--- Kurt Fitzner [EMAIL PROTECTED] wrote:
Realos wrote:
What would you suggest in this case? A brute force
attack with some
software if I know part of the password? What tool
is suitable for that?
There isn't any software that I know of to
brute-force a GnuPG password.
Actually,
David Shaw wrote:
Anyway, do this:
gpg --expert --cert-digest-algo (thehash) -u (thekeyid) --sign-key (thekeyid)
Is this possible with the selfsigs on subkeys, too?
Chris.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
David Shaw wrote:
If an attacker compromises the keyserver or in any way distributes
your key himself, he can remove the new self-sig, leaving the old one
behind.
Isn't it possible to revoke the older selfsig?
Of course, it's still possible for an attacer to compromise the
keyserver and/or
On Wed, Jan 04, 2006 at 07:01:17PM +0100, Christoph Anton Mitterer wrote:
David Shaw wrote:
If an attacker compromises the keyserver or in any way distributes
your key himself, he can remove the new self-sig, leaving the old one
behind.
Isn't it possible to revoke the older selfsig?
On Wed, Jan 04, 2006 at 04:20:20PM +0100, Christoph Anton Mitterer wrote:
David Shaw wrote:
Anyway, do this:
gpg --expert --cert-digest-algo (thehash) -u (thekeyid) --sign-key (thekeyid)
Is this possible with the selfsigs on subkeys, too?
No.
David
Hello.
I downloaded GnuPG source and checked its signature (under Windows):
ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.tar.bz2
ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.tar.bz2.sig
Then I rebooted into recently installed Debian GNU/Linux 3.1r0a system
and built program from source:
$ cd
lusfert wrote:
$ cd /home/[user]/
$ bunzip2 gnupg-1.4.2.tar.bz2
$ tar xvf gnupg-1.4.2.tar
tar xjvf will combine the tar extract operation with the bunzip
$ cd ./gnupg-1.4.2
$ ./configure
$ make
Thus is normally the point where one tests the built code *before*
'make install'.
# make
On Thu, 5 Jan 2006, Janusz A. Urbanowicz wrote:
from my experience, all keys for long-term, _safe storage_ (and after
revocation) should be kept with no passphases at all
human memory is very volatile and some day you gonna need to decrypt an
old email encrypted with the key you revoked in
On Thu, Jan 05, 2006 at 02:07:17PM -0500, Atom Smasher wrote:
On Thu, 5 Jan 2006, Janusz A. Urbanowicz wrote:
from my experience, all keys for long-term, _safe storage_ (and after
revocation) should be kept with no passphases at all
human memory is very volatile and some day you gonna
On Thu, 5 Jan 2006, Samuel ]slund wrote:
In Sweden people with weapon licenses are required to either keep their
weapons locked up in a safe that is non-trivial to move or store them
with the vital part and ammunition removed and hidden in different
places.
Might be applicable?
I hope I'm not off-topic but I have a question about WinPT. It seems that I
can refresh or add to the public keyring from the CLI with gpg but I can't
refresh the keys using the same server from within WinPT. I keep getting an
error about WinPT not able to access the server. I tried the other
11 matches
Mail list logo