Re: Can't use GPG key - secret key not available
On 09/29/2010 10:49 PM, Madhusudan Singh wrote: I finally bit the bullet and cleaned out my old S3 bucket on Amazon and started afresh with a new key. Generated an RSA and RSA (4096 bit) key. Tried to use it with duplicity. It fails: = Begin GnuPG log = gpg: no default secret key: secret key not available gpg: [stdin]: sign+encrypt failed: secret key not available = End GnuPG log = GPGError: GPG Failed, see log below: = Begin GnuPG log = gpg: no default secret key: secret key not available gpg: [stdin]: sign+encrypt failed: secret key not available = End GnuPG log = OS: Mac OSX 10.6.4 What gives ? I have two keys (corresponding to two different email addresses listed - both --list-keys and --list-secret-keys attest to that fact). Thanks for your help. Hi, check your gpg.conf. You should have a default-key parameter set. I have default-key AB10E8D2. Hope this helps. Noiano signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: BZIP2
Henrik O A Barkman ha scritto: What is the reason for the Windows build of 1.4.10 (both the pulled and fixed binaries) not supporting BZIP2? [cut] I can see the bzip2, windows vista SP2 C:\Users\noianogpg --version gpg (GnuPG) 1.4.10 Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: [cut] Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 C:\Users\noiano Strange, isn't it? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: When will be precompiled binaries for v2.0.x and Windows available?
John W. Moore III ha scritto: Ben Stover wrote: Is there really no precompiled binary version for Windows (maybe on another page) ? gpg4win JOHN ;) Timestamp: Tuesday 21 Jul 2009, 11:26 --400 (Eastern Daylight Time) will there ever be a gnupg.org windows build for 2.x version ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: how long should a password be?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Matt Kinni wrote: Everyone says it should be as long as possible, but there comes a point where it's just impossible to remember anything longer than 20 characters. What do you think? Well IMHO you should merge together some significant (just for you!) events, hard to forget, and turn them into a password. It should be - - longer = 25 IMHO - - nonsense in any language to avoid dictionary attack - - contain special character such as !?$£()... Noiano -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iE8DBQFIHrnS+JjGoasQ6NIRCC4yAOCKodHXmpyqfcMl6+jhu5a3ZdzsNnesFfhL pVrPAOCAp6SMeXSFBGduthirWlahq8JIzKkRXWyihnYP =oJln -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: pgp servers hanging
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 John Clizbe wrote: Are they down? Mine's not. try hkp://pool.sks-keyservers.net pool.sks-keyservers.net is a DNS round-robin consisting of 25 online and synced SKS keyservers. hkp://subkeys.pgp.net is a six server round-robin Are there any pgp server quality statistics like remailers? For example: this server is fast and reliable, this other often goes timeout Noiano -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iE8DBQFHtv4m+JjGoasQ6NIRCObtAN4m1LwmSoWwNU5Kfg6PcfB+OQjYR3HOveUi kRbuAN9ytkrMRyFuSNLT4OOPVHwHOseKCnfrUZQnekAX =2QTs -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG agent and non-shell application
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi everybody I have GnuPg 1.4.6 installed and I have my .gnupg directory as a symbolic link pointing to an encrypted partition. As soon as I need my keys I mount the encrypted partition and the symbolic link is resolved with no problem. The problem is the use of gnupg agent: I type gpg-agent --daemon gpg-agent-info so that the variable information are stored to that file. Under my .bashrc I have added the following line source gpg-agent-info so that the variable is correctly set up. The problem is the use of gnupg agent with program such as thunderbird, kpgp. They cannot see the variable GPG_AGENT_INFO as all shells do. I cannot set anything in .xsession because the encrypted partition isn't mounted on boot but on demand. Could you please tell me a reasonable solution for this matter? Thanks Noiano -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iE8DBQFHOhje+JjGoasQ6NIRCBF8AN9FzTw8rp8qrLHqV4BKexm3tJTLpb+R2daC E+r9AN0ZW65V9kmV38erjRjA1OOW0ct8M7adKZNojIYW =j0KT -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Half-OT] Materials for a GnuPg Talk
Hello everybody and sorry for this half-ot message. For the linuxday I want to prepare a talk about gnupg. I am thinking on starting to talk about privacy in general (communications in clear and its problems), then taking a little bit about cryptography (Caesar cipher, symmetric, asymmetric cryptography) and then starting to talk about gnupg from the user point of view. Since I have never had any talk I am collecting materials to prepare a decent presentation using impress. So I need images, animation and also documents because I need to study :-). Any help will be very appreciated. Noiano signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RSA or DSA? That's the question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello everybody as you can see my key is about to expire and I need to create a new one. When I created it I didn't know which algorithm was the best choice and I just chose the first option. Now I still don't know which is the best to choose and why. Is it one more secure than the other? I don't think so but I think there are some difference that make one algorithm suitable for some uses than the other. I was thinking to create one rsa key and one subkey for encryption. What do you think? What do you advise? Thank for you attention Noiano -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG38en6NhvvhGyNWkRApjlAJ0a3lCOaMAFjI+PyePveGI5GNDE/gCcC7hF u0z09ErtdSmnMhc78mA+kus= =M/d1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA or DSA? That's the question
Robert J. Hansen wrote: Werner Koch wrote: I have not heard of a SHA-1 collision yet. IIRC it still takes something in the range of 2^60. Rechberger and Cannière had some interesting things at CRYPTO 2006--I don't recall the details, but it sounded like a partial preimage attack, not just a simple collision. They only demonstrated it against SHA-1 reduced to 64 rounds, but drew a pretty clear roadmap for how to extend it to 80. I'm expecting more results soon. SHA-1 is facing some scary times. symmetric and public key encryption. OTOH, the improvement in breaking public key schemes are foreseeable for quite some time now and thus we can estimate how long it will take to break an n-bit key. I don't know I'd agree with that. In the early '90s when I first started using PGP 2.6, a 1024-bit key was considered to be ridiculous overkill. Most keys of that era were only 512 bits, and were considered of suitable strength for a great many years. A generation prior to that, Ron Rivest's original late-1970s predictions on necessary key lengths turned out to be wildly optimistic. We've got two full generations of crypto prophets who have badly overestimated the long-term security of algorithms and badly underestimated the unpredictable advances in computing power. It seems reasonable to me to ask why the current round of prophecy should be believed, given the failures of the past. When Schneier wrote _Applied Cryptography_ in 1992, the Chinese Lottery Attack was speculative fiction at best. Today, distributed.net is doing them every single day. It makes you think about what William Gibson said--the future is already here, it's just unevenly distributed. First off all thanks for your answers, I have now clearer ideas :-). For what concerns SHA-1 I read that, thanks to the collisions, an attacker can modify the message but the signature verification well be ok. I think that's really hard to do right? By the way I am thinking on creating a rsa key pair (with rsa subkey) as I am willing to buy a smart card kit. However you told the very standard algorithm is DSA/Elgamail so what should I do? Create two key pair? A rsa one and a dsa/elgamail one? One more thing: the key expiry. Do you think that setting the expiry date after a year or two is a good choice? Or is better not to set a expiry date and revoke the key when necessary? Thanks again Noiano signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users