On Sat, 16 Jun 2012 22:42, papill...@gmail.com said:
For some reason, every time I do anything to an encrypted message, I
have to re-enter my passphrase. If I open a message, I enter my
passphrase, then, when I reply to it, I have to enter it again. And to
send that reply? Yep, enter it
On Sat, 16 Jun 2012 22:06, papill...@gmail.com said:
git clone git://git.gnupg.org/gnupg.git
Is the server down?
No. I had to restart the server for maintenance reasons and forgot to
check the git daemon. Sorry.
For unknown reason it was not in the runlevel.conf. Started git-daemon
and
On Mon, 18 Jun 2012 05:31, r...@sixdemonbag.org said:
results can check for themselves. Warning: if you ever write Python
code like this in the real world your programming team will beat you to
death.
To me this awk script is more readable, although most other will
disagree:
$ gpg2
On Mon, 18 Jun 2012 10:08, quanngu...@mbm.vn said:
Is it possible to import pairs of certificate/private key from p12 file
using gpgsm?
Sure, you may import pkcs#12 files. The pinentry will ask you for the
transport passphrases and for the new passphrase under which gpg-agent
will store the
On Mon, 18 Jun 2012 10:49, w...@gnupg.org said:
I actually found a bug in GPG: If a key has been disabled, it is not
flagged as disabled in the --with-colons key listing. I need to
Ooops, the API provided to be pretty complicated. I forgot the
condition term $12!~/D/. Thus using
$ gpg2
On Mon, 18 Jun 2012 11:16, quanngu...@mbm.vn said:
gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default
Fix this! See the manual or the man page.
`/home/hongquan/.gnupg/private-keys-v1.d/89E5CF0B2581EE779B2CF2D849EE991DEE0E1A17.key'
already exists
Well, you already
On Mon, 18 Jun 2012 02:43, papill...@gmail.com said:
Let me ask this: are there any major security implications (aside from
sacrificing the security of pinentry) to hacking gpg2 to not use agent?
You simply can't use gpg2 without gpg-agent. It is a part of GnuPG and
required. Yes, these
On Mon, 18 Jun 2012 12:42, r...@sixdemonbag.org said:
sense to have conditional entries in the gpg config file (like e.g.
SSH for different destinations)?
Not to my knowledge.
My response would be: You should write a wrapper for this feature. This
is the way tools should be used under Unix
On Mon, 18 Jun 2012 12:09, quanngu...@mbm.vn said:
I don't need new entry, I just need 'existing' entry. But none is shown.
hongquan@Pangolin ~ $ gpgsm --list-secret-keys
You need to have a matching certificate. The way --list-secret-keys
works is to iterate over all certificates (as shown
On Mon, 18 Jun 2012 17:37, pe...@digitalbrains.com said:
Just as a datapoint: I have a VIA Nano L2200 @ 1.6 GHz, which is a slow
processor (competition for the Intel Atom), but which has a hardware RNG
hooked
up to /dev/random through rngd. I'm fairly sure that it's configured correctly
On Tue, 19 Jun 2012 10:55, pe...@digitalbrains.com said:
I'm running x86_64: the VIA Nano is a 64-bits processor. So I think Libgcrypt
doesn't recognise it can use the padlock from the VIA Nano.
I have a patch in the queue and even a woodware note at my monitor.
Shalom-Salam,
Werner
--
On Tue, 19 Jun 2012 19:50, ved...@nym.hush.com said:
(all current gnupg keys are v4, older keys from pgp were v3, maybe
when elliptic curve crypto gets done, there might be a v5 ;-) )
2.1beta has ECC support as described by RFC6637. Still using v4.
Shalom-Salam,
Werner
--
Die
On Wed, 20 Jun 2012 07:56, laurent.ju...@skynet.be said:
It's defined in GPG.CONF:
Nope. GnuPG-2 does not support loading of extensions. the option is a
dummy option. The reason for this is that crypto operations are done by
Libgcrypt and not by gpg.exe.
The next version of Libgcrypt
On Wed, 20 Jun 2012 19:03, jw72...@verizon.net said:
Is there any reason I should not place it in the same folder as the
gpg.exe version 1.4.x and then make reference to it there? Thanks.
I think this is okay.
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Sun, 24 Jun 2012 14:36, mailingli...@gusnan.se said:
/CN=S-TRUST
These are X.509 root certificates (e.g. for S/MIME). You may run gpa
with the option --disable-x509 if you don't need them. To delete these
certificates, use gpgsm - it works similar to gpg.
Salam-Shalom,
Werner
--
On Fri, 22 Jun 2012 20:52, ved...@nym.hush.com said:
Am somewhat surprised by the unprovoked V3 rants, when I asked for
nothing from anyone, and only thanked WK for allowing it to happen.
I am telling for more than a decade that PGP 2 should not be used
anymore. The rationale for this was
On Mon, 25 Jun 2012 16:18, joh...@vulcan.xs4all.nl said:
That depends on your threat model. If signing messages is not so
important to you but encrypting is, this advice is understandable. So
let MD5 be broken, it matters not for encryption. Not that I would
Sure it matters. The
On Mon, 25 Jun 2012 17:08, lists.gn...@mephisto.fastmail.net said:
cracking the symmetric encryption used to protect the private key is
comparable to the problem of cracking an encrypted message's session
key.
No, it is not. The entropy in a session key matches the size of the
session key.
On Mon, 25 Jun 2012 20:12, aaron.topo...@gmail.com said:
So, if the system can be improved by removing support for PGP2, which
includes cleaning up code, squashing bugs, and tightening security, then
why is it still around? 20 years later?
Because you still want to be able to decrypt your 20
On Fri, 22 Jun 2012 23:22, jw72...@verizon.net said:
message when I use GPA to try retrieving a key. The message states
this: There is no plugin available for the keyserver protocol you
specified. What am I missing? Thanks.
IIRC, GPA has no support for hpks. You need to use hkp. For
On Tue, 26 Jun 2012 07:12, ved...@nym.hush.com said:
it will be interesting to see if V4 keys will be gracefully
abandoned as SHA1 becomes as broken as MD5,
This is very different in OpenPGP. SHA-1 is not used everywhere; its
main use is for the fingerprint, this will eventually be a
On Fri, 6 Jul 2012 21:05, mailinglis...@hauke-laging.de said:
I just noticed that it is possible to create UIDs without an email address
without giving the option --allow-freeform-uid. The man page says:
That is perfectly okay. Not every user has a mail address.
Salam-Shalom,
Werner
On Mon, 9 Jul 2012 12:34, ml-...@m-privacy.de said:
And is there any flag, environment variable or command-line option that
could be passed to gpg2, to make it use RSA-OAEP padding for encryption?
OpenPGP does not define OAEP thus we can't use it.
Salam-Shalom,
Werner
--
Die Gedanken
On Mon, 9 Jul 2012 14:26, mailinglis...@hauke-laging.de said:
OK but what does --allow-freeform-uid do then? Makses sense to add this
You already quoted it in your first mail:
Disable all checks on the form of the user ID w..
^
Shalom-Salam,
Werner
--
Die
On Wed, 11 Jul 2012 07:56, r...@sixdemonbag.org said:
V5 discussions will not kick off in earnest until NIST announces the new
hash standard, or so I've heard people from the working group say.
And even then it will take 5 years or so until it it has been deployed
widely. Even GnuPG 1.2 is
On Wed, 11 Jul 2012 01:22, mailinglis...@hauke-laging.de said:
gpg --options /dev/null --keyserver hkp://keys.gnupg.net --search-keys ...
gpg: external program calls are disabled due to unsafe options file
permissions
Use --no-options instead.
Salam-Shalom,
Werner
--
Die Gedanken sind
On Wed, 11 Jul 2012 17:11, r...@sixdemonbag.org said:
I would suggest SHA256 RIPEMD160, myself. There are no known attacks
on RIPEMD160, and if you're in a situation that requires the use of a
But only because RIPEMD160 does not get as much attention as SHA-1. I
doubt that RIPEMD160 is in
On Wed, 11 Jul 2012 21:41, r...@sixdemonbag.org said:
History has not been kind to the Merkle-Damgård construction. The fact
OpenPGP only contains Merkle-Damgårds has always bothered me: I'd feel
much better if WHIRLPOOL had been standardized and included in the list.
On Phil’s request we
On Wed, 11 Jul 2012 22:55, nicholas.c...@gmail.com said:
But one thing that might be helpful to explain is this: what needs to
be in the V5 key format aside from the change in fingerprint hash?
Aside from that issue, the V4 key format seems to have been resilient.
What are the other issues
On Mon, 16 Jul 2012 14:53, heal...@basicisp.net said:
varied issues with SHA 1. I would like the advantage of the SHA 256,
however I was not able to find the conf file. All I found was the
gpgconf --list-dirs
shows all configured directories. You want to look at the line starting
with
On Sun, 22 Jul 2012 21:52, jer...@budts.be said:
--enable-ssh-support option and the gpgkey2ssh script.
You don't need gpgkey2ssh - it is a relict form the early days.
gpg-agent supports the ssh-agent protocol for 7 years now.
Is it somehow possible to 'automatically' use my GPG subkey for
On Tue, 24 Jul 2012 10:39, r...@sixdemonbag.org said:
$ gpg2 --list-keys|grep ^pub|wc -l
In case you want to put this into a HOWTO, you better write:
gpg2 --with-colons --list-keys|grep ^pub:|wc -l
As usual this also works with gpg.
Shalom-Salam,
Werner
--
Die Gedanken sind frei.
On Tue, 24 Jul 2012 15:58, ved...@nym.hush.com said:
Found that to add a uid, gnupg asks for the passphrase, but to
delete a uid, it does not.
For “adduid” we need to a create a user-id binding signature
(self-signature) and thus need the secret key and in turn the
passphrase.
“deluid”
[expires: 2018-12-31]
Keygrip = 44B9E7E287B11C0E033A1A93ECCFDBC6AF7CCFAE
uid Werner Koch w...@gnupg.org
sub 1024D/77F95F95 2011-11-02
Keygrip = D11C82133CAADCA42A00074D5EE92023B85110DF
sub 2048R/C193565B 2011-11-07 [expires: 2013-12-31]
Keygrip
On Wed, 25 Jul 2012 18:14, ved...@nym.hush.com said:
current windows does allow pipe, but not grep
Actually since PCDOS 2.11 (~1984); although temporary files were used to
implement them. IIRC, there is a grep like tool on Windows as well.
Shalom-Salam,
Werner
--
Die Gedanken sind
On Wed, 25 Jul 2012 19:12, d...@fifthhorseman.net said:
reading sshcontrol's documentation in the texi doc, it occurs to me that
this indication of which key should be used for ssh should in many use
cases be visible to ssh servers as well. If for some reason the
authentication-capable flag
On Thu, 26 Jul 2012 05:50, b...@adversary.org said:
passphrase.c:585: error: ‘GCRY_KDF_ITERSALTED_S2K’ undeclared (first
use in this function)
You need at least Libgcrypt 1.5.0. However, configure should have
detected this. Thus the build process accidentally picked up another
gcrypt.h than
On Wed, 25 Jul 2012 21:42, mailinglis...@hauke-laging.de said:
tried first. Does gpg-agent currently care about the order of the entries?
No, it does a plain readdir and only then checks whether the key is in
sshcontrol:
/* Fixme: We should better iterate over the control file and check
On Sun, 29 Jul 2012 21:39, jer...@budts.be said:
enable a GPG key for SSH with gpg-agent 2.1. What I do not yet
understand is how would add your public key to the authorized_keys
file on the server? Wouldn't the gpgkey2ssh-script still be needed for
ssh-add -L
(capital L) prints the public
On Mon, 30 Jul 2012 16:59, harni...@gmail.com said:
it? If so, then I'd suggest that a quiet execution be performed that
way only the exit code can be used that it's failure.
You should not rely on the exit code but parse all the information
returned by GPG. GPGME makes this easy.
Given that
On Mon, 30 Jul 2012 21:15, ciprian.crac...@gmail.com said:
* implement your own fake `gpg-agent` which I have no ideea what
actually implies;
Don't do this.
* implement your own fake `pinentry` which would be much simpler
as it only has to implement the assuan protocol; but you'll
On Tue, 31 Jul 2012 07:11, y...@yyy.id.lv said:
3) The program can be run from removable media, i.e., it
requires no installation and assumes no network access for
either key exchange or in operation. There are binaries
for all three major platforms (Win32, Linux and Mac OSX).
I have heard,
decrypting, gpg stops right after printing
information pertaining to the used session key. When encrypting gpg
stops after it has encrypted the session key to all given recipients.
Information pertaining to this session key as well as the encrypted
session keys are printed.
2006-07-20 Werner Koch
On Tue, 31 Jul 2012 12:54, ciprian.crac...@gmail.com said:
Not a good idea, because GnuPG 2.1 requires the gpg-agent and won't see
any private key stuff.
Not necessarily if you use the `--batch`, `--no-use-agent`, or
`--no-tty` (or a mix of the I'm not sure right now, but the manual
On Tue, 31 Jul 2012 17:53, ciprian.crac...@gmail.com said:
First of all I would really have liked the tool to not just ignore
the `--no-user-agent` flag and bail out...
That would make migration for user of 2.0 to 2.1 too complicate. We try
to do the migration as smooth as possible.
On Tue, 31 Jul 2012 18:57, auto15963...@hushmail.com said:
even done this way, and making use of message signatures which utilize
an smime.p7s file? I got a message from someone who uses this, and I
Feel free to ask here. GnuPG has a complete CMS/X.509 (aka S/MIME)
implementation.
like
On Wed, 1 Aug 2012 16:50, auto15963...@hushmail.com said:
So the last question is just how do I go about checking whether one of
these smime.p7s certificates has been revoked. What is the process of
revocation in general? Thanks.
There are three ways:
- Using a CRL. The address of the CRL
On Wed, 1 Aug 2012 18:54, auto15963...@hushmail.com said:
I already have Gpg installed, as well as GPA, but I have not used them
for smime, which is, I think, what I hear you say I can do? In any case,
If you have X.509 certifciates (from S/MIME) oth, GPA and Kleopatra,
will show them along
On Sat, 4 Aug 2012 21:26, biggles.tren...@gmail.com said:
Is the plan to retire 1.x sometime in a not too distant future (I'm not
saying that I assume an actual time plan being set)?
We have not really discussed such a plan. I don't see a technical
reason to stop 1.4 maintenance in the
On Sun, 5 Aug 2012 09:33, d...@prime.gushi.org said:
The 1.4 model still works better for certain things. I've never
successfully managed to make pinentry work in a shell/screen session
using my mailer, and I've never heard back from the GPG developers
If you use curses, one problem is that
On Mon, 6 Aug 2012 20:06, mailingli...@gusnan.se said:
on the keyboard - So I took items into my own hands, and here you have
the simple result attached. (Simple patch against current git).
Thanks.
It might be debatable if one should search on the name, or on the
KeyID
for an unknown card.
Shalom-Salam,
Werner
--
g10 Code GmbH http://g10code.com AmtsGer. Wuppertal HRB 14459
Hüttenstr. 61 Geschäftsführung Werner Koch
D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608
pgpDWjJYfp61S.pgp
Description: PGP
a bug at http://bugs.gnupg.org. We also have a dedicated
service directory at:
http://www.gnupg.org/service.html
Maintaining and improving GnuPG and related software is costly. For
more than a decade, g10 Code, a German company owned and headed by
GnuPG's principal author Werner Koch
Hi,
[ I just noticed that we never sent out separate announcements for
Pinentry releases. I guess we eventually should do this. ]
Version 0.8.2 of our Pinentry collection is available at
ftp://ftp.gnupg.org/gcrypt/pinentry/pinentry-0.8.2.tar.bz2
On Thu, 9 Aug 2012 04:29, vedaal.nis...@gmail.com said:
downloaded the source code for GPA 0.9.2 and tried to compile it on
mingw/msys
didn't quite work ...
It is not designed to be build on Windows. We cross-build everything.
Shalom-Salam,
Werner
--
Die Gedanken sind frei.
On Wed, 8 Aug 2012 22:53, ds...@jabberwocky.com said:
If you want the keyservers to accept them, you need to talk to the
keyserver folks. As this is an extension, they aren't required to
support it.
Actually it is good thing that they don’t accept them. This avoids
accidental uploads of
On Thu, 9 Aug 2012 01:19, robe...@broadcom.com said:
My question is two-fold:
1) Is it Apache or GPG that is trying to write a temp file into the system
directory?
GPG uses temporary fiels to communicate with the keyserver helpers.
2) Depending on the answer to 1), what can I do about it?
On Fri, 10 Aug 2012 11:49, hardkor.i...@gmail.com said:
Is the entire GnuPG key block (including subkeys and owner informations)
signed by the master key ?
Not directly. Only certain packets are signed. If you look at the
figure below the straight lines on the right mark stuff which is
On Thu, 9 Aug 2012 13:47, patrick@nerim.net said:
Scdaemon[4755]: please wait while key is generated ...
Scdaemon[4755]: ccid_transceive failed: ( 0x1000a)
Scdaemon[4755]: apdu_send_simple(0) failed: card I/O error
Scdaemon[4755]: key generation failed: Card error
If you want to look
On Mon, 13 Aug 2012 15:18, patrick@nerim.net said:
scdaemon[4059]: DBG: ccid-driver: PC_to_RDR_XfrBlock:
scdaemon[4059]: DBG: ccid-driver: dwLength ..: 5
scdaemon[4059]: DBG: ccid-driver: bSlot .: 0
scdaemon[4059]: DBG: ccid-driver: bSeq ..: 129
On Mon, 13 Aug 2012 15:19, smick...@hotmail.com said:
Does anybody know if Public Key Crypto has any plans to move to this with an
update to the standard?
The OpenPGP protocol support ECC (rfc6637) and the latest GnuPG beta
versions provide an implementation. X.509 (e.g. S/MIME) supports
On Tue, 21 Aug 2012 13:21, jtan...@dilmun.ls.fi.upm.es said:
signing is always SHA1, ignoring the preferred one. This doesn't
happen when I encrypt+sign.
If you encrypt and sign you know the recipient and thus gpg can use the
hash algorithm which the recipient advertised.
Shalom-Salam,
On Sun, 26 Aug 2012 12:35, faramir...@gmail.com said:
Sure, as long no moderator gets pissed off, I think it is good to
There are no moderators on this list. Moderation is only needed for
postings from non-subscribers. And while I mention this: A big thank to
those folks who take care of
Hi,
please take some time to quote messages in a way which allows to read
them quickly. Your current style is very hard to parse. In particular:
- Strip quotes to a few lines. Quoteshall only provide context but not
repeat everything.
- Put an empty lines before your reply.
- Put an
On Mon, 27 Aug 2012 23:57, pa...@cs.hmc.edu said:
You can add or delete the names and emails associated with a key using
gpg --edit-key and the adduid and deluid commands, respectively.
You may use deluid only if you never published your public key. The
better choice is revuid. Thus if you
On Mon, 27 Aug 2012 22:57, ricu...@gmail.com said:
#gpg --sign setup_my_system.sh
gpg: sending command `SCD PKSIGN' to agent failed: ec=6.18
The error is:
$ gpg-error 6.18
100663314 = (6, 18) = [...] = (SCD, Wrong secret key used)
The scdaemon would have printed this to its log file:
On Tue, 28 Aug 2012 12:29, d.w.chadw...@kent.ac.uk said:
e.g. by having two MS code signing keys, one owned by MS the other by
the NSA.
Or more realistic, one issued by the government of Freedonia or Sylvania
(insert your favorite country here - enough of them are accepted as root
CAs).
On Tue, 28 Aug 2012 21:48, ricu...@gmail.com said:
F Hi Werner,
the ! exclamation mark did the trick!
I tried specifying the subkey I wanted before, but only the exclamation
mark makes it work.
With the exclamation mark, also signing in evolution works again.
Is this documented somewhere?
On Wed, 29 Aug 2012 18:32, m...@silverorange.com said:
Please let me know what I can use to handle pin-entry in a web-based system.
For exact that reasons (the original requester was building a student
webmail system), GnuPG has a feature to make this easy. What you need
to do is to provide a
On Thu, 30 Aug 2012 16:28, m...@silverorange.com said:
Where can I find documentation that recommends not using a passphrase?
My understanding is a passphrase is important to protect private keys
in the event they are acquired:
Right. However, most people asking for an easy way to convey the
On Thu, 6 Sep 2012 16:16, jaimefde...@gmail.com said:
is there any way to dump the options included in gpg.conf like the homedir?
gpgconf --list-options gpg
lists common options in a machine readable format. --change-options may
then be used to, well, chnage the options. gpgconf is part
On Sat, 8 Sep 2012 19:09, j...@zultron.com said:
I'm pretty sure now that this is correct: gpg2 password input cannot
be captured without the use of a gpg-agent.
That is right. gpg2 conceptional does not know anything about the
passphrase. This is all up to the gpg-agent. Version 2.1 even
On Mon, 10 Sep 2012 18:08, 4tmue...@informatik.uni-hamburg.de said:
Seems as if gpg can't find ~/.gnupg/options...
A file which is deprecated in favor of gpg.conf since 1.2.0 (about a
decade ago).
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Thu, 27 Sep 2012 06:49, mailinglis...@hauke-laging.de said:
ijust read this in the man page:
###
By word match.
Well,
case '+': /* Compare individual words. Note that this has not
yet been implemented in the search code. */
mode =
Hello!
I am pleased to announce version 1.3.0 of Libksba.
Libksba is an X.509 and CMS (PKCS#7) library. It is for example
required to build the S/MIME part of GnuPG-2 (gpgsm). The only build
requirement for Libksba itself is the libgpg-error package. There are
no other dependencies; actual
On Fri, 28 Sep 2012 23:38, mailinglis...@hauke-laging.de said:
No big problem, the few cases in which that may be needed can easily be
covered externally. But wouldn't it make sense to take this feature out of
the
documentation then and maybe issue a warning if this mode is encountered?
On Wed, 3 Oct 2012 23:45, expires2...@rocketmail.com said:
Routinely encrypting *all* communications would transform the chore
into an habitual routine that requires little-to-no intellectual
effort in respect of each individual message sent or file stored. The
value of the encryption would
On Sat, 6 Oct 2012 15:53, melvincarva...@gmail.com said:
Is it possible to construct a GPG 'Certificate' from an existing RSA key
pair?
If you want to add it as a subkey, that is easy with GnuPG 2.1 (beta).
You first import your private key using
gpgsm --import foo.p12
you will be asked
On Tue, 9 Oct 2012 19:41, jw72...@verizon.net said:
The latest beta version fails to work properly on my 64-bit Windows 7 OS.
Is this the version from the latest gpg4win beta?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Wed, 10 Oct 2012 21:19, jw72...@verizon.net said:
it is Gpg4win 2.1.1 beta. In this package I selected the options for
installing only GPA and 2.0.19.
Okay, actually I tested it on a Windows-7 64 bit laptop. However it was
just a cursory test with GPA. I will do another test in the next
On Wed, 17 Oct 2012 02:12, do...@dougbarton.us said:
First, the backup files are different in Unix and Windows, filename~ on
the former, and filename.bak on the latter. So far I haven't run into
Old versions of the FAT file system don't support more than one dot in a
name or the tilde
On Thu, 18 Oct 2012 08:34, g...@idieikon.com said:
If I write gpg2.exe --help (or gpg.exe --help) the command or option
--passphrase is not shown anywhere.
Note that --help does not show all options. See the man page for a
complete list.
I'm using windows version. Is that a feature not
On Thu, 18 Oct 2012 00:37, fcas...@gmail.com said:
I´ve been trying to get the win32 port of the sha1sum util from
ftp://ftp.gnupg.org/gcrypt/binary/
but it looks like the server, as of this writing, is down. :-(
To me the server works:
$ lftp ftp.gnupg.org
lftp ftp.gnupg.org:~ ls
On Fri, 5 Oct 2012 11:35, collin.kle...@gmail.com said:
Contents of gnupg-2.0.9/tests/openpgp/sigs.test.log:
GnuPG 2.0.9 is pretty old. It even does not print the used libgcrypt
version with --version. I assume that you use a quite recent Libgcrypt
which fixes a bug, that in turn exhibits a
On Sun, 7 Oct 2012 02:34, jaimefde...@gmail.com said:
If I type a password gpg will try it with all the posible recipients but
this is not the behaviour that I want, is there any way to force a user?
FWIW: GnuPG 2.1.0-beta prodives the option --try-secret-key to make
things easier with hidden
On Mon, 8 Oct 2012 13:13, jaimefde...@gmail.com said:
$ gpg --batch --passphrase-fd 0 --status-fd 2 --command-fd 0 --edit-key user
What's wrong with
gpg2 --passwd USER
?
But gpg never gives me the chance to write the new password. I saw other
similar post
Do not use --passphrase-fd
On Fri, 19 Oct 2012 23:53, please.post@publicly.invalid said:
I wonder if there is a utility that, when fed a gpg-encrypted-message,
will tell me which key is needed, which compression/cipher/hash was used.
gpg FILE
Tells you the keys to which FILE is encrypted. For an encrypted message
the
On Sat, 20 Oct 2012 00:57, please.post@publicly.invalid said:
In fact it needs gpg -vvv to elicit this information:
Use --status-fd 1 to get that information:
DECRYPTION_INFO mdc_method sym_algo
Print information about the symmetric encryption algorithm and
the MDC method.
On Tue, 23 Oct 2012 17:22, freisch...@gmx.net said:
What am I doing wrong?
You need to use Scute. It takes care of presenting all required
information to Mozilla. That mainly means that it uses the key on the
card to lookup the certificate in the GnuPG keybox (via gpgsm). The
card does not
On Tue, 23 Oct 2012 18:41, incogn...@mixnym.net said:
gpg: renaming `c:\gnupg\pubring.gpg' to `c:\gnupg\pubring.bak' failed:
Permission denied
gpg: deleting keyblock failed: file rename error
It is possible that another process accesses pubring.gpg without doing
proper locking.
On Wed, 24 Oct 2012 09:39, freisch...@gmx.net said:
As far as I understand the card is capable of storing a complete certificate
(sec key and pub key). But this certificate is not supposed to be used with
the on card generated key(s). Am I right?
It is up to you how you use it. GnuPG does
On Wed, 24 Oct 2012 11:29, jaimefde...@gmail.com said:
But then I have to use pinentry, and I don't want to. I tried
You have to ;-). Search this list for pinentry wrapper to see how you
can work around it.
me type the new password. I think that passphrase-fd only read one password
at a
On Mon, 29 Oct 2012 22:43, do...@dougbarton.us said:
It isn't Robert who is picking the definition, it's the FSF. Arguing
about the definition here isn't going to do anyone any good, since the
Actually it is not just the FSF, but also the Open Source Initiative,
several governments, and the
On Tue, 30 Oct 2012 00:13, cwal...@comcast.net said:
http://www.gnu.org/philosophy/free-sw.html
For a more neutral view, I'd like to also post this link
http://en.wikipedia.org/wiki/Free_Software
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Mon, 29 Oct 2012 21:41, r...@sixdemonbag.org said:
Could you perhaps make a list of, say, the top five features GPGshell
supports that GPA doesn't? Things that you, yourself, use regularly,
That is a good idea. At least it might help us to stop responding to
recommendation of GPGshell.
On Wed, 31 Oct 2012 16:36, mghar...@evertz.com said:
I am using the following test program shipped with GPGME to sign a
document.
You don't need to paste the program, just the version of gpgme is
sufficient.
However, the program never asks for my passphrase. Based on the error
message, I
On Fri, 2 Nov 2012 00:57, expires2...@rocketmail.com said:
(invoked from ... confdialog.c, line 1447:)
Line too long
The application will be terminated.
I have not checked, but this commit might be the fix for your problem:
commit 44b6bdf63bd459f4469b37ae2454345992cfb661
Author: Werner
On Sat, 3 Nov 2012 16:23, expires2...@rocketmail.com said:
If I am reading correctly, that is applied in GPA version 0.9.2, which
is the GPA version included with GPG4Win version 2.1.1-beta1. I just
No, it is in 0.9.3 which was released after the last Gpg4win beta.
Salam-Shalom,
Werner
On Tue, 6 Nov 2012 07:56, faramir...@gmail.com said:
My fault, I was trying with www.gpg4win.org
Your problem might be that you still filter out the 5.0.0.0/8 net which
has been allocated 2 years ago. I check with Intevation that both will
point to the same box.
Shalom-Salam,
Werner
On Wed, 7 Nov 2012 02:59, faramir...@gmail.com said:
Back to the subject, does GpgEx require Kleopatra to run? Any other
dependences?
Either Kleopatra or GPA will work. Gpgex starts them if they are not
yet running (first tries Kleopatra but falls back to gpa, if Kleopatra
is not
601 - 700 of 3671 matches
Mail list logo