Re: Cannot export SSH public key

signing failed for RSA "cardno:18 698 015" from agent: agent refused operation sign_and_send_pubkey: signing failed for RSA "(none)" from agent: agent refused operation felix@some_server: Permission denied (publickey). After starting `tmux`, which runs `gpg-con

Re: Cannot export SSH public key

On Fri, Nov 24, 2023 at 9:09 AM Felix E. Klee wrote: > In addition, I need: > > gpg-connect-agent updatestartuptty /bye or otherwise, I get no PIN entry dialog / prompt ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.

Re: gpg --card-status

On Sat, Dec 30, 2023 at 11:30 PM Felix E. Klee wrote: > Example output with line numbers: > > 01 Reader ...: Yubico YubiKey CCID 00 00 > 02 Application ID ...: D276000124010304000618698015 > 03 Application type .: OpenPGP > 04 Version ..

Re: Cannot export SSH public key

1736 created : 2023-06-29 03:50:43 Authentication key: 9DFF AD98 566A 604F 7290 7C24 32B1 06F6 877C C64B created : 2023-11-22 15:14:14 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) sec> rsa4096/1BE349D11B6ED

Re: Cannot export SSH public key

1736 created : 2023-06-29 03:50:43 Authentication key: 9DFF AD98 566A 604F 7290 7C24 32B1 06F6 877C C64B created : 2023-11-22 15:14:14 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) sec> rsa4096/1BE349D11B6ED

gpg --card-status

21 created : 2023-06-29 03:50:43 22 Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E D589 23 created : 2023-06-29 03:50:43 24 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) 25 sec> rsa4

Re: Cannot export SSH public key

--list-keys --keyid-format LONG yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] sub rsa4096/32B106F6877CC64B 2023

Re: Cannot export SSH public key

$ gpg --list-keys --keyid-format LONG yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] sub rsa4096/32B106F6877CC64B 2

Re: Cannot export SSH public key

never $ gpg --list-keys --keyid-format LONG --with-keygrip yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix E. Klee (YubiKey)

Re: Cannot export SSH public key

On Thu, Nov 23, 2023 at 10:17 AM Felix E. Klee wrote: > Can you explain why the output of `ssh-add -L` did not change? Also > why is it not the same as the output from `gpg --export-ssh-key > yubi...@f76.eu`? OK, I may have found the issue: $ grep -rl Use-for-ssh ~/.gnupg/private-

Re: Cannot export SSH public key

On Thu, Nov 23, 2023 at 2:19 PM Stephan Verbücheln via Gnupg-users wrote: > Host gitlab.com > HostName gitlab.com > User git > IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh Thanks, that works. Even the variable is expanded. In addition, I need: gpg-connect-agent

Re: Cannot export SSH public key

orrect? Does it match what > you see with > > ssh-add -L Output: $ gpg -k --with-keygrip yubi...@f76.eu pub rsa4096 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix

Re: Cannot export SSH public key

29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make tha

Re: Cannot export SSH public key

29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make tha

Cannot export SSH public key

iry (never) However, I cannot export it for SSH: $ gpg --list-keys --keyid-format SHORT yubi...@f76.eu pub rsa4096/1B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29

Re: Finding all files encrypted with a certain key

On Wed, Oct 25, 2023 at 9:23 PM Werner Koch wrote: > > gpg: decryption failed: No secret key > > > > I wonder how to get rid of that. > > grep -v on stderr ;-). Thanks, I was thinking about that. But I think simply using find, as suggested by Andrew and raf, is sufficient and simple. > I

Re: Finding all files encrypted with a certain key

On Tue, Oct 24, 2023 at 5:12 PM Andrew Gallagher wrote: > GNU `file` will print the encryption key ID: Interesting. I wonder if there is any disadvantage of using `file` over Werner’s proposal. ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Finding all files encrypted with a certain key

On Wed, Oct 25, 2023 at 10:08 AM raf via Gnupg-users wrote: > > How do I do that for a massive directory tree? > > With my rawhide (rh) program (github.com/raforg/rawhide) you can do it > with something like this: > > rh /path '"*.gpg" && "*PGP*encrypted*BEF6EFD3 8FE8DCA0*".what' Very

Re: Finding all files encrypted with a certain key

On Tue, Oct 24, 2023 at 5:21 PM Werner Koch wrote: > encrypted-to-me-p.sh > --8<---cut here---start->8--- > #/bin/sh > gpg -d --status-fd 1 -o /dev/null 2>/dev/null "$1" | awk ' > $1=="[GNUPG:]" && $2=="ENC_TO" && $3=="BEF6EFD38FE8DCA0" {print $1; exit 0}' >

Finding all files encrypted with a certain key

For the purpose of re-encryption with a new key, I’d like to find all files that are encrypted with my key BEF6EFD38FE8DCA0. All encrypted files, independent of key, have the extension `.gpg`. How do I do that for a massive directory tree? ___

Re: YubiKey/OpenPGP card connection issues for non-root user

The issue persists. Sometimes the readers (just now the YubiKey) are not visible to the user. But they are always to root k. I then disabled the PC/SC daemon: [felix@felix-arch ~]$ sudo systemctl disable pcscd Removed "/etc/systemd/system/sockets.target.wants/pcscd.socket".

Re: YubiKey/OpenPGP card connection issues for non-root user

On Mon, Aug 7, 2023 at 3:30 PM Werner Koch wrote: > > I also tried killing root’s gpg-agent, to avoid conflicts with that > > of the user, but that didn’t help either. > > Right a second scdaemon might have grabbed the device. If you don't > need it as root put into root's gpg-agent.conf

Re: YubiKey/OpenPGP card connection issues for non-root user

and other cards, as well as your > use of OpenPGP smartcard for GnuPG), please make sure that you > configure the PC/SC service correctly. Indeed it was not properly set up: [felix@felix-arch ~]$ opensc-tool -l No smart card readers found. I added a Polkit rule following the [inst

Re: YubiKey/OpenPGP card connection issues for non-root user

0 host: usb.autoConnect.device0 = "0x04e6:0xe003" […] usb.autoConnect.device7 = "0x1050:0x0404" > dmesg -w I just played around. After unplugging the YubiKey, I connected the SPR332: [felix@felix-arch ~]$ sudo dmesg -w […] [ 5135.728320] usb 2-1: new full-speed USB devic

YubiKey/OpenPGP card connection issues for non-root user

. But it seems that sometimes they don't trigger, or only with a long delay. [felix@felix-arch ~]$ cd /etc/udev/rules.d/ [felix@felix-arch rules.d]$ cat 70-yubikey.rules # YubiKey Support # ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="1050",

Re: Use multi-usage key in authentication slot on HW-key for encryption

Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Use multi-usage key in authentication slot on HW-key for encryption

and PIV-card simultaneously? Regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: --export-filter not working

Thanks Ingo, I'll do that (or setup the GPG-code myself to hunt for the bug if holidays permit). Regards, Felix Am 15.04.22 um 16:29 schrieb Ingo Klöcker: On Donnerstag, 14. April 2022 23:27:21 CEST Felix Mayr via Gnupg-users wrote: Hello all, so I try to create a file with my public

Use multi-usage key in authentication slot on HW-key for encryption

in GPG or am I doing something wrong? If it's not possible with the smartcard: can I use the PIV-mode of the yubikey for that purpose? Regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

--export-filter not working

produce anything usable: https://dev.gnupg.org/rG86b64876bef0d8c4be8e309fcf3e2ce21e65a947 Notably, importing the resulting file on another machine, there are no subkeys at all (gpg --list-keys)! Am I doing/understanding something wrong? Best wishes Felix

Re: YubiKey 5C NFC not detected

Werner Koch via Gnupg-users writes: > scdaemon does not see any reader. That might simply due to another > process which uses the reader (the yubikey tools). None the wiser: $ cat ~/.gnupg/scdaemon.conf debug cardio verbose log-file /tmp/scd.log pcsc-shared $ gpgconf

Re: YubiKey 5C NFC not detected

Ingo Klöcker writes: > $ echo scd getinfo reader_list | gpg-connect-agent --decode $ ykman config usb -l OTP FIDO U2F FIDO2 OATH PIV OpenPGP YubiHSM Auth $ gpgconf --kill gpg-agent $ echo scd getinfo reader_list | gpg-connect-agent --decode OK :( >

Re: YubiKey 5C NFC not detected

Ingo Klöcker writes: > Are you sure "Yubico Yubi" is the correct value for the reader-port > option? It’s what is suggested in the official [Troubleshooting Issues with GPG][1]. They also suggest: Yubico Yubikey That doesn’t work either. As I realized before, their guides are not up to

YubiKey 5C NFC not detected

I would like to set up a YubiKey 5C NFC for SSH, but it doesn’t get detected by GnuPG: $ ykman config usb -l OTP FIDO U2F FIDO2 OATH PIV OpenPGP YubiHSM Auth $ cat .gnupg/scdaemon.conf reader-port Yubico Yubi $ gpgconf --kill gpg-agent $ ps x | grep

Re: Limit access to unlocked OpenPGP SmartCard?

Well, I think I could extend my SPR332 [mod][1]: * Add a push-button that one has to press to close the C7 circuit for I/O. Without that button pressed, the smart card cannot communicate with the reader. That means, for every operation, one would need to hold that button, kind of

Re: Limit access to unlocked OpenPGP SmartCard?

Jacob Bachmeyer via Gnupg-users writes: >> After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], […] > > Does your smartcard reader have its own keypad for entering the PIN? yes ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Limit access to unlocked OpenPGP SmartCard?

On Thu, 27 Jan 2022 at 14:54, Matthias Apitz wrote: > gpgconf --reload scdaemon Gotta try that, maybe execute it with a timer, better than nothing. Best would be if the card itself could be configured to only do a certain number of operations after being unlocked. I think everything else is

Limit access to unlocked OpenPGP SmartCard?

After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], I can use it to decrypt as many files as I want. While this is convenient, it is not great if the system is compromised and I forget to unplug the card reader. Is there any way to limit how long the OpenPGP SmartCard remains

Re: Decrypting fails unless card status

On Tue, 15 Dec 2020 at 19:45, MFPA <2017-r3sgs86x8e-lists-gro...@riseup.net> wrote: > Is that a consequence of using a card? No. I do have an accessible private key, but it’s more than 9,000 km away, and traveling is not so easy these days. ___

Decrypting fails unless card status

-01 00:00:00 gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2016-12-17 "Felix E. Klee " gpg: public key decryption failed: Invalid ID gpg: decryption failed: No secret key Note that I have to run with faked system time since I cannot extend th

Re: In case you use OpenPGP on a smartphone ...

://arstechnica.com/information-technology/2016/12/op-ed-im-giving-up-on-pgp/ > > -Ryan McGinnis > http://www.bigstormpicture.com > PGP Fingerprint: 5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD > > > Sent from ProtonMail Mobile > > > On Wed, Aug 12, 2020 at 13:07, Feli

Re: In case you use OpenPGP on a smartphone ...

I'm not sure that there are solutions orders of magnitude more secure that are available readily. Also people tend to get emails on the go as well that might be encrypted. It's convenient to decrypt emails on a smartphone and not really that insecure if you're using an external device for actual

Re: In case you use OpenPGP on a smartphone ...

Just adding my 2 cents to this discussion. I think it doesn't matter what sort of spyware potentially exists somewhere out there for some phone, what matters is whether it is on your phone. This isn't really about the security of OpenPGP either but about a fundamental trust in the things we use

Re: Backup of Keys

. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've run out of ro

Re: Backup of Keys

On 20200524, Peter Lebbing wrote: Hi, On 24/05/2020 16:05, Felix Finch wrote: Out of curiosity ... how safe are these files as is, assuming the private key file has a good strong passphrase? The safety of the private key purely depends on the strength of the passphrase. Note that backups

Re: Backup of Keys

, how much damage can be done? How hard is it to crack a good passphrase? I realize that's kind of a loose question, and "strong passphrase" doesn't help. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & woo

Re: Passphrase window freezes my DE's panel - is this a bug?

. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've run out of room o ___ Gnupg-u

Re: 0.332

On Mon, Feb 11, 2019 at 12:17 PM Gerd v. Egidy wrote: > How does it compare size-wise to the cyberJack one from Reiner SCT? * cyberJack RFID standard: 62 x 95 x 13 mm * 0.332 enclosure: 69 × 111 × 13 mm It could be fun to replace the pin pad by a smaller one and create a custom

0.332

FYI: https://github.com/feklee/0.332 This is a mod of the SCM SPR332 v2 smart card reader, making it smaller and lighter. For quite a while I have regularly been using it with my phone: https://gist.github.com/feklee/92f76d2c8a7cabc477360d82b5305c19

Chance to get --with-agent-s2k-calibration=MSEC into stable branch?

not familiar with the process how commits get selected for inclusion into the stable branch. Is there a chance that it will make it into gnupg stable anytime soon? Thanks Felix To recall: This issue applies to contexts like gnupg being called internally by postgresql where there is no agent, so

Re: Performance regression for gnupg v2 keys

n old key the first time or > when you import it to gpg the key is re-encrypted so that it takes > that long. With the above build-time setting applied, do all previously generated (slow) keys have to be recreated or is this delay gone with a newly compiled agent/gnupg library

Re: Performance regression for gnupg v2 keys

with 2.x keys. > that value can be changed at build time using the configure option > --with-agent-s2k-calibration=MSEC but not at run time. This sounds like a suitable solution. I've seen that option here [1] but it is missing in official gnupg. What do you recommend? Felix [1] https

Decryption timing calibration

mes. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've

Re: Performance regression for gnupg v2 keys

t). When I change the passphrase of an existing 1.x generated key with gpg 2.2.8, the key gets somehow updated (slow). So, besides fast/slow: What's the difference between default (rsa 2048) keys generated with 1.x and 2.x? Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Performance regression for gnupg v2 keys

Hi, I have older keys and newer keys that behave quite different in the decryption performance. Old keys: Generated with gnupg-1.4.x, rsa2048, at 2017-01-10. New keys: Generated with gnupg-2.2.8, rsa2048, some weeks ago. I've always been using the defaults for generating the keys (no

Re: Washington State Electronic Notary Public endorsements

g.wa.gov/RCW/default.aspx?cite=42.45.140> in the State of > Washington! Well done! Any idea how applicable your experience will be in other states? -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.co

Re: Cannot decrypt file encrypted with enQsig

DE5C6E97DA42AE8, created 2018-09-06 "Felix E. Klee " gpg: 3DES encrypted data gpg: Note: sender requested "for-your-eyes-only" So yes, 3DES! Fortunately, as can be seen above, with the custom key I was able to

Re: Communication with card reader encrypted?

Thanks for clarification! On Mon, Aug 27, 2018 at 11:51 AM, Werner Koch wrote: > The connection between the card reader and the host is not encrypted > because that would require a key setup first and that would also be > subject to key logging. The host could provide a public encryption key to

Re: Communication with card reader encrypted?

On Sun, Aug 26, 2018 at 10:41 AM, Peter Lebbing wrote: > The OpenPGP smartcard and generic smartcard protocols do define > "Secure Messaging", but I don't think this is commonly used for cabled > OpenPGP smartcards. Would be interesting to find out. > I think you'll need to trust the cable

Re: Communication with card reader encrypted?

On Sun, Aug 26, 2018 at 12:31 AM, Dirk Gottschalk wrote: > This is a really interesting question. But, does this really matter > got an USB device? If there is a program on your computer, which > interceps the communication, the security of you system is already > broken. I am more thinking

Communication with card reader encrypted?

When I decrypt a file using an OpenPGP card, is the communication between a USB card reader and the GnuPG daemon encrypted? Or: Is the decrypted session key sent unencrypted through the cable? ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Android/Termux: How to build gpg-agent without maintainer mode?

On 8/22/18, Dirk Gottschalk wrote: > This depends on the source of your source version. If it is from a > release tarball, this shouldn't bother you. > > I only get this warning if I have compiled from the GIT repository. Uh oh, I didn’t check out a release! Changed the [build instructions][1]

Re: Android/Termux: How to build gpg-agent without maintainer mode?

On Wed, Aug 22, 2018 at 1:08 PM, Dirk Gottschalk wrote: > There's nothing what should "bug" you. Well if I call `g10/gpg` in the build, I get a big fat warning: gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a

Android/Termux: How to build gpg-agent without maintainer mode?

I managed to get `gpg-agent` run with USB smart card support under Android/Termux: https://gist.github.com/feklee/92f76d2c8a7cabc477360d82b5305c19 What bugs me is that I had to compile in maintainer mode: Now I get warnings that the software should not used be used with production keys.

Re: Cannot decrypt file encrypted with enQsig

On Wed, Aug 15, 2018 at 12:13 PM, Peter Lebbing wrote: > Here's the catch: unless you have an on-disk copy of your private > encryption key, you can't. [if enQsig uses 3DES] I do have a backup of the private key, but it’s 1. out of reach at the moment and 2. it’s a pain to restore. So far, I’m

Re: Cannot decrypt file encrypted with enQsig

pg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " gpg: public key decryption failed: Missing item in object gpg: decryption failed: No secret key gpg: secmem usage: 0/32768 bytes in 0 blocks $ gpg --versio

Re: Cannot decrypt file encrypted with enQsig

On Thu, Aug 2, 2018 at 2:14 PM, Peter Lebbing wrote: > So I think it's a safe bet they also screwed up the PKESK packet for > your subkey, and the error is indeed related to it not representing a > valid session key. As I would like to understand things a bit better, do you think it is possible

Re: Cannot decrypt file encrypted with enQsig

4096-bit RSA key, ID 04FDF78D1679DD94, created 2016-12-17 "Felix E. Klee " gpg: public key decryption failed: Missing item in object gpg: decryption failed: No secret key $ gpg --list-packets new.gpg gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE

Re: Cannot decrypt file encrypted with enQsig

On Mon, Jul 30, 2018 at 12:40 PM, Felix E. Klee wrote: > “Invalid value” Same on Linux BTW (with the Cherry ST-2000). ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

its] gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE gpg: encrypted with RSA key, ID 92663E7CA68E4EC6 gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " gpg: public key decryption failed: Invalid value g

Re: Cannot decrypt file encrypted with enQsig

Zum Vergleich eine Datei, die ich selbst für mich verschlüsselt habe, und die ich erfolgreich entschlüsseln kann: >gpg --list-packets foo.gpg gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " # off=0 ctb=85 tag=

Re: Cannot decrypt file encrypted with enQsig

ying to guess what you mean .. . pub rsa4096/BEF6EFD38FE8DCA0 2016-12-17 [SC] [expires: 2018-12-17] 5EF8B6017F668171259945D6BEF6EFD38FE8DCA0 uid Felix E. Klee sub rsa4096/04FDF78D1679DD94 2016-12-17 [E] [expires: 2018-12-17] > Could you provide a

Cannot decrypt file encrypted with enQsig

validity: ultimate ssb rsa4096/04FDF78D1679DD94 created: 2016-12-17 expires: 2018-12-17 usage: E card-no: 0005 4980 [ultimate] (1). Felix E. Klee The sender then prepared the encrypted file using a software called enQsig: “wir verwenden eine zentrale Gateway

Re: Empty keyring after upgrade to Ubuntu 18.04 :/

. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've run out of ro

Re: Upgrading 2.0.20 to 2.2.24 -- WORKING NOW

ing secret keys from '/home/felix/.gnupg/secring.gpg' to gpg-agent gpg: key 783876E9182E8151: secret key imported gpg: key 44752F7C4D3D351A: secret key imported gpg: migration succeeded gpg: key 783876E9182E8151: "Felix Finch (Scarecrow Repairman) " not changed

Re: Upgrading 2.0.20 to 2.2.24

ted file, but also made no difference. Still can't see the secret keys or decrypt anything. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E

Re: Upgrading 2.0.20 to 2.2.24

nusable-* variants > > Are they listed with --list-keys ? >From the 2.0.20 machiine: $ gpg --list-secret-keys /home/felix/.gnupg/secring.gpg -- sec 1024D/182E8151 1999-12-06 uid Felix Finch (Scarecrow Repairman) ssb 2048g/A336210

Re: Upgrading 2.0.20 to 2.2.24

elete the file > ~/.gnupg/.gpg-v21-migrated so that a migration will be triggered again. Thanks -- but that didn't do the trick. $ gpg --list-secret-keys gpg: starting migration from earlier GnuPG versions gpg: porting secret keys from '/home/felix/.gnupg/secring.gpg' to gpg-agent gpg: key

Upgrading 2.0.20 to 2.2.24

can decrypt what the Ubuntu 2.2.24 command encrypts. But the Ubuntu 2.2.24 command will not decrypt either what it just encrypted or what the gentoo 2.0.20 command encrypted: gpg: encrypted with 2048-bit ELG key, ID 18DCDD20A3362105, created -mm-dd "Felix Finch (Scar

Re: gpg: [don't know]: 1st length byte missing

Thanks, Werner! No backup, and I think there is no way to recover the password, which - in this case - is very unfortunate. :( I wonder how this happened. The drive is a Samsung EVO SSD with NTFS. ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: gpg: [don't know]: 1st length byte missing

On Sun, Oct 22, 2017 at 12:06 PM, wrote: > please list the encrypted text as part of the inline message. Thanks for pointing that out. Here you go: -BEGIN PGP ARMORED FILE- Comment: Use "gpg --dearmor" for unpacking

gpg: [don't know]: 1st length byte missing

<https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Users/Felix/AppData/Roaming/gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher

Selecting SSH Key in gpg-agent ssh-agent mode

are tried against a server? Or rather is there also a way to specifiy to first try unlocked keys? Cheers, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: suspicious key found

There was a proof of concept attack on the fingerprints a couple of years ago. The keys were revoked afterwards. TL;DR short key fingerprints are not secure at all. Also the web of trust is your friend here. Cheers, Felix On 16/05/17 15:47, Janne Inkilä wrote: I made a key search with my

Re: Mail address to account conversion (keybase.io)

f an ID on a public key makes no > claim as to whether the ID is usable for a particular purpose. Thanks for the opinion, I find myself agreeing. I should probably stop collecting signs on that uid on keysigning parties, though, I shouldn't bother people with sending signed keys an unconventi

Re: Mail address to account conversion (keybase.io)

Excerpts from Christian Heinrich's message of 2017-01-26 09:19:42 +1100: > On Thu, Jan 26, 2017 at 1:51 AM, Felix Van der Jeugt > <felix.vanderje...@gmail.com> wrote: > > Recently, keybase.io stopped their email forwarding service. Now, my > > noc...@keybase.io uid can no l

Mail address to account conversion (keybase.io)

the email address is invalid? It's nice to have a reference to the account in my key, though. Any advice on this would be welcome. Sincerely, Felix signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http

Using GPGAgent as SSHAgent on Windows with cygwin/mingw

how to resolve this I'd be glad for some help. However please don't suggest to simply use putty, I prefer to have a shared configuration across my Linux and Windows boxes and I do use the command line ssh utilities a lot for different things on Windows too. Best regards, Fe

Re: gpg: KEYTOCARD failed: Unusable secret key

On Tue, Jul 26, 2016 at 1:22 PM, Andrew Gallagher wrote: > If you want to keep a backup copy on local disk, you need to quit > *without saving* immediately after running 'keytocard'. Hitting to quit did the trick. Now I could copy the key – a new one – to two cards. Thanks

Re: gpg: KEYTOCARD failed: Unusable secret key

/ramdisk/pubring.kbx sec> rsa4096 2016-07-26 [SC] [expires: …] AFADB5A… Card serial no. = … uid [ultimate] Felix … ssb> rsa4096 2016-07-26 [E] [expires: …] Also I can export the private key: # gpg --armor --export-secret-keys | wc -l

gpg: KEYTOCARD failed: Unusable secret key

Successfully moved a key to an [OpenPGP-Card][1]. Now, as backup, I want to install the key to a second card, but that failed: # gpg --edit-key $KEY [...] gpg> toggle [...] ggp> keytocard Really move the primary key? (y/N) y [...] Please select where to store the

Creating key stubs from smartcard without public key

eated from the keys stored on the Yubikey or any smartcard itself? Best regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How to export ASCII armored secret key without passphrase?

On Wed, Jan 20, 2016 at 6:13 PM, Peter Lebbing wrote: > $ gpg2 --export-secret-keys | gpg --import Thanks! On my system, Arch, that’s: $ gpg --export-secret-keys | gpg1 --import ___ Gnupg-users mailing list

How to export ASCII armored secret key without passphrase?

There’s a known issue: Is there any workaround? For example, could I export an ASCII armored key with a passphrase, then decrypt the exported key? Command that failed without passphrase (the key doesn't have one): $ gpg --armor --export-secret-keys

WG: GnuPG 2.1: --auto-key-locate dane

-Ursprüngliche Nachricht- Von: Felix Seip Gesendet: Freitag, 27. November 2015 15:13 An: 'Werner Koch' <w...@gnupg.org> Betreff: AW: GnuPG 2.1: --auto-key-locate dane I tried this once again using the Werner Koch's key: gpg --auto-key-locate dane -v --locate-key w...@gnupg.org H

GnuPG 2.1: --auto-key-locate dane

nk you in advance, Felix Seip Verschlüsseln Sie Ihre E-Mails mit gpg4o für Outlook | Encrypt your email with gpg4o --- Felix Seip Auszubildender [cid:image001.jpg@01D12862.B4B67EE0]Gie

AW: GnuPG 2.1: --auto-key-locate dane

Thank you for your responses! I was receiving the unknown IPC command because I had the GnuPG 2.0 agent and the GnuPG 2.1.9 agent running at the same time Best Regards, Felix Seip -Ursprüngliche Nachricht- Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von Werner

Re: Generating 4096 bit key fails – why?

On Wed, Nov 4, 2015 at 3:09 AM, NIIBE Yutaka wrote: > Here is a fix. It will be in the next release. > > http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c5a9fedba66361ddd9f596528882750068543298 Thanks! Any idea when the next release is scheduled to be available?

Re: Generating 4096 bit key fails – why?

nation. After starting `gpg --card-edit`, I checked which version is running, and it’s 2.1.9: $ ps aux | grep scdaemon root 506 […] scdaemon --multi-server felix 562 […] grep scdaemon $ sudo ls -l /proc/506/exe […] /proc/506/exe -> /usr/lib/gnupg/scdaemon $ /us

Re: Generating 4096 bit key fails – why?

On Tue, Oct 27, 2015 at 9:09 PM, Werner Koch wrote: > Please add > > --8<---cut here---start->8--- > debug 1024 > debug 2048 > log-file /this/is/my/scdaemon.log > --8<---cut here---end--->8--- > > to

  1   2   >