I have no pass phrase on my key because I encrypt my whole disk.
But then I can't export my key.
gpg --export-secret-subkeys --armor
gpg: key keyid: not protected - skipped
gpg: WARNING: nothing exported
Is there a option to turn this off?
___
At the moment my gpg master key is still stored on the machine I use to go
online. I decided to change that. The gpg master key should only be stored
on a separate offline machine.
What's the best path for migration?
I thought gpg is complicated but offline key makes my head burn. Any good
When key is created gpg asks for e-mail address and it must be in proper
format email@domain.
I saw keys without valid email already.
How to do it?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 06/02/13 11:37, Hauke Laging wrote:
That seems easy to me: Except for small amounts (secure device's display
capacity) of very simple data (plain text) [...]
Seems to me to be enough to do what OP requested: signing e-mails he/she
wrote.
Yes.
It indeed seems easy to me that this won't
Am Mi 06.02.2013, 10:28:13 schrieb Peter Lebbing:
Can you explain (broadly) how one would compromise the signature/the
device
that you sign with?
That seems easy to me: Except for small amounts (secure device's display
capacity) of very simple data (plain text) you have the problem that
On 02/05/2013 01:04 PM, Peter Lebbing wrote:
While I agree with the broad sentiment, I'm not so sure a certain
amount of damage control is impossible with what he/she proposes. If
you have a device with small attack surface[1] that shows you the
plaintext you're about to sign before signing
On 06/02/13 11:37, Hauke Laging wrote:
The
device proposed by OP/by me seeks security in being restricted and simple.
And
also takes a whole lot less of effort to use ;).
Yes.
But let's stick to the e-mail signing in this thread, or the discussion
will get
very unfocused and hard to
On 05/02/13 04:15, Robert J. Hansen wrote:
No. There are none, nor will there be. You absolutely must retain
control of the processing hardware GnuPG runs upon. If you don't have
that control, there is literally no device -- hardware or software --
that can help you.
While I agree with
On 06/02/13 02:49, Robert J. Hansen wrote:
It makes no sense to me to believe that it's somehow possible to have a
dongle that you can plug into a compromised PC to make it safe (or
safer) to sign with.
Can you explain (broadly) how one would compromise the signature/the
device that
you
I could air gap my private key. Put it on a machine with no network
access. Then replying to mails becomes awful?
This requires transferring incoming mail onto a usb device as text file
and put it into the other machine. Write an answer, sign and put it back
on usb an
finally put it back on the
Hi anonymous writer,
Hello!
Smartcard or cryptostick will not help in my situation.
might a SmartCard with reader that has its own pinpad help?
http://www.gnupg.org/howtos/card-howto/en/ch02s02.html#id2519120
No. It does not give certainty what am I actually signing. The virus could
On Monday 04 of February 2013 07:26:48 refresh...@tormail.org wrote:
I could air gap my private key. Put it on a machine with no network
access. Then replying to mails becomes awful?
This requires transferring incoming mail onto a usb device as text file
and put it into the other machine.
12 matches
Mail list logo
