Re: Problem after going from gpg 1.2.6 to 1.4.5
On Thu, 14 Feb 2013 00:00, apadmar...@prounlimited.com said: However, with 1.4.5 we get an encrypted file everything in one line and gets cut at 80th char. With 1.2.6 we used to get an encrypted file in multiple lines with 80 chars per line and was able to see complete file. That pretty much looks like a post processing problem in your script. GPG's armor format does not output more than 64 characters per line. IT is possible that old versions uses up to 72 characters but definitely never more than 76 as per specs. BTW, you should also use --batch when invoking gpg from a script and take care to properly quote argumens, so that filenames with spaces work. With 1.4.5, how to get it in 80 char format per line? Right now we Why did you switch to a 6 year old version of GnuPG with 4 known CVE indetified bugs? cannot upgrade to beyond 1.4.5 because of consistency issues. Please explain. There is no incompatibility between 1.4.5 and later versions. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fw: GPG Decryption Issue
On Tue, 12 Feb 2013 09:27, kamalakanna...@tcs.com said: Currently we are using batch command as below to decrypt single files. gpg --batch --passphrase-file E:\Data\qfbi\Navtech\Working\passphrase.txt --output E:\Data\qfbi\Navtech\Working\NJS170203YBBNA.xml --decrypt E:\Data\qfbi\Navtech\Input\NJS170203YBBNA.gpg Example: gpg --batch --passphrase-file E:\Data\qfbi\Navtech\Working\passphrase.txt \ --yes --multifile --decrypt \ E:\Data\qfbi\Navtech\Input\NJS170203YBBNA.gpg \ E:\Data\qfbi\Navtech\Input\NJS170203YBBNB.gpg \ E:\Data\qfbi\Navtech\Input\NJS170203YBBNC.gpg or gpg --batch --passphrase-file E:\Data\qfbi\Navtech\Working\passphrase.txt \ --yes --multifile --decrypt FILE_WITH_FILENAMES Note that this will only work if the files are all encrypted to the same key. --yes is required to overwrite existing plaintext files and you can't use --output for obvious reasons. BTW, I am a bit disappointed because you already asked for paid support and we offered you to help you at 80EUR/h charged per 30min. You did not reply but tried your luck here; but well, today is I love free software day: http://ilovefs.org . Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Error when running GPA
FreeBSD-8.3 STABLE gpg (GnuPG) 2.0.19 libgcrypt 1.5.0 gpa 0.9.3 When attempting to run 'gpa', I am greeted with an error message. The message can be viewed here: http://www.seibercom.net/logs/gpa_error.png It seems to indicate that there is a problem with the GPG library returning an unexpected value. I have tried rebuilding 'gnupg', 'gpgme' and 'gpa'. Is there something else I should be looking into? Thanks! -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unable to access Crypto Stick with gpg2
Am Do 14.02.2013, 19:38:05 schrieb Jan Ignatius: Turns out it was mounted on /dev/bus/usb/001/005: crw-rw-r-- 1 root pcscd 189, 4 Feb 14 19:13 005 The access rights seem ok to me - the smart card daemon pcscd has full rights to the device. Does anyone have other ideas I could test out? The daemon group has... But is this group in the list of groups of the scdaemon process? That's not a SUID/SGID binary. So if you are not in this group then scdaemon started by you (or by gpg-agent started by you) won't be either. /bin/ps -e -o pid,supgrp,args Hauke -- ☺ PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-schulungen.de/ signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problem after going from gpg 1.2.6 to 1.4.5
Hi Werner, Thank you for the replay. We found the issue is not related to GPG, but with file conversion. It is no more a issue now. Please ignore this. Thank you, Anil On Thursday, February 14, 2013, Werner Koch wrote: On Thu, 14 Feb 2013 00:00, apadmar...@prounlimited.com javascript:;said: However, with 1.4.5 we get an encrypted file everything in one line and gets cut at 80th char. With 1.2.6 we used to get an encrypted file in multiple lines with 80 chars per line and was able to see complete file. That pretty much looks like a post processing problem in your script. GPG's armor format does not output more than 64 characters per line. IT is possible that old versions uses up to 72 characters but definitely never more than 76 as per specs. BTW, you should also use --batch when invoking gpg from a script and take care to properly quote argumens, so that filenames with spaces work. With 1.4.5, how to get it in 80 char format per line? Right now we Why did you switch to a 6 year old version of GnuPG with 4 known CVE indetified bugs? cannot upgrade to beyond 1.4.5 because of consistency issues. Please explain. There is no incompatibility between 1.4.5 and later versions. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -- Anilkumar Padmaraju | Sr. Linux System Administrator *PRO Unlimited, Inc.* 1350 Old Bayshore Highway, Suite 350, Burlingame, CA 94010 (o) 650-373-2484 | (m) 408-835-7599 | (e) apadmar...@prounlimited.com www.prounlimited.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unable to access Crypto Stick with gpg2
On Wed, 13 Feb 2013 23:32:29 +0100 Hauke Laging mailinglis...@hauke-laging.de wrote: Am Mi 13.02.2013, 20:16:01 schrieb Jan Ignatius: Coming back to your original proposal, could you give me some guidance on how i can check the user permissions for the Crypto Stick? I think that means that you have connected the device to bus 2 which is a USB 1.1 bus. The kernel has given the device the number 5. This is not always the same. If you disconnect and reconnect it will probably have the next number. No idea whether there is an overrun after 999 ;-) So you should see the access rights with ls -l /dev/bus/usb/002/005 Turns out it was mounted on /dev/bus/usb/001/005: crw-rw-r-- 1 root pcscd 189, 4 Feb 14 19:13 005 The access rights seem ok to me - the smart card daemon pcscd has full rights to the device. Does anyone have other ideas I could test out? A more directly gnupg related matter also came to light - after the card reading fails (see my earlier examples) and the scdaemon goes belly up it seems not to die peacefully: When I remove the Crypto Stick my syslog starts filling up with thousands identical entries as follows: Feb 14 19:22:43 Sibelius kernel: [ 846.570762] usb 1-1.2: USB disconnect, device number 5 Feb 14 19:22:43 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:43 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:44 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:44 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:45 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:45 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:45 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:46 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:47 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:47 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:48 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:48 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:48 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:49 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:49 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:49 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:50 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:51 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:51 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:52 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:52 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:52 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:53 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:54 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device Feb 14 19:22:54 Sibelius pcscd: ifdwrapper.c:348:IFDStatusICC() Card not transacted: 617 Feb 14 19:22:55 Sibelius pcscd: eventhandler.c:303:EHStatusHandlerThread() Error communicating to: German Privacy Foundation Crypto Stick v1.2 00 00 Feb 14 19:22:55 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device ...Ad infinitum So I have to restart the machine to avoid bloating up the syslog. The same does not happen if I only plug in the stick and then remove it, without running gpg2, the only entries (for the disconnect) are as follows: Feb 14 19:34:44 Sibelius kernel: [ 206.379447] usb 1-1.2: USB disconnect, device number 5 Feb 14 19:34:44 Sibelius pcscd: ccid_usb.c:660:WriteUSB() write failed (1/5): -4 No such device -- Jan em...@janignatius.fi PGP Key: https://janignatius.fi/pgp PGP Key Fingerprint: 08EC 7FDC BAAA EEF5 AFE8 BEEC 8B71 471F 7F86 1262 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unable to access Crypto Stick with gpg2
The daemon group has... But is this group in the list of groups of the scdaemon process? That's not a SUID/SGID binary. You're confusing pcscd and scdaemon. OP doesn't use direct access by scdaemon, but rather a PC/SC daemon which is run from init, and to which the scdaemon connects. If the card reader is supported directly by GnuPG, it might be better to remove pcscd from the equation. And in that case, the ownership might indeed become an issue again when it's like this. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unable to access Crypto Stick with gpg2
On Thu, 14 Feb 2013 18:51:13 +0100 Hauke Laging mailinglis...@hauke-laging.de wrote: Am Do 14.02.2013, 19:38:05 schrieb Jan Ignatius: Turns out it was mounted on /dev/bus/usb/001/005: crw-rw-r-- 1 root pcscd 189, 4 Feb 14 19:13 005 The access rights seem ok to me - the smart card daemon pcscd has full rights to the device. Does anyone have other ideas I could test out? The daemon group has... But is this group in the list of groups of the scdaemon process? That's not a SUID/SGID binary. So if you are not in this group then scdaemon started by you (or by gpg-agent started by you) won't be either. /bin/ps -e -o pid,supgrp,args Hauke This is what I could find from the output of that command that seemed relevant for gpg: 1878 -/usr/sbin/pcscd 2666 adm,cdrom,sudo,dip,plugdev,lpadmin,samba /usr/bin/gpg-agent --daemon --sh --write-env-file=/home/jan/.gnupg/gpg-agent-info-Sibelius /usr/bin/dbus-launch --exit-with-session x-session-manager 2683 adm,cdrom,sudo,dip,plugdev,lpadmin,samba mate-keyring-daemon --start --components=gpg 2781 adm,cdrom,sudo,dip,plugdev,lpadmin,samba /usr/bin/gnome-keyring-daemon --start --components=gpg As you can see, there are no entries for scdaemon. I've attached the full output for reference. If I run scdaemon manually (scdaemon --daemon), this is the entry from the ps-command: 7592 adm,cdrom,sudo,dip,plugdev,lpadmin,samba scdaemon --daemon Is the solution such that I need to get the scdaemon to be a part of the group pcscd? -- Jan em...@janignatius.fi PGP Key: https://janignatius.fi/pgp PGP Key Fingerprint: 08EC 7FDC BAAA EEF5 AFE8 BEEC 8B71 471F 7F86 1262 PID SUPGRP COMMAND 1 -/sbin/init 2 -[kthreadd] 3 -[ksoftirqd/0] 6 -[migration/0] 7 -[watchdog/0] 8 -[migration/1] 10 -[ksoftirqd/1] 11 -[watchdog/1] 12 -[migration/2] 14 -[ksoftirqd/2] 15 -[watchdog/2] 16 -[migration/3] 18 -[ksoftirqd/3] 19 -[watchdog/3] 20 -[cpuset] 21 -[khelper] 22 -[kdevtmpfs] 23 -[netns] 25 -[sync_supers] 26 -[bdi-default] 27 -[kintegrityd] 28 -[kblockd] 29 -[ata_sff] 30 -[khubd] 31 -[md] 34 -[khungtaskd] 35 -[kswapd0] 36 -[ksmd] 37 -[khugepaged] 38 -[fsnotify_mark] 39 -[ecryptfs-kthrea] 40 -[crypto] 49 -[kthrotld] 53 -[scsi_eh_0] 54 -[scsi_eh_1] 55 -[scsi_eh_2] 56 -[scsi_eh_3] 57 -[scsi_eh_4] 58 -[scsi_eh_5] 62 -[kworker/u:5] 63 -[kworker/u:6] 65 -[binder] 85 -[deferwq] 86 -[charger_manager] 87 -[devfreq_wq] 363 -[kdmflush] 365 -[kcryptd_io] 366 -[kcryptd] 378 -[kdmflush] 381 -[kdmflush] 403 -[jbd2/dm-1-8] 404 -[ext4-dio-unwrit] 425 -[flush-252:1] 638 -upstart-udev-bridge --daemon 655 -
Re: Unable to access Crypto Stick with gpg2
/bin/ps -e -o pid,supgrp,args 1878 -/usr/sbin/pcscd pcscd will have GUID pcscd, so it's not a supplementary group. With $ ps -e -o pid,egroup,supgrp,args You'll most likely notice pcscd in the second column for that daemon. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gnupg for android phones
Ubuntu is releasing an app for android phones, and some phones running ubuntu are said to become available in October 2013. http://www.ubuntu.com/devices/android http://www.examiner.com/article/first-ubuntu-for-android-handsets-to-release-october As ubuntu has gnupg as a standard application by default, then it would seem that the new phones might have gnupg capablility. (might be interesting for texting ;-) ). But, As android apps can have malware that can capture stored files on the phone, or even root the phone, it might not be a good idea to keep a secret keyring on the phone. Still, if there would be a way to get a smartcard reader to usb connect to the phone, it might make it much easier and safer to use gnupg with it. If anyone would like to help try this out, please let me know. (am currently using a motorola droid 2, but if, in Oct. there would be a motorola droid 5 or an ubuntu app that would run on a droid 4, I would consider upgrading - am from the generation of the previous millenium, and still prefer a hard keyboard to a touchscreen, and the droid 4 has a slider keyboard, 1g of ram, and a dual core processor, so it seems 'promising' to find a way to get ubnutu to recognize a usb gnupg smart card reader ;-) ) tia, vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg for android phones
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Why not use APG (HTTPS://play.google.com/store/apps/details?id=org.thialfihar.android.ago) and K-9 mail (HTTPS://play.google.com/store/apps/details?id=com.fsck.k9) it may be a case of works for me but so far I haven't had any major problems with it. Note: sent from my DROID RAZR with the above mentioned apps. ved...@nym.hush.com wrote: Ubuntu is releasing an app for android phones, and some phones running ubuntu are said to become available in October 2013. http://www.ubuntu.com/devices/android http://www.examiner.com/article/first-ubuntu-for-android-handsets-to-release-october As ubuntu has gnupg as a standard application by default, then it would seem that the new phones might have gnupg capablility. (might be interesting for texting ;-) ). But, As android apps can have malware that can capture stored files on the phone, or even root the phone, it might not be a good idea to keep a secret keyring on the phone. Still, if there would be a way to get a smartcard reader to usb connect to the phone, it might make it much easier and safer to use gnupg with it. If anyone would like to help try this out, please let me know. (am currently using a motorola droid 2, but if, in Oct. there would be a motorola droid 5 or an ubuntu app that would run on a droid 4, I would consider upgrading - am from the generation of the previous millenium, and still prefer a hard keyboard to a touchscreen, and the droid 4 has a slider keyboard, 1g of ram, and a dual core processor, so it seems 'promising' to find a way to get ubnutu to recognize a usb gnupg smart card reader ;-) ) tia, vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQFLBAEBCAA1BQJRHWPMLhxLZW5kcmljayBBcmlzdG90bGUgRWFzdGVzIDxLZWFz dGVzQGdtYWlsLmNvbT4ACgkQV1qTbtWfpB7iBQf/RCHWze3p1eGU57vJ+T71iIjS dt1ahAFZPZhgv/FYnL5GqWvOS4MVlgOFROL2bo3QQLO77LIlhMqQ0BT0Ob7/xZow JTw4Y0hMecHDc805V36sjNwMnU7KmS7J4CpcaHk2Y7LNnPQxhnDQho5k23eZk63s TeRC9Dz/RZ2ZfwGeQAlA8leY1p29kK5tnBl/3CsxjLMyheZzqf6Ro/MDR+MVrrwz xL+bZJEjCdadwHAttarrEf1O1NtlC/A+v4Kp775FTbmLvgdDaAV4+MAReq4xLeab h4WP54ttbA9d8igEfjJR+4KGRWfjMvwFhMVN7izBW8DBtsi2dd9iyX2lBgYc7g== =KXty -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQFLBAEBCAA1BQJRHWUkLhxLZW5kcmljayBBcmlzdG90bGUgRWFzdGVzIDxLZWFz dGVzQGdtYWlsLmNvbT4ACgkQV1qTbtWfpB4cOgf+PKFeHSDiN0RHCcEoYonq/bRI tRq77+NdslmGUEpNcFZfE1UXVB4GFtZqOFOedTdhGbCU8kprVAv+bJS3mTN88cGW tKJAd4daCPA8vrwXdM7+c0JUGVIJRZSCHO585RF9zY2OjSk4v9YBhwz9UGvF2i+P 9XfrbCo22dSyKktLldx07ofAHCaviNh+hW2gK1ZGYgGGv9yh2UhcgNQrau7qwMrX vqhveepNzJlCxrefBMqO57vk8mgzK+kFsxxS+laWtVy83CwSqrXvlTQWu5RlgWZK Ja4oCZkJ97vpOsUDbDtTm09dSwFN94XZ0qNYDJFG6/81FC5nyf0i8lcmbc86ag== =uFiW -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users