Re: ACS APG8201-B2

most recent call last): File "/mnt/c/Users/Felix/Downloads/./pinpadtest.py", line 378, in main(who, method, add_a_byte, pinmin, pinmax, change_by_two_steps, fixed) File "/mnt/c/Users/Felix/Downloads/./pinpadtest.py", line 224, in main

Re: ACS APG8201-B2

No idea what to do. Guess I’ll fix my modded SPR332 and continue using that. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: ACS APG8201-B2

Thank you, Werner! I attached the log. When grepping for “pin”, I find (prefix stripped): DBG: ccid-driver: bPINSupport 3 verification modification PIN-Block-2 : no DBG: asking for PIN '||Please unlock the card%0A%0A\x1eNumber\x1f: 0005 64D5%0AHolder\x1f: Felix Klee

Re: ACS APG8201-B2

Is there anything I can try, or is the pinpad on the ACS APG8201-B2 simply not supported? ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

ACS APG8201-B2

I got a nice little portable card reader with pinpad, the ACS [APG8201-B2][1]. `gpg --card-status` works fine with my OpenPGP card. The problem is that when I try to decrypt a file, then GnuPG asks for the PIN using `/usr/bin/pinentry-gtk-2`. *How do I make GnuPG ask for the PIN via the pinpad?*

Re: Cannot export SSH public key

nd_send_pubkey: signing failed for RSA "cardno:18 698 015" from agent: agent refused operation sign_and_send_pubkey: signing failed for RSA "(none)" from agent: agent refused operation felix@some_server: Permission denied (publickey). After starting `tmux`, whic

Re: Cannot export SSH public key

On Fri, Nov 24, 2023 at 9:09 AM Felix E. Klee wrote: > In addition, I need: > > gpg-connect-agent updatestartuptty /bye or otherwise, I get no PIN entry dialog / prompt ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.

Re: gpg --card-status

On Sat, Dec 30, 2023 at 11:30 PM Felix E. Klee wrote: > Example output with line numbers: > > 01 Reader ...: Yubico YubiKey CCID 00 00 > 02 Application ID ...: D276000124010304000618698015 > 03 Application type .: OpenPGP > 04 Version ..

Re: Cannot export SSH public key

1736 created : 2023-06-29 03:50:43 Authentication key: 9DFF AD98 566A 604F 7290 7C24 32B1 06F6 877C C64B created : 2023-11-22 15:14:14 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) sec> rsa4096/1BE349D11B6ED

Re: Cannot export SSH public key

1736 created : 2023-06-29 03:50:43 Authentication key: 9DFF AD98 566A 604F 7290 7C24 32B1 06F6 877C C64B created : 2023-11-22 15:14:14 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) sec> rsa4096/1BE349D11B6ED

gpg --card-status

21 created : 2023-06-29 03:50:43 22 Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E D589 23 created : 2023-06-29 03:50:43 24 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 Felix E. Klee (YubiKey) 25 sec> rsa4

Re: Cannot export SSH public key

--list-keys --keyid-format LONG yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] sub rsa4096/32B106F6877CC64B 2023-11

Re: Cannot export SSH public key

$ gpg --list-keys --keyid-format LONG yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] sub rsa4096/32B106F6877CC64B 2

Re: Cannot export SSH public key

never $ gpg --list-keys --keyid-format LONG --with-keygrip yubi...@f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix E. Klee (YubiKey)

Re: Cannot export SSH public key

On Thu, Nov 23, 2023 at 10:17 AM Felix E. Klee wrote: > Can you explain why the output of `ssh-add -L` did not change? Also > why is it not the same as the output from `gpg --export-ssh-key > yubi...@f76.eu`? OK, I may have found the issue: $ grep -rl Use-for-ssh ~/.gnupg/private-

Re: Cannot export SSH public key

On Thu, Nov 23, 2023 at 2:19 PM Stephan Verbücheln via Gnupg-users wrote: > Host gitlab.com > HostName gitlab.com > User git > IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh Thanks, that works. Even the variable is expanded. In addition, I need: gpg-connect-agent updates

Re: Cannot export SSH public key

orrect? Does it match what > you see with > > ssh-add -L Output: $ gpg -k --with-keygrip yubi...@f76.eu pub rsa4096 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix

Re: Cannot export SSH public key

29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make tha

Re: Cannot export SSH public key

29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make tha

Cannot export SSH public key

iry (never) However, I cannot export it for SSH: $ gpg --list-keys --keyid-format SHORT yubi...@f76.eu pub rsa4096/1B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29

Re: Finding all files encrypted with a certain key

On Wed, Oct 25, 2023 at 9:23 PM Werner Koch wrote: > > gpg: decryption failed: No secret key > > > > I wonder how to get rid of that. > > grep -v on stderr ;-). Thanks, I was thinking about that. But I think simply using find, as suggested by Andrew and raf, is sufficient and simple. > I thi

Re: Finding all files encrypted with a certain key

On Tue, Oct 24, 2023 at 5:12 PM Andrew Gallagher wrote: > GNU `file` will print the encryption key ID: Interesting. I wonder if there is any disadvantage of using `file` over Werner’s proposal. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https:/

Re: Finding all files encrypted with a certain key

On Wed, Oct 25, 2023 at 10:08 AM raf via Gnupg-users wrote: > > How do I do that for a massive directory tree? > > With my rawhide (rh) program (github.com/raforg/rawhide) you can do it > with something like this: > > rh /path '"*.gpg" && "*PGP*encrypted*BEF6EFD3 8FE8DCA0*".what' Very interestin

Re: Finding all files encrypted with a certain key

On Tue, Oct 24, 2023 at 5:21 PM Werner Koch wrote: > encrypted-to-me-p.sh > --8<---cut here---start->8--- > #/bin/sh > gpg -d --status-fd 1 -o /dev/null 2>/dev/null "$1" | awk ' > $1=="[GNUPG:]" && $2=="ENC_TO" && $3=="BEF6EFD38FE8DCA0" {print $1; exit 0}' > --

Finding all files encrypted with a certain key

For the purpose of re-encryption with a new key, I’d like to find all files that are encrypted with my key BEF6EFD38FE8DCA0. All encrypted files, independent of key, have the extension `.gpg`. How do I do that for a massive directory tree? ___ Gnupg-use

Re: YubiKey/OpenPGP card connection issues for non-root user

The issue persists. Sometimes the readers (just now the YubiKey) are not visible to the user. But they are always to root k. I then disabled the PC/SC daemon: [felix@felix-arch ~]$ sudo systemctl disable pcscd Removed "/etc/systemd/system/sockets.target.wants/pcscd.socket".

Re: YubiKey/OpenPGP card connection issues for non-root user

On Mon, Aug 7, 2023 at 3:30 PM Werner Koch wrote: > > I also tried killing root’s gpg-agent, to avoid conflicts with that > > of the user, but that didn’t help either. > > Right a second scdaemon might have grabbed the device. If you don't > need it as root put into root's gpg-agent.conf "disable-

Re: YubiKey/OpenPGP card connection issues for non-root user

cations and other cards, as well as your > use of OpenPGP smartcard for GnuPG), please make sure that you > configure the PC/SC service correctly. Indeed it was not properly set up: [felix@felix-arch ~]$ opensc-tool -l No smart card readers found. I added a Polkit rule following

Re: YubiKey/OpenPGP card connection issues for non-root user

Windows 10 host: usb.autoConnect.device0 = "0x04e6:0xe003" […] usb.autoConnect.device7 = "0x1050:0x0404" > dmesg -w I just played around. After unplugging the YubiKey, I connected the SPR332: [felix@felix-arch ~]$ sudo dmesg -w […] [ 5135.728320] usb 2-1: new full-speed

YubiKey/OpenPGP card connection issues for non-root user

it seems that sometimes they don't trigger, or only with a long delay. [felix@felix-arch ~]$ cd /etc/udev/rules.d/ [felix@felix-arch rules.d]$ cat 70-yubikey.rules # YubiKey Support # ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="1050",

Re: Use multi-usage key in authentication slot on HW-key for encryption

Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Use multi-usage key in authentication slot on HW-key for encryption

PIV-card simultaneously? Regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: --export-filter not working

Thanks Ingo, I'll do that (or setup the GPG-code myself to hunt for the bug if holidays permit). Regards, Felix Am 15.04.22 um 16:29 schrieb Ingo Klöcker: On Donnerstag, 14. April 2022 23:27:21 CEST Felix Mayr via Gnupg-users wrote: Hello all, so I try to create a file with my p

Use multi-usage key in authentication slot on HW-key for encryption

d choice in GPG or am I doing something wrong? If it's not possible with the smartcard: can I use the PIV-mode of the yubikey for that purpose? Regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

--export-filter not working

esn't produce anything usable: https://dev.gnupg.org/rG86b64876bef0d8c4be8e309fcf3e2ce21e65a947 Notably, importing the resulting file on another machine, there are no subkeys at all (gpg --list-keys)! Am I doing/understanding something wrong? Best wis

Re: YubiKey 5C NFC not detected

Werner Koch via Gnupg-users writes: > scdaemon does not see any reader. That might simply due to another > process which uses the reader (the yubikey tools). None the wiser: $ cat ~/.gnupg/scdaemon.conf debug cardio verbose log-file /tmp/scd.log pcsc-shared $ gpgconf --k

Re: YubiKey 5C NFC not detected

Ingo Klöcker writes: > $ echo scd getinfo reader_list | gpg-connect-agent --decode $ ykman config usb -l OTP FIDO U2F FIDO2 OATH PIV OpenPGP YubiHSM Auth $ gpgconf --kill gpg-agent $ echo scd getinfo reader_list | gpg-connect-agent --decode OK :( > I

Re: YubiKey 5C NFC not detected

Ingo Klöcker writes: > Are you sure "Yubico Yubi" is the correct value for the reader-port > option? It’s what is suggested in the official [Troubleshooting Issues with GPG][1]. They also suggest: Yubico Yubikey That doesn’t work either. As I realized before, their guides are not up to da

YubiKey 5C NFC not detected

I would like to set up a YubiKey 5C NFC for SSH, but it doesn’t get detected by GnuPG: $ ykman config usb -l OTP FIDO U2F FIDO2 OATH PIV OpenPGP YubiHSM Auth $ cat .gnupg/scdaemon.conf reader-port Yubico Yubi $ gpgconf --kill gpg-agent $ ps x | grep

Re: Limit access to unlocked OpenPGP SmartCard?

Well, I think I could extend my SPR332 [mod][1]: * Add a push-button that one has to press to close the C7 circuit for I/O. Without that button pressed, the smart card cannot communicate with the reader. That means, for every operation, one would need to hold that button, kind of –

Re: Limit access to unlocked OpenPGP SmartCard?

Jacob Bachmeyer via Gnupg-users writes: >> After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], […] > > Does your smartcard reader have its own keypad for entering the PIN? yes ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://list

Re: Limit access to unlocked OpenPGP SmartCard?

On Thu, 27 Jan 2022 at 14:54, Matthias Apitz wrote: > gpgconf --reload scdaemon Gotta try that, maybe execute it with a timer, better than nothing. Best would be if the card itself could be configured to only do a certain number of operations after being unlocked. I think everything else is pret

Limit access to unlocked OpenPGP SmartCard?

After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], I can use it to decrypt as many files as I want. While this is convenient, it is not great if the system is compromised and I forget to unplug the card reader. Is there any way to limit how long the OpenPGP SmartCard remains unlocked

Re: Decrypting fails unless card status

On Tue, 15 Dec 2020 at 19:45, MFPA <2017-r3sgs86x8e-lists-gro...@riseup.net> wrote: > Is that a consequence of using a card? No. I do have an accessible private key, but it’s more than 9,000 km away, and traveling is not so easy these days. ___ Gnupg-us

Decrypting fails unless card status

-01 00:00:00 gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2016-12-17 "Felix E. Klee " gpg: public key decryption failed: Invalid ID gpg: decryption failed: No secret key Note that I have to run with faked system time since I cannot extend th

Re: In case you use OpenPGP on a smartphone ...

https://arstechnica.com/information-technology/2016/12/op-ed-im-giving-up-on-pgp/ > > -Ryan McGinnis > http://www.bigstormpicture.com > PGP Fingerprint: 5C73 8727 EE58 786A 777C 4F1D B5AA 3FA3 486E D7AD > > > Sent from ProtonMail Mobile > > > On Wed, Aug 12, 2020 at 13:07, Fel

Re: In case you use OpenPGP on a smartphone ...

I'm not sure that there are solutions orders of magnitude more secure that are available readily. Also people tend to get emails on the go as well that might be encrypted. It's convenient to decrypt emails on a smartphone and not really that insecure if you're using an external device for actual k

Re: In case you use OpenPGP on a smartphone ...

Just adding my 2 cents to this discussion. I think it doesn't matter what sort of spyware potentially exists somewhere out there for some phone, what matters is whether it is on your phone. This isn't really about the security of OpenPGP either but about a fundamental trust in the things we use b

Re: Backup of Keys

ember. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I&#

Re: Backup of Keys

On 20200524, Peter Lebbing wrote: Hi, On 24/05/2020 16:05, Felix Finch wrote: Out of curiosity ... how safe are these files as is, assuming the private key file has a good strong passphrase? The safety of the private key purely depends on the strength of the passphrase. Note that backups

Re: Backup of Keys

tolen, how much damage can be done? How hard is it to crack a good passphrase? I realize that's kind of a loose question, and "strong passphrase" doesn't help. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repa

Re: Passphrase window freezes my DE's panel - is this a bug?

or me. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've run out of room o ___

Re: 0.332

On Mon, Feb 11, 2019 at 12:17 PM Gerd v. Egidy wrote: > How does it compare size-wise to the cyberJack one from Reiner SCT? * cyberJack RFID standard: 62 x 95 x 13 mm * 0.332 enclosure: 69 × 111 × 13 mm It could be fun to replace the pin pad by a smaller one and create a custom bo

0.332

FYI: https://github.com/feklee/0.332 This is a mod of the SCM SPR332 v2 smart card reader, making it smaller and lighter. For quite a while I have regularly been using it with my phone: https://gist.github.com/feklee/92f76d2c8a7cabc477360d82b5305c19 _

Chance to get --with-agent-s2k-calibration=MSEC into stable branch?

familiar with the process how commits get selected for inclusion into the stable branch. Is there a chance that it will make it into gnupg stable anytime soon? Thanks Felix To recall: This issue applies to contexts like gnupg being called internally by postgresql where there is no agent, so the

Re: Performance regression for gnupg v2 keys

an old key the first time or > when you import it to gpg the key is re-encrypted so that it takes > that long. With the above build-time setting applied, do all previously generated (slow) keys have to be recreated or is this delay gone with a newly compiled agent/gnupg li

Re: Performance regression for gnupg v2 keys

etes within 3 sec takes 40 sec with 2.x keys. > that value can be changed at build time using the configure option > --with-agent-s2k-calibration=MSEC but not at run time. This sounds like a suitable solution. I've seen that option here [1] but it is missing in official gnupg. What

Decryption timing calibration

e of decrypt times. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last T

Re: Performance regression for gnupg v2 keys

y stays ok (fast). When I change the passphrase of an existing 1.x generated key with gpg 2.2.8, the key gets somehow updated (slow). So, besides fast/slow: What's the difference between default (rsa 2048) keys generated with 1.x and 2.x? Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Performance regression for gnupg v2 keys

Hi, I have older keys and newer keys that behave quite different in the decryption performance. Old keys: Generated with gnupg-1.4.x, rsa2048, at 2017-01-10. New keys: Generated with gnupg-2.2.8, rsa2048, some weeks ago. I've always been using the defaults for generating the keys (no --full-gen-

Re: Washington State Electronic Notary Public endorsements

pp.leg.wa.gov/RCW/default.aspx?cite=42.45.140> in the State of > Washington! Well done! Any idea how applicable your experience will be in other states? -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowf

Re: Cannot decrypt file encrypted with enQsig

DE5C6E97DA42AE8, created 2018-09-06 "Felix E. Klee " gpg: 3DES encrypted data gpg: Note: sender requested "for-your-eyes-only" So yes, 3DES! Fortunately, as can be seen above, with the custom key I was able to

Re: Communication with card reader encrypted?

Thanks for clarification! On Mon, Aug 27, 2018 at 11:51 AM, Werner Koch wrote: > The connection between the card reader and the host is not encrypted > because that would require a key setup first and that would also be > subject to key logging. The host could provide a public encryption key to

Re: Communication with card reader encrypted?

On Sun, Aug 26, 2018 at 10:41 AM, Peter Lebbing wrote: > The OpenPGP smartcard and generic smartcard protocols do define > "Secure Messaging", but I don't think this is commonly used for cabled > OpenPGP smartcards. Would be interesting to find out. > I think you'll need to trust the cable anywa

Re: Communication with card reader encrypted?

On Sun, Aug 26, 2018 at 12:31 AM, Dirk Gottschalk wrote: > This is a really interesting question. But, does this really matter > got an USB device? If there is a program on your computer, which > interceps the communication, the security of you system is already > broken. I am more thinking about

Communication with card reader encrypted?

When I decrypt a file using an OpenPGP card, is the communication between a USB card reader and the GnuPG daemon encrypted? Or: Is the decrypted session key sent unencrypted through the cable? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lis

Re: Android/Termux: How to build gpg-agent without maintainer mode?

On 8/22/18, Dirk Gottschalk wrote: > This depends on the source of your source version. If it is from a > release tarball, this shouldn't bother you. > > I only get this warning if I have compiled from the GIT repository. Uh oh, I didn’t check out a release! Changed the [build instructions][1] no

Re: Android/Termux: How to build gpg-agent without maintainer mode?

On Wed, Aug 22, 2018 at 1:08 PM, Dirk Gottschalk wrote: > There's nothing what should "bug" you. Well if I call `g10/gpg` in the build, I get a big fat warning: gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a produ

Android/Termux: How to build gpg-agent without maintainer mode?

I managed to get `gpg-agent` run with USB smart card support under Android/Termux: https://gist.github.com/feklee/92f76d2c8a7cabc477360d82b5305c19 What bugs me is that I had to compile in maintainer mode: Now I get warnings that the software should not used be used with production keys. Maintain

Re: Cannot decrypt file encrypted with enQsig

On Wed, Aug 15, 2018 at 12:13 PM, Peter Lebbing wrote: > Here's the catch: unless you have an on-disk copy of your private > encryption key, you can't. [if enQsig uses 3DES] I do have a backup of the private key, but it’s 1. out of reach at the moment and 2. it’s a pain to restore. So far, I’m st

Re: Cannot decrypt file encrypted with enQsig

gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " gpg: public key decryption failed: Missing item in object gpg: decryption failed: No secret key gpg: secmem usage: 0/32768 bytes in 0 blocks $ gpg --v

Re: Cannot decrypt file encrypted with enQsig

On Thu, Aug 2, 2018 at 2:14 PM, Peter Lebbing wrote: > So I think it's a safe bet they also screwed up the PKESK packet for > your subkey, and the error is indeed related to it not representing a > valid session key. As I would like to understand things a bit better, do you think it is possible t

Re: Cannot decrypt file encrypted with enQsig

4096-bit RSA key, ID 04FDF78D1679DD94, created 2016-12-17 "Felix E. Klee " gpg: public key decryption failed: Missing item in object gpg: decryption failed: No secret key $ gpg --list-packets new.gpg gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE

Re: Cannot decrypt file encrypted with enQsig

On Mon, Jul 30, 2018 at 12:40 PM, Felix E. Klee wrote: > “Invalid value” Same on Linux BTW (with the Cherry ST-2000). ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot decrypt file encrypted with enQsig

its] gpg: encrypted with RSA key, ID 9D8C454A43A6D2DE gpg: encrypted with RSA key, ID 92663E7CA68E4EC6 gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " gpg: public key decryption failed: Invalid value gpg: e

Re: Cannot decrypt file encrypted with enQsig

Zum Vergleich eine Datei, die ich selbst für mich verschlüsselt habe, und die ich erfolgreich entschlüsseln kann: >gpg --list-packets foo.gpg gpg: encrypted with 4096-bit RSA key, ID 04FDF78D1679DD94, created 2 016-12-17 "Felix E. Klee " # off=0 ctb=85 tag=

Re: Cannot decrypt file encrypted with enQsig

. Trying to guess what you mean .. . pub rsa4096/BEF6EFD38FE8DCA0 2016-12-17 [SC] [expires: 2018-12-17] 5EF8B6017F668171259945D6BEF6EFD38FE8DCA0 uid Felix E. Klee sub rsa4096/04FDF78D1679DD94 2016-12-17 [E] [expires: 2018-12-17] > Could you prov

Cannot decrypt file encrypted with enQsig

validity: ultimate ssb rsa4096/04FDF78D1679DD94 created: 2016-12-17 expires: 2018-12-17 usage: E card-no: 0005 4980 [ultimate] (1). Felix E. Klee The sender then prepared the encrypted file using a software called enQsig: “wir verwenden eine zentrale Gateway

Re: Empty keyring after upgrade to Ubuntu 18.04 :/

d working. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I se

Re: Upgrading 2.0.20 to 2.2.24 -- WORKING NOW

gpg: porting secret keys from '/home/felix/.gnupg/secring.gpg' to gpg-agent gpg: key 783876E9182E8151: secret key imported gpg: key 44752F7C4D3D351A: secret key imported gpg: migration succeeded gpg: key 783876E9182E8151: "Felix Finch (Scarecrow Repairman)

Re: Upgrading 2.0.20 to 2.2.24

migrated file, but also made no difference. Still can't see the secret keys or decrypt anything. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & wood chipper / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9

Re: Upgrading 2.0.20 to 2.2.24

how-unusable-* variants > > Are they listed with --list-keys ? >From the 2.0.20 machiine: $ gpg --list-secret-keys /home/felix/.gnupg/secring.gpg -- sec 1024D/182E8151 1999-12-06 uid Felix Finch (Scarecrow Repairman) ssb 2048g/A3

Re: Upgrading 2.0.20 to 2.2.24

to delete the file > ~/.gnupg/.gpg-v21-migrated so that a migration will be triggered again. Thanks -- but that didn't do the trick. $ gpg --list-secret-keys gpg: starting migration from earlier GnuPG versions gpg: porting secret keys from '/home/felix/.gnupg/secring.gpg' to

Upgrading 2.0.20 to 2.2.24

can decrypt what the Ubuntu 2.2.24 command encrypts. But the Ubuntu 2.2.24 command will not decrypt either what it just encrypted or what the gentoo 2.0.20 command encrypted: gpg: encrypted with 2048-bit ELG key, ID 18DCDD20A3362105, created -mm-dd "Felix Finch (Scar

Re: gpg: [don't know]: 1st length byte missing

Thanks, Werner! No backup, and I think there is no way to recover the password, which - in this case - is very unfortunate. :( I wonder how this happened. The drive is a Samsung EVO SSD with NTFS. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http:

Re: gpg: [don't know]: 1st length byte missing

On Sun, Oct 22, 2017 at 12:06 PM, wrote: > please list the encrypted text as part of the inline message. Thanks for pointing that out. Here you go: -BEGIN PGP ARMORED FILE- Comment: Use "gpg --dearmor" for unpacking hQIMAwT9940Wed2UAQ//X3XcOwKvauUCfRI0tqWBrf4CUs/HnzJgaLgL3snxCd0T cYr78

gpg: [don't know]: 1st length byte missing

later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Users/Felix/AppData/Roaming/gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA C

Selecting SSH Key in gpg-agent ssh-agent mode

h SSH-Keys are tried against a server? Or rather is there also a way to specifiy to first try unlocked keys? Cheers, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: suspicious key found

There was a proof of concept attack on the fingerprints a couple of years ago. The keys were revoked afterwards. TL;DR short key fingerprints are not secure at all. Also the web of trust is your friend here. Cheers, Felix On 16/05/17 15:47, Janne Inkilä wrote: I made a key search with my

Re: Mail address to account conversion (keybase.io)

ings. The presence of an ID on a public key makes no > claim as to whether the ID is usable for a particular purpose. Thanks for the opinion, I find myself agreeing. I should probably stop collecting signs on that uid on keysigning parties, though, I shouldn't bother people with sending

Re: Mail address to account conversion (keybase.io)

Excerpts from Christian Heinrich's message of 2017-01-26 09:19:42 +1100: > On Thu, Jan 26, 2017 at 1:51 AM, Felix Van der Jeugt > wrote: > > Recently, keybase.io stopped their email forwarding service. Now, my > > noc...@keybase.io uid can no longer receive email. I'd

Mail address to account conversion (keybase.io)

id because the email address is invalid? It's nice to have a reference to the account in my key, though. Any advice on this would be welcome. Sincerely, Felix signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users

Using GPGAgent as SSHAgent on Windows with cygwin/mingw

So I am currently trying to get gpg-agent to play nice with ssh on Windows. I'm running gpg version 2.1.15. Using Linux I was able to get everything to run the way I want by adding enable-ssh-support to the agent config and setting the environment variable SSH_AUTH_SOCK to the gpg agents ssh soc

Re: gpg: KEYTOCARD failed: Unusable secret key

On Tue, Jul 26, 2016 at 1:22 PM, Andrew Gallagher wrote: > If you want to keep a backup copy on local disk, you need to quit > *without saving* immediately after running 'keytocard'. Hitting to quit did the trick. Now I could copy the key – a new one – to two cards. Thanks for the suggestion! B

Re: gpg: KEYTOCARD failed: Unusable secret key

c> rsa4096 2016-07-26 [SC] [expires: …] AFADB5A… Card serial no. = … uid [ultimate] Felix … ssb> rsa4096 2016-07-26 [E] [expires: …] Also I can export the private key: # gpg --armor --export-secret-keys | wc -l 53 So it seems

gpg: KEYTOCARD failed: Unusable secret key

Successfully moved a key to an [OpenPGP-Card][1]. Now, as backup, I want to install the key to a second card, but that failed: # gpg --edit-key $KEY [...] gpg> toggle [...] ggp> keytocard Really move the primary key? (y/N) y [...] Please select where to store the ke

Creating key stubs from smartcard without public key

be created from the keys stored on the Yubikey or any smartcard itself? Best regards, Felix ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How to export ASCII armored secret key without passphrase?

On Wed, Jan 20, 2016 at 6:13 PM, Peter Lebbing wrote: > $ gpg2 --export-secret-keys | gpg --import Thanks! On my system, Arch, that’s: $ gpg --export-secret-keys | gpg1 --import ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg

How to export ASCII armored secret key without passphrase?

There’s a known issue: Is there any workaround? For example, could I export an ASCII armored key with a passphrase, then decrypt the exported key? Command that failed without passphrase (the key doesn't have one): $ gpg --armor --export-secret-keys >k

Re: Generating 4096 bit key fails – why?

After the second attempt with GnuPG 2.1.10, I got all three 4096 bit keys generated on card, which took a while: > admin […] > generate […] gpg: key 28C1B3D1 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 m

  1   2   >