Re: Homedir command
David Vallier wrote: > I am trying to get gnupg to "live" on a USB key and would like to know > the prober usage of the homedir command, can it be put in the cfg > file, and if so does it need to be "escaped" IE "--homedir x/yz" or what. > Ummm that won't work. GnuPG looks in the homedir for the conf file, so putting the homedir option in gpg.conf is rather pointless. This is also stated in the man page. You read that, right? ;-} --homedir directory Set the name of the home directory to directory If this option is not used it defaults to "~/.gnupg". It does not make sense to use this in a options file. This also overrides the environment variable $GNUPGHOME. It sounds like you're trying to recreate the work the GPG2GO folks did on your own. There are essentially two ways to so this. 1) If you're always moving between the same systems: Use the default GnuPG HomeDir (~/.gnupg on *nix; %APPDATA%\GnuPG on Windows) and set gpg.conf to point to the files on the removable media; e.g. no-default-keyring keyring O:\GnuPG\pubring.gpg primary-keyring O:\GnuPG\pubring.gpg secret-keyring O:\GnuPG\secring.gpg trustdb-nameO:\GnuPG\trustdb.gpg 2) The other approach is to set the environment variable GNUPGHOME to point to where ever gpg.conf and the keyring files are stored. This is the approach the GPG2GO folks use, IIRC. Can give better answers if we know what sort of environment you're targeting. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to fix the user ID on an old key?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Oskar L. wrote: >> Any ideas? >> Well, my first "attempt to repair" would be to "open" the Key with the Edit function in GPGshell and re-set the prefs (even if you keep them the same) and then use the "save" Command. Whenever one "tinkers" with their Key a new self-signature is generated showing the date the "edit" was performed. JOHN :) Timestamp: Wednesday 19 Oct 2005, 06:51 PM --400 (Eastern Daylight Time) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDVs5tAAoJEBCGy9eAtCsP0LkH/0+8AzauinkJ3ONWgnw7LCIs 5VH9MZi3f9Mu02gX+VGb9iFmm4n5QD+u05lQTRSd6C3UAekdsCeJ/7SloBsNAIcf OBgP20WSo/529eBhoA+n6MZwPygFex/CEoFaJHgOa1fIrfkJhENlSjpeaQoCIRP/ 7soOr0dZwwPjK88Z0uw8LH+pQ2Cjr86xXqzE6+FJcfVGJIYO6vx5zt8JxXPkyGaz zVhKARrbO+NUwjwPShvObfdxPob3Gpr7ieSH9N69b4XWIzZQa9WN0QuPwUPyL/dZ mpiaoKYXuAi5ZJOTvtj8OpZ2gSjL7L9X4JMFHv+9WA17owUKcCxhO/h1yPvQEr8= =k25v -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Homedir command
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am trying to get gnupg to "live" on a USB key and would like to know the prober usage of the homedir command, can it be put in the cfg file, and if so does it need to be "escaped" IE "--homedir x/yz" or what. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: TANSTAAFL iEYEARECAAYFAkNWmHIACgkQCT6ogSjnGK/X9wCePpwE60aAS/qpa6RMkUFb+7Zh CFgAn0N/4Ad0PrY6WRHmDdGMae9dQ/xB =ff8Y -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to fix the user ID on an old key?
"Alphax" <[EMAIL PROTECTED]> wrote: > If that doesn't work, gpg --sign 0x75AC881F ... Re-signing the key was the first thing that came to my mind when I saw the "this may be caused by a missing self-signature" message, but it doesn't help (see below). As you can see, deleting the self-signature and then re-signing the key, only changes the public key (sha1sums match for the old and new secret keys). And it's the secret key that gpg has a problem with, because I don't get this message when importing only the public key, but it appears when importing only the secret key. The message reads "this MAY be caused...", but can anyone confirm that this actualy is an issue about the self-signature (or lack of) on the secret key? I suspect that there is something else wrong with the key (why would the self-signature have disappeared?). Any ideas? Oskar [EMAIL PROTECTED]:/mnt/hda3$ rm -f /home/oskar/.gnupg/* [EMAIL PROTECTED]:/mnt/hda3$ gpg --import 75AC881F-public.asc 75AC881F-secret.asc gpg: keyring `/home/oskar/.gnupg/secring.gpg' created gpg: keyring `/home/oskar/.gnupg/pubring.gpg' created gpg: /home/oskar/.gnupg/trustdb.gpg: trustdb created gpg: key 75AC881F: public key "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" imported gpg: key 75AC881F: secret key imported gpg: key 75AC881F: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 2 gpg: w/o user IDs: 1 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 [EMAIL PROTECTED]:/mnt/hda3$ gpg --edit-key 75AC881F gpg (GnuPG) 1.4.2; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown sub 2048g/250C6794 created: 2003-10-03 expires: never usage: E [ unknown] (1). [EMAIL PROTECTED] <[EMAIL PROTECTED]> Command> sign "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" was already signed by key 75AC881F Nothing to sign with key 75AC881F Command> uid 1 pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown sub 2048g/250C6794 created: 2003-10-03 expires: never usage: E [ unknown] (1)* [EMAIL PROTECTED] <[EMAIL PROTECTED]> Command> sign "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" was already signed by key 75AC881F Nothing to sign with key 75AC881F Command> delsig uid [EMAIL PROTECTED] <[EMAIL PROTECTED]> sig! 75AC881F 2005-06-04 [self-signature] Delete this good signature? (y/N/q)y Really delete this self-signature? (y/N)y Deleted 1 signature. Command> sign pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown Primary key fingerprint: 4284 0353 BAAC 7A03 034D 2FFE A1D2 BB59 75AC 881F [EMAIL PROTECTED] <[EMAIL PROTECTED]> Are you sure that you want to sign this key with your key "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" (75AC881F) This will be a self-signature. Really sign? (y/N) y You need a passphrase to unlock the secret key for user: "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" 1024-bit DSA key, ID 75AC881F, created 2003-10-03 Command> save [EMAIL PROTECTED]:/mnt/hda3$ gpg --export-secret-key -a -o 75AC881F-secret-test.asc [EMAIL PROTECTED]:/mnt/hda3$ gpg --export -a -o 75AC881F-public-test.asc [EMAIL PROTECTED]:/mnt/hda3$ rm -f /home/oskar/.gnupg/* [EMAIL PROTECTED]:/mnt/hda3$ gpg --import 75AC881F-public-test.asc 75AC881F-secret-test.asc gpg: keyring `/home/oskar/.gnupg/secring.gpg' created gpg: keyring `/home/oskar/.gnupg/pubring.gpg' created gpg: /home/oskar/.gnupg/trustdb.gpg: trustdb created gpg: key 75AC881F: public key "[EMAIL PROTECTED] <[EMAIL PROTECTED]>" imported gpg: key 75AC881F: secret key imported gpg: key 75AC881F: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 2 gpg: w/o user IDs: 1 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 [EMAIL PROTECTED]:/mnt/hda3$ sha1sum 75AC881F* d1c614e37994ef312468616bb4d948a007c98f1a 75AC881F-public-test.asc 3183087b880c9bffc1834fe2059ab8316081d31a 75AC881F-public.asc fcd85f0b6f35e1262a230b79ab583c8bc459042a 75AC881F-secret-test.asc fcd85f0b6f35e1262a230b79ab583c8bc459042a 75AC881F-secret.asc ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subkey revocation means losing signatures?
On Wed, Oct 19, 2005 at 02:30:31PM +0200, Realos wrote: > hi, > > > > >yes adding a new one and revoking the old one. The original question was > >about modifyuing the uid. > > I think I got the point. Deleting a UID results in loss of signatures > while revkong a UID doesn't if it signs the new UID prior to being deleted. No. Deleting a UID results in loss of signatures on that UID (deleting a UID actually removes the signatures completely so they're really lost). Revoking a UID also results in loss of signatures on that UID. They're not deleted, but they are ignored from then on. Signing a UID with another UID is not a meaningful statement. UIDs don't sign. > What about creating an empty uid, i.e. without any email address and > requesting people to sign that uid in addition to respective UIDs with > email address? Some people do this, and it can be useful in certain places (signing keys), but it does not resolve the "this key is untrusted - use it anyway?" question unless people select the key using the empty UID. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subkey revocation means losing signatures?
hi, > >yes adding a new one and revoking the old one. The original question was about >modifyuing the uid. I think I got the point. Deleting a UID results in loss of signatures while revkong a UID doesn't if it signs the new UID prior to being deleted. What about creating an empty uid, i.e. without any email address and requesting people to sign that uid in addition to respective UIDs with email address? -- Realos ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Gnupg-users Digest, Vol 25, Issue 16
On Tue, 18 Oct 2005 09:33:11 -0500, Zhou, Mike said: > Can GnuPG import X.509 certificate/pubkey ? Only the 1.9 branch of GnuPG supports S/MIME. You need to use gpgsm and not gpg then. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
