialog, it looks in \windows\system32 for cmd.exe). So now when you type gpg (no quotes) at the run dialog or from a cmd prompt, it will run gpg.exe. If you don't have administrator access to the computer, you can just add a new variable named PATH in the top pane (user variables). Just add the GnuPG exec path to that. The second thing to do is add one last variable. This one doesn't normally exist in Windows so you must create a new system (or user) variable named GNUPGHOME (case-sensitive). The value for that variable is going to be the directory of you GnuPG keyrings (i.e. my GNUPGHOME variable's value is d:\gnupg (no quotes), as that is the folder where my keyrings are). Once those variables are changed/added, just OK out of the remaining dialogs until System Properties is closed. You don't have to restart or anything. P.S. the environmental variables override the registry settings, so you don't have to worry about cleaning them up. - -- Zach Himsel [EMAIL PROTECTED] |_|o|_| |_|_|o| |o|o|o| PGP Public Key: http://zach-himsel.is.dreaming.org/ PGP Public Key ID: 0xFD04A326 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRIDE1CZJc7D9BKMmAQJpDgf/XFCkeN8Rx9Bx5PBX44AhjgQeYnbuV60o 1q8pMUQIw3NxzsZh9oCytP75AaqW2AOfEP92dylwzDwpT7LGGl0dq3E0MgQnzTMB feTsZE744Zio93JaG1RPs563FypJ60hrB3zXNtxGEcOfOp/R6FaoMsc5eBVDFapf ZIVSt+64QgLmAT2M2Q5B55vp0MW8BPLg1bXMCYtTIn6VRrZNrtOKmMAzu27SCj6y U3zI0YF60Yd2oY1M2FH1y387C711DpCbi85MDwRkpdSonCY/kTOqpwScOCSIkd07 lWKYTqwytrPxUkGJeGEJHBMme6TVXAb++oCMiKflBFc/9rClTCOCYw== =AHCQ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG asks for confirmation...
On Thursday 01 June 2006 08:59 pm, Todd Zullinger wrote: engage wrote: Why is someone sending an encrypted message to this list? It's not encrypted. It's just signed and armored. Doesn't your mail client automatically display this for you? No. I keep getting prompted for my passphrase for this message. Kmail. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users