Re: Incorrect general key info, for key on Yubikey NEO
On 06/05/15 11:29, Werner Koch wrote: What gpg version is that? I can confirm this behaviour with multiple versions. On a Debian wheezy/oldstable, normal gnupg2 package, with surgically altered secret key such that the primary key is on one card, and the subkeys are on another: - 8 8 - $ gpg2 --version gpg (GnuPG) 2.0.19 libgcrypt 1.5.0 [...] $ gpg2 --card-status Application ID ...: D2760001240102050241 Version ..: 2.0 Manufacturer .: ZeitControl Serial number : 0241 [...] Signature key : 6500 8DC2 20AA E2A2 574D 6CD5 969E 018F DE6C DCA1 created : 2009-11-12 13:15:07 Encryption key: 2E0F 8C51 BC77 58A3 3795 79D9 26F7 563E 73A3 3BEE created : 2009-11-12 13:15:36 Authentication key: A87C F55C 8435 36F3 1CBC C63C 4FBB CA40 B65D 8246 created : 2009-12-05 13:59:13 General key info..: pub 2048R/DE6CDCA1 2009-11-12 Peter Lebbing pe...@digitalbrains.com sec 2048R/DE500B3E created: 2009-11-12 expires: 2015-10-27 card-no: 0005 0274 ssb 2048R/DE6CDCA1 created: 2009-11-12 expires: 2015-10-27 card-no: 0005 0241 ssb 2048R/73A33BEE created: 2009-11-12 expires: 2015-10-27 card-no: 0005 0241 ssb 2048R/B65D8246 created: 2009-12-05 expires: 2015-10-27 card-no: 0005 0241 - 8 8 - And on a Debian jessie/stable, gnupg2 package from experimental: - 8 8 - $ gpg2 --version gpg (GnuPG) 2.1.2 libgcrypt 1.6.3 [...] $ gpg2 --card-status Application ID ...: D2760001240102051112 Version ..: 2.0 Manufacturer .: ZeitControl Serial number : 1112 [...] Signature key : 6500 8DC2 20AA E2A2 574D 6CD5 969E 018F DE6C DCA1 created : 2009-11-12 13:15:07 Encryption key: 2E0F 8C51 BC77 58A3 3795 79D9 26F7 563E 73A3 3BEE created : 2009-11-12 13:15:36 Authentication key: [none] General key info..: pub rsa2048/DE6CDCA1 2009-11-12 Peter Lebbing peter@digitalb .com sec rsa2048/DE500B3E created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/DE6CDCA1 created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/73A33BEE created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/B65D8246 created: 2009-12-05 expires: 2015-10-27 - 8 8 - This latter installation also uses the card with serial 274 for the primary key. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Incorrect general key info, for key on Yubikey NEO
On Mon, 4 May 2015 23:05, te...@elde.net said: Output from gpg --card-status is as follows: What gpg version is that? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Incorrect general key info, for key on Yubikey NEO
On Wed, 6 May 2015 12:00, pe...@digitalbrains.com said: And on a Debian jessie/stable, gnupg2 package from experimental: My fault. I missed the call to print_pubkey_info and looked only for the detailed listing below. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Subject: Opening a gpg file format in read and write mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jaboatão dos Guararapes, PE, Brazil, may 06, 2015. Subject: Opening a gpg file format in read and write mode Hi everyone. I want to open a file called passwords.txt.gpg and editing it directly. The mentioned file holds a password list and I prefer not to decrypt it, that is, I want to read it directly in gpg format itself. I believe it is possible reading, editing and writing directly in gpg file format itself without decrypting it, provided that GnuPG itself does the same thing on the public keyring (pubring.gpg), on the secret keyring (secring.gpg) and on the trust database (trustdb.gpg). I hope I had made myself clear enought. Best regards. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.18 (GNU/Linux) iQEcBAEBCAAGBQJVSfRvAAoJECrgJcAIqGGA9TYIAI0k7bkuz8fGA4PKuxWweh4d uFi42d/qjorhPoOYcK+1MOUeQIXqPWCn4/WCojltrDrW1SUY9e7IxJnmaK1L52Wi zZyDPMs5JKVkZBrNzb/GB1/ZSb5QTDxqe/zc3vNSuupQ2tJ9SFx0b/BMbkxAd8PT /iTYkNYEc6M9sGLFk2CN7SdKMlEH+o2wtvoJCJJXJCF1aE7/SGJWhj1JMHFycv1x Nl4h1YSS5kNlTYls4YKQg5NpVgF98An/QnB//pmStVFly7F3q/drHJ/Kq0dg392v LyVHBAqGUg6DU9wx9TH9kHXjz19twQMWRCNDmSTvJC79A4riprewVH/nQZbFafo= =riX5 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Opening a gpg file format in read and write mode
On 05/06/2015 05:04 AM, Jamenson Ferreira Espindula de Almeida Melo wrote: Hi everyone. I want to open a file called passwords.txt.gpg and editing it directly. The mentioned file holds a password list and I prefer not to decrypt it, that is, I want to read it directly in gpg format itself. I believe it is possible reading, editing and writing directly in gpg file format itself without decrypting it, provided that GnuPG itself does the same thing on the public keyring (pubring.gpg), on the secret keyring (secring.gpg) and on the trust database (trustdb.gpg). Search engine found this: http://www.vim.org/scripts/script.php?script_id=3645 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: generating revocation certs non-interactively
Some how in the one ur doing this to I have done nothing to deserve to have put through 2 months of non stop names called then I love then I hate u ... Do u tell me who needs help. I did no approve to have anyone jailbreak my phone and make my 2 computer 1 iPad and my iPhone to have all these public files I did not allow these it is illegal he is going to far w this anyone with the intent to purposely do this to someone is demented. This is wrong what he is doing I'm very upset I did nothing to deserve this pls stop. Please Sent from my iPhone On May 5, 2015, at 2:46 PM, luis l...@greenhost.nl wrote: On 05/05/15 09:41, Werner Koch wrote: Note that GnuPG 2.1 generates revocation certificates by default. Great! Good to know! The idea is that you should be able to tell the reason for the revocation. Yes of course, this makes perfect sense. There is however the fact that good practice guides now a days often advice to generate a preemptive revocation certificate at the time of creation of the key. So at that moment the reason is well... not really relevant. So it's great that 2.1 does this on keypair generation. You need to use this command gpg --command-fd 0 --status-fd 2 --gen-revoke 0x12345678 and act upon the GET_* status lines. Great, thanks! This hack seems to have worked though (in python), but your suggestion seems more robust: import pexpect cmd = gpg --homedir {0} --gen-revoke {1}.format(KEYRING_DIR, '0xDEADD00D') px = pexpect.spawn(cmd, timeout=5) px.expect((y/N)) px.sendline(y) px.expect(Your decision?) px.sendline('0') px.expect( ) px.sendline(\n) px.sendline(\n) px.expect(Is this okay?) px.sendline(y) px.expect(pexpect.EOF) bidx = px.before.index('-BEGIN PGP PUBLIC KEY BLOCK-') eidx = px.before.index('-END PGP PUBLIC KEY BLOCK-') eidx += len('-END PGP PUBLIC KEY BLOCK-') print px.before[bidx:eidx] Salud, Luis. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users