Re: verifying rpms - public key not found
On Fri, 2009-07-03 at 11:37 -0400, John W. Moore III wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Chris wrote: > > > Why is my old email address still shown? > > Is the UID with Your 'old' address still on Your Key? You may wish to > Set Your new address as the Primary UID and then revoke the UID with the > 'old' address. > > HTH > > JOHN ;) Hi John, I found out the problem with after I was hit in the head with a 2x4, apparently something was wrong with my secring.gpg file. I copied from my backup over to the ~/.gnupg folder and everything looks ok again. I was even able to sign my clamav rpms: [ch...@localhost i586]$ gpg -K gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/secring.gpg -- sec 1024D/98E6705C 2005-11-23 uid Chris Pollock uid Chris Pollock (New email address as of 04/21/07) ssb 2048g/F5604046 2005-11-23 [ch...@localhost i586]$ rpm -v --checksig clamd-0.95.2-1mdv2009.1.i586.rpm clamd-0.95.2-1mdv2009.1.i586.rpm: Header V4 DSA signature: OK, key ID 98e6705c Header SHA1 digest: OK (975c02d67357a42e5698b3050deadae945434be7) MD5 digest: OK (424750ca8fe413cfc997cb41683c99cb) V4 DSA signature: OK, key ID 98e6705c Thanks again to you and everyone else who replied to this thread. One thing for sure backups definitely come in handy! Chris -- KeyID 0xE372A7DA98E6705C signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg2 does not detect smart card adapter
> and then enter at the prompt > > SCD GETINFO version > BYE I retrieve: "ERR 103 unknown command" > But better update gnupg or wait a few days until 2.0.13 will be > released. Okay. I was told that you also will release 1.4.10 with support for the OpenPGP Card V2. Do you have any schedule when this will be available? Regards Jan > Salam-Shalom, > >Werner > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg2 does not detect smart card adapter
On Fri, 3 Jul 2009 17:33, jan.s...@privacyfoundation.de said: > I get the following message: > "Aufruf: gpg-connect-agent [Optionen] (-h für Hilfe)" That is a petty old version of GnuPG. You may want to resort to gpg-connect-agent and then enter at the prompt SCD GETINFO version BYE But better update gnupg or wait a few days until 2.0.13 will be released. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg2 does not detect smart card adapter
>>>gpg-connect-agent 'SCD getinfo version' /bye >> Executing this command does not work. gpg-connect-agent says it got >> wrong arguments. Or do you mean to replace 'SCD getinfo version' by > > See: > > $ gpg-connect-agent 'SCD getinfo version' /bye > D 2.0.13-svn5056 > OK > > Please give the exact error message. Anyway I think scdaemon is not > installed and thus gpg-agent can't run it. I get the following message: "Aufruf: gpg-connect-agent [Optionen] (-h für Hilfe)" What to do? >> Non-root users have read access only - to any USB device. It guess >> that pcscd has root privileges; so this is fine? > > If you are using pcscd, it needs access to the reader as well. If it is > really running under the root account, that should work. If you are > using the internal ccid-driver of scdameon, you (i.e. scdaemon) needs > write permissions to the smartcard reader device. Hopefully we will get this ok when the above problem is solved. >>> Restart scdaemon (Use "kill" or with the latest GnuPG versions: >>> "gpgconf--reload scdaemon"). >> Is "/etc/init.d/pcscd restart" doing the same job? > > Nope, pcscd and scdaemon are distinct programs. Scdaemon is part of > gpg-agent; the reload is only required to make it re-read thye > configuration file. > > > Shalom-Salam, > >Werner > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: verifying rpms - public key not found
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Chris wrote: > Why is my old email address still shown? Is the UID with Your 'old' address still on Your Key? You may wish to Set Your new address as the Primary UID and then revoke the UID with the 'old' address. HTH JOHN ;) Timestamp: Friday 03 Jul 2009, 11:37 --400 (Eastern Daylight Time) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10-svn5046: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKTiW1AAoJEBCGy9eAtCsPy6EIAIRK8j1YBGDi5SxaLW/c/caA H1SZQEguI1cFXzBrUVp2Zt38x1UcqVdLPPHb9ZXgSWs5hRYGwvSY8wLUOmZTP3Dv dFwxhy0Ii0uuOPlmG/SjWe5d/4Ns5tezielJRZmhE6JZ5aCHvdjeMcgapLLkuvGS Qiyw9W8zlxtNRNU9/DWUBQpuiCwn0Z8UfKlNdYHMIvdPqfPoF7SVWN+nhwseLCZX yQGb+KOQKboOYwDTExXcrFr6/RtR/uqmjfIl7paoAqlu1gxbxV1n+VIBXeMnAOuO 49B2Cai/G+UpalEKIh32PaQloHKBW3TAjoTvEXuhQS6T2fxIf6gUR28eHShjBoA= =MtrV -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Not able to locate how keys are configured (GNUPG)
Hi I am using this GNUPG tool on windows 2000 and I found that the keys are located in the C drive in a folder but I am not able to find how these keys are connected with the tool, and they have multiple keys in the C drive in different folders. I found that configuration file is also not there in GNU/GNUPG can you please tell me where to check and what to do. *I am new to this Tool* Thanks & Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg2 does not detect smart card adapter
Hi! > Is the gpg-agent running? Run "gpg-agent" and it will tell you. yes, running and ready. > Is the scdaemon installed? Run Do you mean pcscd? Yes it is installed and running. >gpg-connect-agent 'SCD getinfo version' /bye Executing this command does not work. gpg-connect-agent says it got wrong arguments. Or do you mean to replace 'SCD getinfo version' by the version number of pcscd? > This should display the version number of the scdaemon. Check > permissions of the reader (/dev/bus/usb/NNN/MMM), you need to have write > access Non-root users have read access only - to any USB device. It guess that pcscd has root privileges; so this is fine? > If that is all fine, you need to enable debugging: Add these lines to > ~/.gnupg/scdaemon.conf: This file did not exist yet so I created it. > debug 1024 > debug 2048 > log-file /foo/bar/scdaemon.log > > Restart scdaemon (Use "kill" or with the latest GnuPG versions: > "gpgconf--reload scdaemon"). Is "/etc/init.d/pcscd restart" doing the same job? Regards Jan > > Salam-Shalom, > >Werner > > > > -- > Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. > > > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Question of a beginner: DSA/ElGamal or RSA/Elgamal with a higher number of encryption?
I've now chosen RSA 4096/4096 because your answers are plausible to me. Thank you for helping me! Alexander Delau Alexander Delau wrote: > > I'm a beginner in encrypting E-Mails. It would bei nice if you could help > me in my question: > > I want to use GnuPG with a masterkey (to sign) and a subkey (to encrypt) > on Windows XP (GnuPG 1.4.9) and Ubuntu (GnuPG ?.?.?). > > Now I'm not sure, what keys i should use after typing "gpg --gen-key > --expert" and what keys are secure. > > DSA/ElGamal: It's the default setting, but DSA only encrypts with 1024bit. > DSA2: I don't know if it's compatible with other versions. > RSA/ElGamal: RSA can encrypt with 4096bit, but I read that it is more > unsecure than DSA. > > So can I use the default setting DSA/ElGamal 1024/4096 or should I use RSA > with a higher bit number? > > Thank you for your help. > > Best greetings from Germany > Alexander Delau > -- View this message in context: http://www.nabble.com/Question-of-a-beginner%3A-DSA-ElGamal-or-RSA-Elgamal-with-a-higher-number-of-encryption--tp24200816p24250530.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: verifying rpms - public key not found
On Fri, 2009-07-03 at 09:57 +0200, Michel Messerschmidt wrote: > On Fri, July 3, 2009 07:21, Daniel Kahn Gillmor wrote: > > On 07/03/2009 12:04 AM, Chris wrote: > >> [ch...@localhost ~]$ gpg > >> --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm > >> gpg: using PGP trust model > >> gpg: key 98E6705C: accepted as trusted key > >> gpg: error reading key: public key not found > > > > You're probably interested in something like gpg --verify, but i don't > > know exactly how signed .rpms work (i work with .debs mostly, which have > > external signatures), so hopefully someone else can pipe up with the > > specifics. > > rpm provides its own verification command: > rpm -v --checksig > > It won't succeed though if your key is only available in the gnupg keyring > but was not imported into the rpm database - that's what the "rpm --import" > command is used for). > > > Michel > Thank you Michel, I was using the wrong command. [ch...@localhost ~]$ rpm -v --checksig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm: Header V4 DSA signature: OK, key ID 98e6705c Header SHA1 digest: OK (bb1fc6b767ada68c62ee0c077aa44ccebfe0813d) MD5 digest: OK (90f2920ee1c6855c8657928d31a2dacd) V4 DSA signature: OK, key ID 98e6705c And now I see that when trying to sign an rpm I get: [ch...@localhost ~]$ rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec Enter pass phrase: gpg: skipped "Chris Pollock (New email address as of 04/21/07) ": secret key not available gpg: signing failed: secret key not available Pass phrase check failed I'm confused now as to why it says this, --list-keys shows this: [ch...@localhost ~]$ gpg --list-keys cpoll...@embarqmail.com gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) uid Chris Pollock sub 2048g/F5604046 2005-11-23 Thought I'd re-import my secret key and get this: gpg: sec 1024D/98E6705C 2005-11-23 Chris Pollock gpg: key 98E6705C: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 Why is my old email address still shown? Chris -- KeyID 0xE372A7DA98E6705C signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: verifying rpms - public key not found
On Fri, July 3, 2009 07:21, Daniel Kahn Gillmor wrote: > On 07/03/2009 12:04 AM, Chris wrote: >> [ch...@localhost ~]$ gpg >> --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm >> gpg: using PGP trust model >> gpg: key 98E6705C: accepted as trusted key >> gpg: error reading key: public key not found > > You're probably interested in something like gpg --verify, but i don't > know exactly how signed .rpms work (i work with .debs mostly, which have > external signatures), so hopefully someone else can pipe up with the > specifics. rpm provides its own verification command: rpm -v --checksig It won't succeed though if your key is only available in the gnupg keyring but was not imported into the rpm database - that's what the "rpm --import" command is used for). Michel ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users