Re: Disable integrity check

On Donnerstag, 18. April 2024 19:00:59 CEST Matt Henderson wrote: > The problem I’m facing is that during the decryption of each file, I’m > prompted to manually confirm to overlook a failed integrity check. > > Since these files were all encrypted by me, I’d be fine to temporarily > disable the

Re: Fails signing key with Yubikey

On Donnerstag, 21. März 2024 08:22:48 CET Alexis via Gnupg-users wrote: > I'm trying to sign a secondary key with my yubikey, however it fails > saying the private key is not found. I'm able to sign files with `--sign`, > but am not able to use `--sign-key`. Your Yubikey holds three keys: *

Re: On the security of ~/.password-store/.gpg-id [was: Re: Second OpenPGP-card]

On Donnerstag, 29. Februar 2024 21:21:42 CET Daniel Kahn Gillmor wrote: > human-readable names for certificates. But i don't see how to use that > safely while dealing with GnuPG's risky implementation choices here. Allowing recipients to be specified by email address (or some other part of a

Re: Second OpenPGP-card

On Mittwoch, 28. Februar 2024 17:30:21 CET Werner Koch via Gnupg-users wrote: > On Wed, 28 Feb 2024 10:55, Matthias Apitz said: > > purism@pureos:~$ cat .password-store/.gpg-id > > CCID L5 > > Which means that it encrypts to "CCID L5". pass parses this using > > while read -r gpg_id; do

Re: Incompatible secret key format between 2.4.4 and 2.2.27?

On Sonntag, 11. Februar 2024 02:05:52 CET mlist_e9e869bc--- via Gnupg-users wrote: > I'm trying to import a key generated from GPG 2.4.4 to 2.2.27 but > unsuccessful. > > Upon importing, it returns `gpg: no valid OpenPGP data found.` > > I tried with compliance options but it does nothing. > >

Re: gpg: signing failed: Bad secret key

On Mittwoch, 24. Januar 2024 22:05:53 CET Leo Coogan via Gnupg-users wrote: > It looks like there's only that non-functioning signing subkey. Huh. Do > I need to create a new signing subkey? Copy the content of ~/.gnupg/private-keys-v1.d from your fedora machine to your nixox machine (after

Re: OT: Best way to send e-mails to a recipient that does know encryption

On Dienstag, 2. Januar 2024 12:16:15 CET LuKaRo wrote: > > I do not want to use Gmail to send that kind of informations and I'm > > comtemplating using posteo.de. > > > > Is this any better? > > I'd argue of course it's better. Google openly admits reading your > e-mail, so other mail providers

Re: gpg --card-status

On Montag, 1. Januar 2024 20:33:28 CET Matthias Apitz wrote: > It seems from the man page that only '#' is documented: Must be an older version. The manual page of GnuPG 2.4.3 reads: ‐K List the specified secret keys. If no keys are specified, then all known secret keys are

Re: gpg --card-status

29: “ssb#” means secret sub key, but without the matching secret > key on the card. This I just learned from Ingo Klöcker in another > thread. The meaning of ">" and "#" is documented in the description of the command `--list-secret-keys` in the manual

Re: Cannot export SSH public key

On Mittwoch, 27. Dezember 2023 13:40:40 CET Felix E. Klee wrote: > Thanks for pointing out that the signature key and the authentication > keys are identical: > > $ gpg --card-status [...] > Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > created

Re: Cannot export SSH public key

On Mittwoch, 29. November 2023 03:52:36 CET Felix E. Klee wrote: > So `gpg --card-status` imports [SC] and [E], but not [A]: > > $ rm ~/.gnupg/private-keys-v1.d/* > $ ls -a1 ~/.gnupg/private-keys-v1.d/ > . > .. > $ gpg --card-status > […] > Signature key : 7A0F

Re: Problems with [Q]GpgME and Qt6

On Samstag, 25. November 2023 04:15:28 CET Ron Murray via Gnupg-users wrote: > Here, for example, is the code I use to retrieve my secret key list: > QGpgME::KeyListJob *job = QGpgME::openpgp()->keyListJob(false, false, > false); > // Prepare result vector > std::vector keys; > // Execute it

Re: NO_SECKEY difference between 2.2 and 2.3

On Dienstag, 21. November 2023 12:05:39 CET Aleksander Machniak wrote: > I just noticed a difference on how NO_SECKEY status is used between > 2.2.x and 2.3.3. > > When I do --decrypt on an encrypted email message (having only > recipient's private+public key in the keyring): > - v2.2 outputs one

Re: Cannot export SSH public key

On Montag, 20. November 2023 09:24:32 CET Felix E. Klee wrote: > $ gpg --list-keys --keyid-format SHORT yubi...@f76.eu > pub rsa4096/1B6ED589 2023-06-29 [SC] > 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 > uid [ultimate] Felix E. Klee (YubiKey) > sub

Re: Pinentry problem with different home dir

On Mittwoch, 25. Oktober 2023 13:01:39 CEST Falko Strenzke wrote: > I am trying to run GnuPG with a different home directory by setting the > environment variable GNUPGHOME. However, in that case, for instance when > trying to generate a key, in that case I get the error > > gpg: DBG: chan_4 <-

Re: Building GnuPG – libassuan version

On Mittwoch, 11. Oktober 2023 09:08:23 CEST Falko Strenzke wrote: > I see now that even > https://github.com/gpg/libassuan/tree/libassuan-3.0-base is identifying > itself as version "2.5.6-beta1" via its config binary. So I wonder how I > can have working version of libassuan for current GnuPG

Re: GPGME: disable S/MIME (signature verification)

On Mittwoch, 2. August 2023 20:53:46 CEST ilf wrote: > Ingo Klöcker: > > Add disable-dirmngr to your gpgsm.conf. > > This won't disable S/MIME signature verification, but it disables > > expensive > > online checks. The alternative in GpgME is > > https://gnup

Re: GPGME: disable S/MIME (signature verification)

On Mittwoch, 2. August 2023 16:31:19 CEST ilf wrote: > How can I disable S/MIME or S/MIME signature verification in GPGME? > > Many Mutt users use GPGME, but few verify S/MIME signatures. In these > cases, the check is useless. It's also annoying, because it can take > around 25 seconds to

Re: "gpg --card-edit" with multiple card readers (Yubikey)

On Freitag, 7. Juli 2023 11:19:47 CEST Juanjo via Gnupg-users wrote: > I'm using "gpg (GnuPG) 2.3.3" on AlmaLinux 9 and it works fine with a > single "YubiKey 5 USB (5.4.3) [CCID]". > > The issue comes when I plug more than one Yubikey. > > I can use "gpg --card-status all" to retrieve the

Re: OT: DKIM signatures on email messages from lists.gnupg.org

On Dienstag, 13. Juni 2023 19:56:38 CEST Alessandro Vesely via Gnupg-users wrote: > BTW your GPG signature doesn't verify. It does for me. For all of his messages in this thread. Regards, Ingo signature.asc Description: This is a digitally signed message part.

Re: encryption failed: No dirmngr

On Mittwoch, 29. März 2023 12:20:08 CEST Fourhundred Thecat via Gnupg-users wrote: > I am getting this error: > > $ gpg --lock-never --no-verbose --batch --yes --pinentry-mode loopback -e -r > 'n...@domain.com' -o zz.gpg zz gpg: failed to start the dirmngr > '/usr/bin/dirmngr': No such file or

Re: Error on gpg key exported from linux to Mac

On Samstag, 18. März 2023 21:23:43 CET yung mgc via Gnupg-users wrote: > I have exported a gpg key from linux to Mac. Exporting commands on linux > are as follows [...] > And when I tried to change its passwd, gpg said > > ``` > error getting keyinfo from agent: System error w/o errno > pKey has

Re: Confusion about gpg-preset-passphrase

On Freitag, 3. März 2023 13:09:09 CET efeizbudak via Gnupg-users wrote: > So I'm trying to use gpg-preset-passphrase but for some reason I keep > having to enter the passphrase all the same. I run > > /usr/libexec/gpg-preset-passphrase --preset $KEYGRIP Works for me (with the current development

Re: S/MIME certificates with LDAP-only CRL uri

On Mittwoch, 22. Februar 2023 16:35:34 CET Alexander Grahn via Gnupg-users wrote: > recently I obtained a free certificate from DGN (German Health Net) for > signing e-mails. I imported the p12 file with gpgsm into my keybox and > added the complete certificate chain to ~/.gnupg/trustlist.txt

Re: Subkeys renewing/expiring strategy

On Dienstag, 11. Oktober 2022 19:44:19 CET Ingo Klöcker wrote: > I'm going to experiment with 1-year-validity of the signing subkeys of my > commit signing key. Since I use this key exclusively for commit signing, I > can simply replace it with a completely different key if I chang

Re: Question about secret service integration and saved passphrases

On Donnerstag, 5. Januar 2023 02:50:25 CET Jackson Chen via Gnupg-users wrote: > i had enabled KeePassXC secret service integration (some free desktop > standard). when i use my secret GPG/PGP keys, i get prompted by KeePassXC > to unlock the database (if locked). after unlocking the database, GPG

Re: Expiration date of subkeys (retroactive)

On Sonntag, 1. Januar 2023 03:54:21 CET gnupg-us...@aschoettler.com wrote: > I have several GnuPG keys which I edited with KGpg. > https://apps.kde.org/de/kgpg/ > > Unfortunately, the subkeys were not taken into account when setting > the expiry date. > How can I retroactively edit my expired

Re: Creation and Expiration timestamp

On Sonntag, 1. Januar 2023 03:53:08 CET gnupg-us...@aschoettler.com wrote: > Where can I see the internal creation and expiration timestamp of my keys? > In the command line and in various frontends I only see the date > without the time. If you really must know the exact second then use the

Re: scd: binary data returned when sending direct APDU

On Mittwoch, 21. Dezember 2022 17:51:39 CET Alexandre Vaissière via Gnupg- users wrote: > I am trying to send arbitrary APDU commands via scd. When doing that I > noticed that scd answers me with binary data. For example: > > gpg-connect-agent > > scd apdu 00 A4 04 00 07 A0 00 00 05 27 21 01 > D

Re: Only GnuPG 2.2.x in Debian Bookworm?

On Samstag, 10. Dezember 2022 22:21:51 CET Karel van Gruiten via Gnupg-users wrote: > Debians next release Bookworm is scheduled for mid 2023 an the first > deadlines are approaching in January. I am only a user, but I wonder why > they stick to the 2.2-series and do not jump to the 2.3-builds as

Re: GPG

On Donnerstag, 8. Dezember 2022 05:48:34 CET Vishal Rana via Gnupg-users wrote: > I want to use Gnupg for Digital Signature and other cryptographic functions > for our project. > > On the server side its working fine. Where I am doing digital signatures by > enabling FIP140-2. > > But on the

Re: Difference between versions--Question

On Freitag, 11. November 2022 14:06:34 CET Bernhard Reiter wrote: > Am Freitag 04 November 2022 13:55:58 schrieb K S via Gnupg-users: > > How do I run configure to get the compression routines? > > checkout the "config.log" or the output of your configure command run > to see if there are

Re: Difference between versions--Question

On Montag, 31. Oktober 2022 10:23:10 CET K S via Gnupg-users wrote: > Question: > Why aren't those identical? I notice the source build has only > Uncompressed as an option. [...] > Is there something I missed in my build? configure most likely didn't find the development files of the compression

Re: Problem regarding dirmngr on Debian stable

On Samstag, 22. Oktober 2022 19:12:23 CEST Dennis Clarke via Gnupg-users wrote: > I saw that the version of GnuPG on Debian stable was not really up > to date and thus decided to build my own local copy from recent sources. [...] > $ gpg --keyserver pgp.mit.edu --search-keys

Re: Subkeys renewing/expiring strategy

On Donnerstag, 13. Oktober 2022 11:39:41 CEST nect via Gnupg-users wrote: > > Since I use this key exclusively for commit signing, I can > > simply replace it with a completely different key if I change my mind. > > About this, how do you deal-or plan of dealing- with past commits signed > with a

Re: Subkeys renewing/expiring strategy

On Dienstag, 11. Oktober 2022 17:23:49 CEST nect via Gnupg-users wrote: > I started using gpg relatively recently (1 year or so), mainly for > signing git commits, and I am far from mastering it. > > Since I was struggling to choose a strategy for expiring/renewing my > subkeys (more details

Re: How to batch generate ed25519 keys ?

On Freitag, 7. Oktober 2022 16:20:11 CEST Denis Iskandarov via Gnupg-users wrote: > How to generate ed25519 keys using "gpg --full-generate-key --batch" > command? [...] > Sad that there are no clear instructions/docs for that, or it is required > to learn all docs by heart and make PhD for all

Re: Unverifiable signatures of some downloads

On Samstag, 3. September 2022 20:15:06 CEST Kris Kozminski wrote: > I downloaded stuff from https://gnupg.org/download/index.html and > signatures from https://gnupg.org/signature_key.asc You can find a link to older keys at the end of https://gnupg.org/signature_key.html Regards, Ingo

Re: How to generate non-bad cv25519 encryption key?

On Dienstag, 23. August 2022 10:44:52 CEST theaetetos--- via Gnupg-users wrote: > Aug 22, 2022, 21:07 by kloec...@kde.org: > >> gpg2 --version > >> > >> >gpg (GnuPG) 2.3.3 > >> >libgcrypt 1.9.4 > > > > The solution is easy: Use gpg 2.3.7. > > Are you sure this should suffice? Yes, I'm pretty

Re: How to generate non-bad cv25519 encryption key?

On Montag, 22. August 2022 20:53:03 CEST theaetetos--- via Gnupg-users wrote: > I am encountering a certain warning regarding my ed25519/cv25519 > encryption key. When I export the freshly generated encryption subkey > and then reimport it, I get the following: > >gpg: Schlüssel 20628B8C51751C49:

Re: OpenPGP smartcard and P-256 in non expert mode

On Donnerstag, 11. August 2022 09:39:24 CEST Sosthène Guédon | Nitrokey via Gnupg-users wrote: > I don't understand why generating a key on a smartcard only offers > Curve25519 and P-384 for ECC cryptography unless the --expert flag is used. You are asking the question the wrong way. Why should

Re: GnuPG 2.2.36 released

On Freitag, 8. Juli 2022 22:55:07 CEST Konstantin Ryabitsev via Gnupg-users wrote: > I'm trying to verify swdb.lst.sig, but I can't: > > $ gpg --verify swdb.lst.sig > gpg: assuming signed data in 'swdb.lst' > gpg: Signature made Wed 06 Jul 2022 02:26:07 PM EDT > gpg:using ECDSA

Re: gpa.exe hungs when click on "smartcards" AND scdaemon cannot recognise SC-HSM

On Freitag, 24. Juni 2022 22:47:55 CEST Minas Argyrou via Gnupg-users wrote: > I am tring it get GnuPG to work with my SmartCard-HSM 4K on Windows, using > the GP4Win bundle. > > Kleopatra doesn't recognise the SC-HSM 4K at all, even though, it DOES > recognise the YubiKey 5 NFC in BOTH PIV and

Re: gpg auto-locate-key selects expired/revoked key

On Donnerstag, 9. Juni 2022 22:29:52 CEST Jan Eden via Gnupg-users wrote: > Sorry, the output of gpgconf referred to a changed configuration. This > is what happens for me with GnuPG 2.3.4: > > value for `keyserver` in gpg.conf → keyserver used with `--refresh-key` > hkp://keys.gnupg.net →

Re: gpg auto-locate-key selects expired/revoked key

On Donnerstag, 9. Juni 2022 17:38:04 CEST Mark via Gnupg-users wrote: > I just looked at what Kleopatra has it set for and it has it set for > hkp://keys.gnupg.net as well. I'm guessing that is no longer the best > choice? Kleopatra 3.1.21.220401 uses whatever `gpgconf --list-options dirmngr`

Re: npth1.6 integrity check issue

On Donnerstag, 26. Mai 2022 10:35:18 CEST bvea--- via Gnupg-users wrote: > I've imported the key specified on > the website and have verified the gpg source and all of the dependencies > except for npth1.6. When I try to verify npth, the output is > > gpg: Signature made Mon 16 Jul 2018 12:37:23

Re: Verification of a detached signature fails, what am I missing?

On Sonntag, 8. Mai 2022 01:33:28 CEST Vinay Sajip via Gnupg-users wrote: > The following script fails at the verification step. It needs to be run with [...] > echo $'\e[1;33m'Creating random data to sign ...$'\e[0m' > dd if=/dev/urandom of=data-to-sign bs=1 count=1024 > /dev/null 2>&1 > echo

Re: Backing up your PGP key by hand

On Montag, 2. Mai 2022 13:26:06 CEST Jonathan Cross via Gnupg-users wrote: > I have to say the effort involved in your method seems unrealistic for most > users: > > > Considering a paperkey is less than 150 lines, that means it should take > > 50 sessions, or a little less than 2½ months to get

Re: Use multi-usage key in authentication slot on HW-key for encryption

On Samstag, 16. April 2022 09:10:58 CEST Felix Mayr via Gnupg-users wrote: > So, I decided to use a Yubikey to store my GPG-subkeys. Using the > smartcard functionality I can store 3 different subkeys and so thought > that I could actually store some multi-usage key > (authentication/encryption)

Re: --export-filter not working

On Donnerstag, 14. April 2022 23:27:21 CEST Felix Mayr via Gnupg-users wrote: > Hello all, > > so I try to create a file with my public keys and want to exclude some > authorization keys. `--export-filter` should do the job if I understand > correctly, but it doesn't work. (platform: Fedora

Re: why injecting same RSA keys to different smartcards lead to different key id's

On Samstag, 12. März 2022 10:19:27 CET Alireza Sadeghpour via Gnupg-users wrote: > I've injected the same RSA keys to two different smartcard using the > pkcs11-tool, but when I import them in the gpg I got different keyids. This is probably due to the fact that the creation date/time of the key

Re: Cancel operation does not return error code

On Freitag, 11. März 2022 17:05:44 CET Schultschik, Sven via Gnupg-users wrote: > > -Ursprüngliche Nachricht- > > Von: Gnupg-users Im Auftrag von Ingo > > Klöcker Gesendet: Freitag, 11. März 2022 11:18 > > An: gnupg-users@gnupg.org > > Betreff: Re: Cancel o

Re: Cancel operation does not return error code

are doing differently. I'm using gpgme 1.17.1. Regards, Ingo > -Ursprüngliche Nachricht----- > Von: Gnupg-users Im Auftrag von Ingo Klöcker > Gesendet: Donnerstag, 10. März 2022 22:16 > An: gnupg-users@gnupg.org > Betreff: Re: Cancel operation does not return error code > >

Re: Cancel operation does not return error code

On Donnerstag, 10. März 2022 14:30:29 CET Schultschik, Sven via Gnupg-users wrote: > if your using gpgme with interactive password entry on the command line and > the user cancels the operation, shouldn't there be an error returned? > > Following code > > err = gpgme_op_encrypt(ctx, NULL,

Re: gpgme can't find keys

On Freitag, 4. März 2022 16:33:57 CET William Yu via Gnupg-users wrote: > I am running Ubuntu 20.04.4 LTS, I installed libgpgme11 from Ubuntu with > version 1.13.1-7ubuntu2 and I installed gpg2 with gpg 2.2.19, libgcrypt > 1.8.5. > > My problem is this, I try to use keys on my computer in a C

Re: gpg --verify fails, no key?

On Sonntag, 20. Februar 2022 22:16:31 CET Ralph Seichter via Gnupg-users wrote: > > Has the tarball been signed with two keys? > > According to the output you posted there are two signatures from two > separate keys, made on two different days. Looking at

Re: Signing message problem with GPG loopback pin-entry option

On Sonntag, 20. Februar 2022 17:37:51 CET Alireza Sadeghpour wrote: > On Sun, 20 Feb 2022, 7:37 PM Ingo Klöcker, wrote: > > On Sonntag, 20. Februar 2022 16:25:31 CET Alireza Sadeghpour wrote: > > > I am trying to encrypt and sign a file with gpg and loopback pinentry > >

Re: Signing message problem with GPG loopback pin-entry option

On Sonntag, 20. Februar 2022 16:25:31 CET Alireza Sadeghpour via Gnupg-users wrote: > I am trying to encrypt and sign a file with gpg and loopback pinentry > option, with the below command: > > gpg --pinentry-mode=loopback --passphrase ="mypws" \ > --ignore-time-conflict --ignore-valid-from \ >

Re: Changing the encryption algorithm used for PGP/GPG private key

On Montag, 14. Februar 2022 10:36:25 CET Daniel Colquitt via Gnupg-users wrote: > I've read various tutorials and posts regarding changing the algorithm used to encrypt my private PGP keys. However, nothing I have tried seems to work. I am using gpg4win: [...] > My gpg.conf file located at >

Re: Questions re auto-key-locate

On Dienstag, 15. Februar 2022 21:32:50 CET Dan Mahoney (Gushi) via Gnupg-users wrote: > Worse still, if you know a key exists via something like DANE (dayjob > makes DNS software, we like the idea of it being available via DANE), > there's no way to do gpg --search via DANE, only via a keyserver.

Re: Does gpgsm support ECDSA-with-sha256 signature?

On Sonntag, 6. Februar 2022 08:07:21 CET Borden via Gnupg-users wrote: > According to dev.gnupg.org , EC support has > been in gpgsm for a while now. However, I cannot import an EC > certificate/key pair (generated by CPanel via COMODO) into gpgsm . This is > a bummer

Re: Current state and contact (various questions)

On Mittwoch, 2. Februar 2022 08:30:56 CET B1773rm4n via Gnupg-users wrote: > Hello, > > this is my first post here. I'm an experienced Dev and FOSS contributor > which worked quite some with gpg recently. > > I got some questions: > > 1. Who takes care for tasks like updating the website? > For

Re: photo-ID omitted when retrieving keys from WKD

On Dienstag, 1. Februar 2022 18:22:00 CET Piotr Morgwai Kotarbinski via Gnupg- users wrote: > hmm: I don't seem to follow: > if a user decided to trust (to certain extent) some domain's WKS admins > regarding key fingerprints That's not what I meant by "trust the WKS admins". What I meant is

Re: photo-ID omitted when retrieving keys from WKD

On Montag, 31. Januar 2022 15:58:22 CET Piotr Morgwai Kotarbinski via Gnupg- users wrote: > I have a public key with a photo-ID uploaded to WKD at my domain and when I download it manually and import to gpg, everything works as expected: [...] > However if I try to locate the same key

Re: YubiKey 5C NFC not detected

On Sonntag, 30. Januar 2022 12:22:24 CET Felix E. Klee wrote: > Ingo Klöcker writes: > > Are you sure "Yubico Yubi" is the correct value for the reader-port > > option? > > It’s what is suggested in the official [Troubleshooting Issues with > GPG][1]. They als

Re: YubiKey 5C NFC not detected

On Samstag, 29. Januar 2022 22:24:03 CET Felix E. Klee wrote: > I would like to set up a YubiKey 5C NFC for SSH, but it doesn’t get > detected by GnuPG: > > $ ykman config usb -l > OTP > FIDO U2F > FIDO2 > OATH > PIV > OpenPGP > YubiHSM Auth > $ cat

Re: First Amendment and Marines?

On Samstag, 29. Januar 2022 17:38:24 CET jonkomer via Gnupg-users wrote: > Posting the question was worthwhile, as I have learned > that: > > (a) Unfortunately, OpenPG email encryption is incompatible > with GDPR and should not be used by those that either want > or need to be GDPR compliant. I

Re: bash script to get WKD URL for a given email

On Freitag, 28. Januar 2022 06:11:01 CET Piotr Morgwai Kotarbinski via Gnupg-users wrote: > Maybe someone will find it useful: > https://gist.github.com/morgwai/016fae4fd22f01e225509b76fee1d6c7 At least GnuPG 2.3 includes gpg-wks-client which, among other commands, has a command to print the WKD

Re: gpg --verify in batch mode / how to require a trust level?

On Dienstag, 18. Januar 2022 15:59:11 CET Bernd Graf via Gnupg-users wrote: > How can I require `gpg --verify` to only accept keys from my keyring > with a certain trust level and fail otherwise (rc!=0) > > Alternatively, how can I check that a signature was done with a specific > key? Use gpgv

Re: Levels of validation

On Sonntag, 2. Januar 2022 16:45:47 CET Christoph Klassen via Gnupg-users wrote: > On 02.01.22 15:05, Klaus Ethgen wrote: > > Yes. But depends on your trust-model setting (see man page). > > Okay, I will read it. Sounds interesting because developers could decide > to display the level of

Re: SSH and gpg2: pinentry errors hidden from view, agent refused operation

On Donnerstag, 30. Dezember 2021 15:38:47 CET Lars Noodén via Gnupg-users wrote: > What else is needed to get pinentry invoked so that the SSH client can > connect using the GnuPG RSA key? > > At this point the public key is visible in the SSH agent: > > $ ssh-add -l > 3072

Re: fingerprint associated public key does not match displayed public key

On Freitag, 17. Dezember 2021 18:04:04 CET S.B. via Gnupg-users wrote: > > Otherwise, you can simply send your exported key to the person you want to > > give your public key to. > > Yeah so, I can attach the .asc file that's in my Disk/users/SamiBadri > folder (it's the only .asc file I've

Re: fingerprint associated public key does not match displayed public key

Please reply inline unless your email client makes this difficult. As you can see from the replies to your messages that's what we prefer on this mailing list. It helps to make the context of the replies more clear. There is a Frequently Asked Questions document that you may want to read if

Re: fingerprint associated public key does not match displayed public key

On Donnerstag, 16. Dezember 2021 16:37:30 CET S.B. via Gnupg-users wrote: > maybe I'm not explaining it well. Indeed. > I was able to import a public key using: > > gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* > > the fingerprint was provided to me by the intended

Re: fingerprint associated public key does not match displayed public key

On Donnerstag, 16. Dezember 2021 12:52:28 CET S.B. via Gnupg-users wrote: > Here is my situation: I have imported a public key using > gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* > > *provided by the intended recipient on their profile page > > The person also displayed

Re: using two Yubikeys with the same key

Please keep replies on this mailing list. On Sonntag, 12. Dezember 2021 09:12:28 CET bere...@hotmail.com wrote: > everything is cool now except for one symlink error: > > $ gpg --version > *gpg: error reading symlink '/proc/curproc/file': No such file or directory* You can safely ignore this

Re: using two Yubikeys with the same key

On Samstag, 11. Dezember 2021 13:17:57 CET bereska--- via Gnupg-users wrote: > Is there a way to tell gnupg to use the second key with the same keys > but a different serial number YYY to decrypt the same very file? > > I am using: > gpg (GnuPG) 2.2.28 This should work with GnuPG 2.3.x which has

Re: Continuing 2.3 weirdness

On Mittwoch, 8. Dezember 2021 04:49:12 CET Robert J. Hansen via Gnupg-users wrote: > Let's start by nuking the .gnupg directory and shutting down all GnuPG > daemons: > > rjh@ripley:~$ rm -rf .gnupg > rjh@ripley:~$ /usr/local/bin/gpgconf --kill all > rjh@ripley:~$ ps ax|grep [g]pg-agent > >

Re: 2.3 --list-keys weirdness

On Montag, 6. Dezember 2021 09:41:51 CET Robert J. Hansen via Gnupg-users wrote: > > Which version exactly are you using? > > 2.3.3. > > > Try attaching gdb to see where it hangs. > > #12 0x5562025c in start_new_keyboxd > (r_ctx=r_ctx@entry=0x7fffd930, >

Re: 2.3 --list-keys weirdness

On Montag, 6. Dezember 2021 02:28:07 CET Robert J. Hansen via Gnupg-users wrote: > rjh@ripley:~$ gpg - --list-keys > gpg: using character set 'utf-8' > gpg: Note: RFC4880bis features are enabled. > gpg: key 1DCBDC01B44427C7: accepted as trusted key > gpg: key 1E7A94D4E87F91D5: accepted as

Re: Cannot decrypt file after clearing cache

On Mittwoch, 24. November 2021 12:39:15 CET Stephen Jeffrey via Gnupg-users wrote: > After entering the > password it fails. I am using a fresh install of Fedora 35 and gpg2 version > 2.3.2. > Why is it failing after I clear the cache? Because symmetric encryption is broken in version 2.3.2. See

Re: gpg: Note: secret key [...] expired...

On Dienstag, 9. November 2021 15:28:27 CET Keine Eile wrote: > I have a revoked private key in my key ring, which I replaced with new one. > I really do not want to discard this old key, for what I think good > reasons. Is there a way to let gpg ignore this key or suppress this this¹ >

Re: --auto-key-retrieve fails for some keys

On Dienstag, 2. November 2021 16:05:30 CET Tadeus Prastowo via Gnupg-users wrote: > The signature on a Linux kernel can be verified successfully using > `--auto-key-retrieve', but the signature on an Emacs cannot be > verified in the same manner because gpg is unable to retrieve the > needed

Re: Unable to decrypt file copied from USB thumb drive.

On Samstag, 30. Oktober 2021 14:24:58 CEST Chris Taylor wrote: > The hash of my gpg file on my laptop is different to it's hash on the > thumb drive. If the hash of any file on your laptop differs from the hash of the same file after copying it to the thumb drive this can only mean two things:

Re: Error when trying to locate key via WKD

[Putting this back on the mailing list. Please keep replies on the list.] On Mittwoch, 27. Oktober 2021 21:20:03 CEST Christoph Klassen wrote: > On 27.10.21 20:54, Ingo Klöcker wrote: > > The important part is > > 2021-10-27 20:44:04 dirmngr[26980.6] DBG: >> GET > &

Re: Error when trying to locate key via WKD

On Mittwoch, 27. Oktober 2021 18:16:14 CEST Christoph Klassen via Gnupg-users wrote: > Hello, > > I tried to get a key via WKD (using the command --locate-keys), but it > didn't work as expected. The error message I got was: > > gpg: using pgp trust model > gpg: error retrieving

Re: [Announce] GnuPG 2.2.31 (LTS) released

On Freitag, 17. September 2021 13:36:48 CEST Johan Wevers via Gnupg-users wrote: > On 16-09-2021 12:27, Werner Koch wrote: > > https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.31_202109.exe.sig > > The signature file can't be found. On 16-09-2021 12:27, Werner Koch wrote: >

Re: Why is --auto-key-locate only for encrypting?

On Donnerstag, 2. September 2021 01:28:42 CEST raf via Gnupg-users wrote: > On Wed, Sep 01, 2021 at 01:50:36PM +0200, Ingo Klöcker wrote: > > On Mittwoch, 1. September 2021 07:55:21 CEST raf via Gnupg-users wrote: > > > Why is the --auto-key-locate only for encrypting (sa

Re: Why is --auto-key-locate only for encrypting?

On Mittwoch, 1. September 2021 18:15:56 CEST Phil Pennock via Gnupg-users wrote: > On 2021-09-01 at 13:50 +0200, Ingo Klöcker wrote: > > On Mittwoch, 1. September 2021 07:55:21 CEST raf via Gnupg-users wrote: > > > Why is the --auto-key-locate only for encrypting (says > &

Re: Why is --auto-key-locate only for encrypting?

On Mittwoch, 1. September 2021 07:55:21 CEST raf via Gnupg-users wrote: > Why is the --auto-key-locate only for encrypting (says > the gpg(1) manpage)? Wouldn't it also be useful when > receiving emails and verifying signatures? --auto-key-locate looks up keys by email address. It makes no sense

Re: WKD: how to remove expired key verification

On Dienstag, 3. August 2021 11:02:35 CEST gnupgpacker wrote: > Hello, > > a key contains an old, expired verification. > > If searching this key by WKD, it shows: > > $ gpg --locate-key x...@xyxy.de > pub rsa2048 2013-10-21 [SCEA] [verfallen: 2019-03-26] >

Re: --search-keys: "gpg: error searching keyserver: No inquire callback in IPC"

On Mittwoch, 28. Juli 2021 18:38:07 CEST Rainer Fiebig via Gnupg-users wrote: > Am 28.07.21 um 17:42 schrieb Andrew Gallagher: > > On 28/07/2021 15:19, Rainer Fiebig via Gnupg-users wrote: > >> 2021-07-28 16:06:50 dirmngr[4135.6] Fehler beim Verbinden mit > >> 'https://keys.openpgp.org:443':

Re: keys retrieved from keyserver (keys.openpgp.org) are unusable

On Dienstag, 27. Juli 2021 01:32:53 CEST root wrote: > Long story short, when the public key is downloaded to my PC as a plain text > .asc file, and later imported using the function > gpgme_op_keylist_from_data_start() and gpgme_op_keylist_new(), the > key->can_encrypt, key->sign_certify, and

Re: Multiple Yubikeys/Smartcards and Thunderbird email client

On Donnerstag, 15. Juli 2021 03:22:47 CEST Brandon Anderson via Gnupg-users wrote: > I have several Yubikeys and smartcards in my setup, each with its own > signing subkeys, and I use these, among other things, to sign email > messages. Whenever I want to send an email on thunderbird, it demands

Re: gpgme_op_decrypt segfault

Hi, On Montag, 28. Juni 2021 21:37:58 CEST Schultschik, Sven via Gnupg-users wrote: > Hello all together, > > I have created a small Applikation to zip and encrypte and vise versa. > > I struggle at the point of err = gpgme_op_decrypt(ctx, in, out); > Which terminates with an segfault

Re: SHA Hash for DMG

On Donnerstag, 24. Juni 2021 00:14:19 CEST Wayne Ho via Gnupg-users wrote: > Hi, > > I was wondering if anyone knows that SHA1 checksum for the MacOS file > GnuPG-2.2.28.dmg. It seems to be missing from > https://www.gnupg.org/download/integrity_check.html. It's not missing. The MacOS installer

Re: Long Term Key Management With Hardware Tokens

On Dienstag, 22. Juni 2021 20:47:45 CEST Brandon Anderson via Gnupg-users wrote: > I agree that for most people having a paper backup stolen is unlikely, > but then again, most people are not using GPG, to begin with, let alone > GPG with smartcards or security tokens. There are several security

Re: Long Term Key Management With Hardware Tokens

On Montag, 21. Juni 2021 04:52:37 CEST Brandon Anderson via Gnupg-users wrote: > The problem, of course, comes when I need to decrypt old messages signed > with the revoked key or if someone at a later point sends an encrypted > message to the revoked key. If you know the recipient, then solving

Re: Where is swdb.lst

On Donnerstag, 17. Juni 2021 11:22:42 CEST Werner Koch via Gnupg-users wrote: > On Wed, 16 Jun 2021 21:18, Ajax said: > >> $ build-aux/getswdb.sh > > > > Which gave : > > ... No such file or directory > > $ tar tjvf gnupg-2.2.28.tar.bz2 | grep getswdb.sh > -rwxr-xr-x 1000/1000 4831

Re: migration by copy of ~/.gnupg not working

On Donnerstag, 3. Juni 2021 19:50:17 CEST Herr Saalfeld via Gnupg-users wrote: > Hi, > > I though migrating my user GPG configuration onto a new computer should > be as simple as making a full copy of ~/.gnupg with rsync > > rsync -av old:/home/me/.gnupg /home/me/ I would have expected the

  1   2   3   4   >