Re: unlock keychain with pam authentication

[Andrew Gallagher]

On 28/09/15 23:16, SGT. Garcia wrote:
> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
>> 
>> Do you ever import keys that other people
>> send you?  or keys you find on the web?  or keys attached to e-mail
>> messages?  Are you sure the things imported can't include a secret key?
> 
> this is the first time i hear about *importing* to be honest. after reading, 
> yes
> just reading, your email a new key was added and on the next run of 'notmuch
> new' i was asked for it by pinentry. i'm guessing mutt imports any key it 
> finds
> in attachments.

Surely that 'feature' needs removing asap?

Andrew.



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Malte]

> I can't offer any conclusive evidence for this, but it is my
> honest estimate that more real-world sensitive traffic volume
> is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any
> was insecure, this would be of significantly greater benefit to
> a whole class of large institutional web-traffic attackers than
> if 2.x was insecure. So, if 1.4.x is indeed in any way insecure,
> that should merit more serious and immediate attention that if
> 2.x was insecure.

The other, and in my opinion much more sensible, course of action would be to 
migrate all these systems that still use 1.4 to 2.1. Version numbers are like 
entropy: They only increase, never decrease.


Sincerely,

Malte

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Guan Xin]

On Tue, Sep 29, 2015 at 3:52 AM, Robert J. Hansen  wrote:
> Please respond on-list; I generally don't like answering questions off-list.

Sorry, was too sleepy last night and did not click on "Reply to all".


>  So if ECC falls, well -- so will RSA.

Ok quite clear, that means if RSA falls, so had ECC already.


> If we ever reach the point where we have large-scale quantum computers,
> the solution isn't going to be RSA: it's going to be quantum-resistant
> algorithms like McEliece or lattice cryptography or Goppa codes or
> Lamport signatures or...

Didn't know these cryptosystems before.
Thanks very much for pointing out to these keywords! This is readlly helpful.

Guan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: unlock keychain with pam authentication

[SGT. Garcia]

On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
> On Mon 2015-09-28 16:00:38 -0400, SGT. Garcia wrote:
> > i really want it as the only authentication required that is open password 
> > from
> > user logs him in and decrypts the passwords.
> >
> >> > that would be my email account not my local user account, correct?
> >> 
> >> The attack i described is an attack against your local user account,
> >> though i suspect it could be leveraged into an attack against your
> >> e-mail account as well.
> >
> > how does it work, does gnupg phone home? i suspect not. i did not agree to
> > import anything but apparently my mail client (mutt) and/or gnupg took the
> > initiative to do so. if that's true then that's a misconfiguration or bad
> > default configuration of mutt and/or gnupg, i think.
> 
> There is no phoning home.  Do you ever import keys that other people
> send you?  or keys you find on the web?  or keys attached to e-mail
> messages?  Are you sure the things imported can't include a secret key?

this is the first time i hear about *importing* to be honest. after reading, yes
just reading, your email a new key was added and on the next run of 'notmuch
new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds
in attachments.

> Apparently i'm not doing a great job at communicating this scenario to
> you.  sorry about that.  Maybe someone else can try to explain it more
> clearly than i can.

it's not your fault. i think i'm missing some background on this.

> I understand what you're asking for, and i see how it would be a useful
> thing.  However, i think you should constrain it much more tightly than
> what you appear to be asking for, and i don't think that such a thing
> already exists.  It would be a bit of engineering work to make sure that
> it's functional, but i'd be happy to review something like this if
> somebody wants to propose it.
> 
>  --dkg

for now i just nuked my old .gnupg directory and created a new one without
passphrase. seems to accomplish the same thing, i.e. no more annoying passphrase
dialog. i will have to confirm on the next boot though.


sgt

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: unlock keychain with pam authentication

[Daniel Kahn Gillmor]

On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher  wrote:
> On 28/09/15 23:16, SGT. Garcia wrote:
>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
>>> 
>>> Do you ever import keys that other people
>>> send you?  or keys you find on the web?  or keys attached to e-mail
>>> messages?  Are you sure the things imported can't include a secret key?
>> 
>> this is the first time i hear about *importing* to be honest. after reading, 
>> yes
>> just reading, your email a new key was added and on the next run of 'notmuch
>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it 
>> finds
>> in attachments.
>
> Surely that 'feature' needs removing asap?

I'm surprised to hear that notmuch has this feature, and i haven't seen
it happen myself.  I'm one of the people who helped contribute to
notmuch's OpenPGP mechanisms.

This sounds like something to be raised on the notmuch mailing list,
though.

--dkg

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: unlock keychain with pam authentication

[Andrew Gallagher]

On 29/09/15 15:28, Daniel Kahn Gillmor wrote:
> On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher  
> wrote:
>> On 28/09/15 23:16, SGT. Garcia wrote:
>>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:

 Do you ever import keys that other people
 send you?  or keys you find on the web?  or keys attached to e-mail
 messages?  Are you sure the things imported can't include a secret key?
>>>
>>> this is the first time i hear about *importing* to be honest. after 
>>> reading, yes
>>> just reading, your email a new key was added and on the next run of 'notmuch
>>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it 
>>> finds
>>> in attachments.
>>
>> Surely that 'feature' needs removing asap?
> 
> I'm surprised to hear that notmuch has this feature, and i haven't seen
> it happen myself.  I'm one of the people who helped contribute to
> notmuch's OpenPGP mechanisms.
> 
> This sounds like something to be raised on the notmuch mailing list,
> though.

I was referring to mutt (allegedly) importing random secret keys that it
finds attached to arbitrary mails... but yes, a discussion for elsewhere.

A



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Johan Wevers]

On 28-09-2015 22:26, Robert J. Hansen wrote:

> RSA-3072 is not all that much stronger than RSA-2048, and RSA-4096 adds even 
> less.

AFAIK RSA-3072 (and ElGamal-3072) are comparable to AES-128. That's
strong enough for the forseable future; the only known thing they are
vyulnerable to (except for rubber-hose cryptography, keyloggers and
other "cheats") is a working quantum computer But if we have that, this:

> The future is clear: 512-bit ECC, which is about as resistant to
> brute-forcing as AES256.

won't help either and you need things like lattice cryptography (with
even bigger keys unfortunately).

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Own Mail: PGP running on local server; Is it secure

[Peter Lebbing]

On 28/09/15 20:39, sam...@riseup.net wrote:
> Hi all

Hi!

> Thanks for your comments, not exactly a ringing endorsement!

Well, for some reason I never got the mail that started this discussion,
a reply by Robert J. Hansen was the first I saw of it. And I didn't
check the website. But the quotes from the website he put in a
subsequent reply miss the mark by far, and that is a red flag to me. I
wouldn't need any more background for myself at that point. If they
can't get that right, I've lost trust. Crypto requires care, and I don't
see that reflected in what he quoted. I don't think my viewpoint is too
idealistic for the real world, but maybe I'm wrong about that.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: unlock keychain with pam authentication

[SGT. Garcia]

On Tue, Sep 29, 2015 at 03:33:38PM +0100, Andrew Gallagher wrote:
> On 29/09/15 15:28, Daniel Kahn Gillmor wrote:
> > On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher  
> > wrote:
> >> On 28/09/15 23:16, SGT. Garcia wrote:
> >>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
> 
>  Do you ever import keys that other people
>  send you?  or keys you find on the web?  or keys attached to e-mail
>  messages?  Are you sure the things imported can't include a secret key?
> >>>
> >>> this is the first time i hear about *importing* to be honest. after 
> >>> reading, yes
> >>> just reading, your email a new key was added and on the next run of 
> >>> 'notmuch
> >>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it 
> >>> finds
> >>> in attachments.
> >>
> >> Surely that 'feature' needs removing asap?
> > 
> > I'm surprised to hear that notmuch has this feature, and i haven't seen
> > it happen myself.  I'm one of the people who helped contribute to
> > notmuch's OpenPGP mechanisms.
> > 
> > This sounds like something to be raised on the notmuch mailing list,
> > though.
> 
> I was referring to mutt (allegedly) importing random secret keys that it
> finds attached to arbitrary mails... but yes, a discussion for elsewhere.
> 
> A
> 

mutt indeed; not notmuch. notmuch; well in fact in my setting isync is going to
sync _everything_ with upstream imap repo regardless. my best guess is that it's
mutt that imports the key. i will resend a copy of this to mutt's mailing list.


sgt


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Robert J. Hansen]

> Dan Boneh has already published an awe-inspiring paper showing that RSA
> isn't anywhere near as safe as we think it is:

Eh.  Correction: *may* not be anywhere near as safe it is.  Definitely
shows that our confidence in RSA probably isn't as well-founded as we'd
like.

I did a pretty long writeup of the implications of the paper a couple of
years ago.  Read:

https://lists.gnupg.org/pipermail/gnupg-users/2013-September/047466.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: adding card keys and make them non exportable

[Damien Goutte-Gattat]

On 09/29/2015 09:51 PM, Heiko Folkerts wrote:

AFAIK the exports contain a valid looking key block.


It *looks like* a valid key block, but--if the keytocard operation was 
indeed successful--it's actually only a "stub" that does not contain any 
private material.


You can check the actual contents of the exported data with the 
--list-packets option:


  $ gpg --list-packets your_exported_private_keys.gpg

Look for the following lines in the output:

  :secret sub key packet:
  [...]
  gnu-divert-to-card S2K, [...]
  serial-number:  

You should see those lines once for each subkey that you moved to the card.



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

adding card keys and make them non exportable

[Heiko Folkerts]

Hi all,
I am new to this list and have a question I couldn't find answered either in
the docs or in the FAQ.

I just started using a smart card with GPG namely the nitro key
www.nitrokey.com . It behaves like a smart card so this shouldcorrespond to
any GPG card as well.

I already had a key pair with some signatures so I decided to add a card sub
key to my main key as explained in the manual. I did this by
Gpg --edit-key b5f8d556 (ny main key ID)
Addcardkey

I created all three kinds of keys and they show up in the main key.

I now can export the secret sub keys with 
Gpg --export-secret-subkeys 
Or one by one specifying the single key IDS. AFAIK the trick to smart cards
ist hat the keys are not exportable from them. So while exporting the keys
to a backup was helpful to me I'd like to know how to keep them only on the
card and make them no longer exportable. AFAIK the exports contain a valid
looking key block.

Keytocard
Resulted in the message that the keys are already on the card (which is OK)
but still they can be exported.

So how to proceed?

Thanks in advance

Heiko


Machen Sie mit und teilen Sie Ihr Wissen auf www.besonderetipps.de

Bitte schützen Sie meine und Ihre privatsphäre und verwenden Sie PGP.
pub   2048R/B5F8D556 2014-08-06
  Schl.-Fingerabdruck = 758D DA37 1DA1 1E2F 7CDD  60A2 F3F4 1E8D B5F8 D556
uid   [ uneing.] Heiko Folkerts 
uid   [ uneing.] Heiko Folkerts 
uid   [ uneing.] Heiko Folkerts 
sub   4096g/BC0D1006 2015-08-27 [verf„llt: 2016-08-26]




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Non-interactive PIN not accepted, gpg hangs

[NIIBE Yutaka]

On 09/30/2015 04:00 AM, Laurent Blume wrote:
> Non-interactively, however, I can't get it to work: gpg-agent always
> spawns a pinentry in the background, and gpg waits for it indefinitely,
> instead of using the PIN provided on the command line.

As far as I know, you can't provide a PIN by command line.

You can provide passphrase from file for symmetric encryption, though.

Instead, you can unlock your smartcard beforehand, interactively.

$ gpg-connect-agent "SCD CHECKPIN D276000124010200F5170001" /bye
  

Please change this to your Application ID.  gpg --card-status shows it.

BTW, I got a report that RSA-4096 decryption doesn't work well on
Nitrokey Pro.  If you are using RSA-4096 decryption on Nitrokey Pro
successfully, please let us know.
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PAM authentication with gpg or ssh key

[NIIBE Yutaka]

Hello,

Yesterday, I included my answer to your question to a different
thread.  I should have replied to this post.

I think that your question is relevant to GnuPG community.

On 09/29/2015 02:06 AM, Schlacta, Christ wrote:
> Therefore, I'm looking for a way to have PAM query the ssh-agent
> remotely, or optionally locally in rare instances if possible, for
> authentication.

My answer was:
=
For authentication of sudo on remote machine, I think that we can use
pam_ssh_agent [0] together with GnuPG, if we can configure correctly.
I don't have any experiences, though.  It would be good if we can also
do similar thing directly by gpg-agent remote access.

[0] pam_ssh_agent: http://pamsshagentauth.sourceforge.net/
=

I think that it's good if a user can consolidate his private key
management under GnuPG (possibly with OpenPGPcard compatible).
Besides, it would be good if OpenPGPcard can have more authentication
keys (for different purposes), too.

Perhaps, if there are some demands, I should write U2F module using
gpg-agent (and revive Scute, accordingly).  I believe that this is a
way to go, for those users who want to consolidate things cleanly.
-- 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Robert J. Hansen]

> Does that mean long-term confidence in elliptic curves would be better
> placed?

I don't know.  Sorry.  :(

What I do know is that, judging from past experience, our projections on
key lengths need to take into account the possibility of radical
improvements in mathematics that make our original projections optimistic.

ECC-256 is probably good enough for any imaginable purpose for the
foreseeable future, at least up until quantum computers come along.
That's why I favor using ECC-512 instead.  :)

> Does ECC rely on a stronger mathematical basis

Different, but I'm not sure I'd say stronger.  And yes, it's still
susceptible to mathematical breakthroughs.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Should I be using gpg or gpg2?

[Leo Gaspard]

On 09/29/2015 06:04 PM, Robert J. Hansen wrote:
> But you never know when a George Dantzig will appear.  And that means I
> think your long-term confidence in RSA is misplaced.

Does that mean long-term confidence in elliptic curves would be better
placed?

Does ECC rely on a stronger mathematical basis, or is it just vulnerable
to another kind of George Dantzig?

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Non-interactive PIN not accepted, gpg hangs

[Laurent Blume]

Hello all,

I'm trying to setup automatic file decryption using a smartcard to store
the private key.

Interactively, it all works fine, I get the PIN request, enter it,
decryption works, all good.

Non-interactively, however, I can't get it to work: gpg-agent always
spawns a pinentry in the background, and gpg waits for it indefinitely,
instead of using the PIN provided on the command line.


Here's a short example:

# eval $(gpg-agent --daemon)

# echo 123456 | gpg --batch --passphrase-fd 0 --quiet --decrypt file.gpg

^C
gpg: signal Interrupt caught ... exiting

# ps -edf | grep pinentry
root 26216 26035  0 11:33 ?00:00:00 /usr/bin/pinentry-curses

Running gpg-agent with --debug-level guru shows it starts scdaemon,
finds the card, decides it needs the PIN and asks for it.

If the PIN is entered once interactively, then the command above
succeeds, because the card is unlocked (ie the command-line PIN is still
ignored).

It's on RHEL6 using the system's 2.0.14 version, and a Nitrokey Pro card.

Thanks in advance for any help,

Laurent

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users