[no subject]
Anybody got any idea why my non-root admin user's ~/.gnupg directory is or should be owned by root? This is on a Mac, where root logins are generally disabled, so that, for instance, we install with sudo make install. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: acl on .gnupg directory on mac
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Joel Rees wrote on 07.02.2009 9:35 Uhr: Anybody got any idea why my non-root admin user's ~/.gnupg directory is or should be owned by root? No idea. This is what I have: drwx-- 85 luddwich staff 2890 7 Feb 12:27 .gnupg This is on a Mac, where root logins are generally disabled, so that, for instance, we install with sudo make install. That's common practice. Do you have any new $Phantastic-tool installed or used? Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSY1xUlYnpxVXVowdAQoOawgApuPmCf2WbmyYSa9j/5+bPKBjoi6c46JG Efjq6MNDPf3Yjl8HtakG00Igu1VrmLqmokSFYVefTl1pz0zhPCA4s/zs34LuJyh5 CwvkJOZ2TZjbUUyU5DW88xaQyI2o0NvhbgH0McRk2bqXm7/pDAOz8g9U9+GnCPUa g/iMDNyN7c12cpCZIMg4drvFFBtMyJRU4vin6xixRB9cAovMNOqHS5gyOtaM/B5f Sjs9I7l1FN4J2LQyjx1OFqwiK8WNoY8QBOEROGpahYZCPVLwc2WmkT/ZxNADunsc m6350SNlI3sb7vs1gcs/NIU2/fSvtU5S0TF09359aaTB7KtNAeP1Ag== =vY4v -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ~/.gnupg owned by root
On 17:35, Sat 07 Feb 09, Joel Rees wrote: Anybody got any idea why my non-root admin user's ~/.gnupg directory is or should be owned by root? Maybe you did use gpg via sudo. It shouldn't be owned by root. Thomas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Need a command to suppress
On Friday 06 February 2009, Chris Babcock wrote: On Wed, 4 Feb 2009 06:11:32 -0800 (PST) raj raj kayr...@yahoo.com wrote: Is there are command to supress these 2 lines. gpg: Signature made using DSA key ID gpg: Good signature xx.com It would help if you'd tell us why you want to suppress those 2 lines. Add ' | grep -v Signature made | grep -v Good signature ' to the end of the command. Using grep -v inverts the match so only lines that do *not* contain the matching text are passed to stdout. Of course that's no help for Windows, but... It's also no help on other OS because those grep's would also eliminate the two above lines. I think a much better solution is usage of --status-fd or --status-file (--status-file /dev/null ?). Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ~/.gnupg owned by root
On 平成 21/02/07, at 20:53, tho...@bohnomat.de wrote: On 17:35, Sat 07 Feb 09, Joel Rees wrote: Anybody got any idea why my non-root admin user's ~/.gnupg directory is or should be owned by root? Maybe you did use gpg via sudo. It shouldn't be owned by root. I think my first use was as my admin login. I don't think I did the make check via sudo, but I might have. I chown-ed it to the user. I suppose I should look inside and see if I can tell what I did from what's there. Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Need a command to suppress
On Sat, 07 Feb 2009 13:21:23 +0100 Ingo Klöcker kloec...@kde.org wrote: Is there are command to supress these 2 lines. gpg: Signature made using DSA key ID gpg: Good signature xx.com It would help if you'd tell us why you want to suppress those 2 lines. Add ' | grep -v Signature made | grep -v Good signature ' to the end of the command. Using grep -v inverts the match so only lines that do *not* contain the matching text are passed to stdout. Of course that's no help for Windows, but... It's also no help on other OS because those grep's would also eliminate the two above lines. I think you missed the meaning of suppress and/or invert. Might be a language issue. Don't trust me. Test it on some text with a known good signature and fix the targets if you get any unwanted matches. Best, Chris signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Need a command to suppress
On Sat, Feb 07, 2009 at 07:46:41AM -0700, Chris Babcock wrote: On Sat, 07 Feb 2009 13:21:23 +0100 Ingo Kl??cker kloec...@kde.org wrote: Is there are command to supress these 2 lines. gpg: Signature made using DSA key ID gpg: Good signature xx.com It would help if you'd tell us why you want to suppress those 2 lines. Add ' | grep -v Signature made | grep -v Good signature ' to the end of the command. Using grep -v inverts the match so only lines that do *not* contain the matching text are passed to stdout. Of course that's no help for Windows, but... It's also no help on other OS because those grep's would also eliminate the two above lines. I think you missed the meaning of suppress and/or invert. Might be a language issue. Don't trust me. Test it on some text with a known good signature and fix the targets if you get any unwanted matches. I think what Ingo meant was that these greps might do both more and less than you actually intend them to. More: if those grep's are done on the full output of, say, gpg --decrypt or something similar, then they could also remove *actual text*, not just gpg's status output. This could be... well, let's just say bad :) Less: have you actually bothered to check the result of either gpg --verify ... | grep -v or gpg --decrypt ... | grep -v ? In both cases, gpg sends the status information to the standard error stream, NOT the standard output stream, so grep does, erm, nothing with it :) Both of those issues are addressed by Ingo's idea of using --status-fd or, even better, --status-file instead. G'luck, Peter -- Peter Pentchev r...@ringlet.netr...@space.bgr...@freebsd.org PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 The rest of this sentence is written in Thailand, on pgpy8KR435OXJ.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Copy subkeys to primary key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 For whatever reason I now have two versions of my private key one without the ELG encryption key and primary key, the other without the RSA signing key. How can I combine them so I have one secret key with both the ELG and RSA subkeys under the primary key. This is my new key sec# 1024D/BE7E87FD 2007-03-14 uid ushills (Secure email to ushills.co.uk) sec...@ushills.co.uk uid Ian Hill (Work Email) ian.h...@ayh.co.uk uid Web Ushills w...@ushills.co.uk uid Ian Hill ianjamesh...@gmail.com uid Ian Hill i...@ushills.co.uk uid Ian Hill ian.h...@turntown.co.uk ssb 2048R/4436432A 2009-02-06 This is my old key sec 1024D/BE7E87FD 2007-03-14 uid ushills (Secure email to ushills.co.uk) sec...@ushills.co.uk uid Web Ushills w...@ushills.co.uk uid Ian Hill i...@ushills.co.uk ssb 2048g/3173413E 2007-03-14 How do I copy the key 4436432A to my primary key BE7E87FD, as my new key lacks the primary key and the encryption key 3173413E. Thanks -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAgAGBQJJjcDSAAoJEGMUgg1EN0MqT/gH/2M9Km4HpV51kypdV3g+/U6t 8Fe8cqvi9w25s+diCBKhB2Sz1aWlQc/wO76vrYx3b6AK2fyChE25UbQkimr+RJwX oUVRmbcf3Xqb3dGDLnk2SJBLFrxFHM1tXLd9y+JcAWjr8ye+NL7bgBiFIFuqpXTh ghQzbTH+rkYAO8FGzICqA26rf0r0/vSkC4AFvOjKYuLikEWIZq6ou8DZDdHJXBPT dTBWCuLtC8uxXKktUrN95z6/IqA+wDJg+DYdD71HIWd9jDtkJZk5KOE5ON01J7aq Q9kVmsX3XwDENusuU1Za3VBO/oUJ9LNbKxJ9wI30VUpnkzC2MWmy8ZnxbygP3cg= =T+f4 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Copy subkeys to primary key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ian Hill escribió: For whatever reason I now have two versions of my private key one without the ELG encryption key and primary key, the other without the RSA signing key. I have another idea to try... you have been trying to import the subkeys into the key that has the primary key... What about importing the main key (and it's subkeys) into a keyring containing the subkeys? I would: 1.- Make a backup of my keyrings and trustdb. 2.- Export my main key with all it's stuff. 3.- Delete my main key (and subkeys). 4.- Import the subkeys. 5.- Import the main key. If everything goes well, and you finally have all the stuff together, I would: 6.- Export the mainkey and subkeys. 7.- Restore the backed up secring.gpg, pubring.gpg and trustdb.gpg 8.- Import the whole key (main with all the subkeys). And in future, I'd try to don't do different edit operations to my key in different machines... just in case. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJJje40AAoJEMV4f6PvczxAyoYH/2KY8vAVdg0JyMdoAydXCibx yHrr6YpPHBl5ESrnO0fY1Geo44bt22p3YytNMcJncUOezc2YFTzMVRSTl/39gBhp MKmDIWexGbFfHjNHEkWbGjRGilreeUtiIEBt2JGPk5jkD87FCBYTewvjoje4715S 2gKyXsArAhNcZQnfXumOTbYYlij2NqVcsDW310B6WSWsa7qn57qHACHYEZgkxvBN BnsNG5ckI10dsFQG5rGbvNZWLdyBbs/d+sYsCfO1n8VmwFakIczQbXCgRb/5mFl5 bFR9fBARch2oTmdo4IriU0Tup44RF06wos0QyzHWkmp/Mye1rHXBKsY3/OM5+io= =ZM1Y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(SOLVED) Re: OpenPGP card not accessible
For whom it may concern and Google cache: I found the source of trouble. I had to give one additional parameter to gpg- agent: --scdaemon-program /usr/bin/scdaemon After specifying this parameter I was able to successfully access the openPGP card with pcsc drivers and a Reiner SCT e-com. On e.g. openSUSE open /etc/X11/xdm/sys.xsession and look for the line that starts with set -- $gpgagent --sh --daemon.. add to this line: --scdaemon-program /usr/bin/scdaemon and the error described below is gone. Am Donnerstag, 5. Februar 2009 22:33:23 schrieb Malte Gell: gpg --card-edit but i cannot do anything, because GnuPG immediately exists and says there was no card gpg --card-edit first detectd the card and then suddenly says OpenPGP card is not available, though it is still in the card reader I use gpg 2.0.9 and the Reiner SCT ctapi-driver, scdaemon.conf looks like this: ctapi-driver libctapi-cyberjack.so reader-port 1 The ctapi driver seem to be the only way to access the card a little bit, but it still does not work correctly... If someone have some experience about these issues, let me know Malte Application ID ...: D276000124010101000115CB Version ..: 1.1 Manufacturer .: PPC Card Systems Serial number : 15CB Name of cardholder: [not set] Language prefs ...: de Sex ..: unspecified URL of public key : [not set] Login data ...: [not set] Signature PIN : forced Max. PIN lengths .: 254 254 254 PIN retry counter : 3 3 3 Signature counter : 0 Signature key : [none] Encryption key: [none] Authentication key: [none] General key info..: [none] Command scdaemon[19663]: updating status of slot 0 to 0x0007 scdaemon[19663]: client pid is 19662, sending signal 12 scdaemon[19663.0] DBG: - [EOF] scdaemon[19663]: handler for fd -1 terminated scdaemon[19663]: scdaemon (GnuPG) 2.0.9 stopped gpg: OpenPGP card not available: IPC write error ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
openPGP card, cant change admin pin
Hi there, i wanted to change the pins of my new card and invoked gpg --change-pin I was able to select point one, was asked for the old pin and entered the new one and affirmed. Then I chose point three change Admin PIN, but gpg said no permission!? How can I now change the admin pin and why did gpg not allow to change it? By the way, does gpg explicitly say when it needs the normal pin and the admin pin? Does th card become useless after three times wrong pin? Malte signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GPG - how to update keys to a new format?
Hello! I imported my old keys (made with PGP 2.6.3I and PGP 5.0) to my GPG keyring, but GPG didnt ask me that i want to update my old keys to a new DSA key... What can i do to convert my old keys? Sincerely, Csabi ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG - how to update keys to a new format?
I'm just guessing but I doubt you can do that; I think you need to generate new keys and revoke your old keys. Keys are cast to be impregnable which is why I suspect that the keys are not updateable. You can AFAIK add and change information; e.g., add a picture but I would be surprised if you can actually tamper with the actual generated keys. regards, gerry (lowry) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: openPGP card, cant change admin pin
Am Samstag, 7. Februar 2009 21:50:20 schrieb Malte Gell: Hi there, i wanted to change the pins of my new card and invoked gpg --change-pin I was able to select point one, was asked for the old pin and entered the new one and affirmed. Then I chose point three change Admin PIN, but gpg said no permission!? How can I now change the admin pin and why did gpg not allow to change it? gpg --card-edit passwd then asked for the PIN, default pin 123456 entered asked for the new pin, new pin entered twice and then this Error changing the PIN: Conditions of use not satisfied When I try to change the admin pin something similar, permission denied. What is wrong, why can't I change the pins? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG - how to update keys to a new format?
Csabi wrote: What can i do to convert my old keys? You are going to be better served by generating a new keypair. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users