Re: use policy of the GnuPG-card

[Robert J. Hansen]

> One problem comes obviously in mind: Someone with priv access to your 
> workstation,

You just lost.  Everything after this sentence is irrelevant.  Once an
attacker has privileged access to your machine it's all over.

> How is this supposed to be managed?

It can't be.  GnuPG is only for use in environments where you trust the
admins.  GnuPG cannot protect you from a rogue admin.  Do not fall into
the trap of thinking you can manage this: you cannot.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Don't get the pinentry for passphrase in some contexts

[Damien Cassou]

Matthias Apitz  writes:
> What do you use as pinentry exactly? I have:
>
> $ ls -l /usr/local/bin/pinentry
> lrwxr-xr-x  1 root  wheel  27 15 may.  14:04 /usr/local/bin/pinentry ->
> /usr/local/bin/pinentry-qt5
>
> and this pops up a Qt5 window for this.


For me, /usr/bin/pinentry is a 86-lines shell script that selects the
correct pinentry binary to use. In all cases, the binary used is
/usr/bin/pinentry-gnome3 (I'm on Gnome3) which is

$ pinentry-gnome3 --version
pinentry-gnome3 (pinentry) 0.9.7

-- 
Damien Cassou
http://damiencassou.seasidehosting.st

"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Don't get the pinentry for passphrase in some contexts

[Werner Koch]

On Thu, 13 Jul 2017 15:08, dam...@cassou.me said:
> strace reveals the following. Does that ring a bell to anyone?

"debug-pinentry" in gpg-agent.conf would give you more info.  Adding
also "debug ipc" will show you the communication between gpg and
gpg-agent; that is what you strace shows.  Use "log-file FILE" to set a
log file and remember to reload gpg-agent.

> In Firefox
> read(5, "INQUIRE PINENTRY_LAUNCHED 22712\n", 1002) = 32
> write(5, "END", 3)= 3
> write(5, "\n", 1) = 1

The agent tells gpg that a pinentry has been launched and gpg
acknowledges that ("END").

> read(5, "ERR 83886179 Operation cancelled \n", 1002) = 44

The agent tells you that the Pinentry canceled the operation.  This is
usually due to clicking the cancel button.  Some older versions of
pinentry use cancel as a catch all error from pinentry.  Modern versions
of gpg running with "-v" will print a line identifing the pinentry used
and thus reveal possible problems, for example a missing GPG_TTY
envrionment variable.

> read(5, "D (5:value511...) = 543

This returns some data ;-)


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpBLo6tkmhZU.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: use policy of the GnuPG-card

[Werner Koch]

On Thu, 13 Jul 2017 12:49, g...@unixarea.de said:

> How is this supposed to be managed?

You can't do anything about it.  The card protects your key against
compromise - but not the use of the key.

For the signing key we have a signature counter and if you can memorize
the count and the number of signatures you did, you have a way to detect
malicious use of that key.  Better malware could of course also present
you a different count - checking on a clean machine would detect that,
though.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgprgVHJgUc_Z.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Don't get the pinentry for passphrase in some contexts

[Damien Cassou]

strace reveals the following. Does that ring a bell to anyone?

In Firefox
read(5, "INQUIRE PINENTRY_LAUNCHED 22712\n", 1002) = 32
write(5, "END", 3)= 3
write(5, "\n", 1) = 1
read(5, "ERR 83886179 Operation cancelled \n", 1002) = 44

In the terminal
read(5, "INQUIRE PINENTRY_LAUNCHED 22990\n", 1002) = 32
write(5, "END", 3)= 3
write(5, "\n", 1) = 1
read(5, "D (5:value511...) = 543


-- 
Damien Cassou
http://damiencassou.seasidehosting.st

"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: use policy of the GnuPG-card

[Andrew Gallagher]

On 2017/07/13 11:49, Matthias Apitz wrote:
> 
> One problem comes obviously in mind: Someone with priv access to your 
> workstation,
> for example IT personal, could relatively easy steal your passwords, just 
> setting your
> environment and waiting for the moment that you have unlocked the card with 
> the PIN;
> than he/she could run as root:

*snipped evil plan*

Worse than that, they can keylog your PIN and use that to perform
unlimited crypto operations using your smartcard whenever they detect it
is plugged in. Or they can read decrypted passwords out of memory, or
replace gpg with a version that copies everything it touches to a
network connection. The possibilities are literally endless.

> How is this supposed to be managed?

Don't plug your smartcard into a computer that someone else has root
access to. That's not flippant, that's the best you can do in principle.
Smartcards can protect you against disclosure of your secret key, but
not of data encrypted to that key. If you want to protect all the data
encrypted by that key, then you still need to take all the precautions
that you need to with any other method of secret key storage, and that
means (amongst other things) don't decrypt your data on an untrusted
machine.

Remember, if someone else has root on your computer then it isn't your
computer - it's theirs.

A



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [HELP] pinentry-curses breaks SSH auth, but pinentry-mac works fine?

[Peter Lebbing]

On 13/07/17 09:29, Ryan Lue wrote:
> 1) I keep my dotfiles synced between multiple machines, and so try my
>best to keep them platform-agnostic when I can. There are definitely
>times when I can use conditionals to get different behavior on
>different machines (like `if [ "$(uname)" = Darwin ]` in `.profile`),
>but I don't even know if it's possible to set up `gpg-agent.conf` to
>use `pinentry-mac` on one machine but `pinentry-gtk` on another.

Note how Debian handles system-wide, system-specific pinentry alternatives:

/etc/alternatives/pinentry -> /usr/bin/pinentry-gtk-2
/etc/alternatives/pinentry-x11 -> /usr/bin/pinentry-gtk-2
/usr/bin/pinentry -> /etc/alternatives/pinentry
/usr/bin/pinentry-curses
/usr/bin/pinentry-gtk-2
/usr/bin/pinentry-x11 -> /etc/alternatives/pinentry-x11

If you use just "pinentry" or "pinentry-x11", you then use the
alternatives system to select a specific one:

--8<---cut here---start->8---
# update-alternatives --config pinentry
There are 2 choices for the alternative pinentry (providing
/usr/bin/pinentry).

  SelectionPath  Priority   Status

* 0/usr/bin/pinentry-gtk-285auto mode
  1/usr/bin/pinentry-curses   50manual mode
  2/usr/bin/pinentry-gtk-285manual mode

Press enter to keep the current choice[*], or type selection number:
--8<---cut here---end--->8---

It might give you an idea how to do it for you. I suspect it might even
work if you wrap your pinentry in a shell script using if [ "$(uname)"
but it lacks elegance.

> 2) I chanced upon this presentation from a 2015 conference where the
>presenter describes a setup for being able to ssh into a machine and
>use its private keys locally by forwarding the remote machine's
>gpg-agent socket to a local socket (slides 57–61 of 62):
> 
>https://2015.rmll.info/IMG/pdf/an-advanced-introduction-to-gnupg.pdf
> 
>and I imagine that just wouldn't work if you had graphical pinentry
>on the remote machine.

You could also use SSH's X forwarding. I haven't tried that, though.

> There were a lot of strong opinions being thrown around that thread. I
> suspect that a lot of people believe that taking an unconventional
> approach to security is tantamount to opposing best practices.

Hmmm, an understandable knee-jerk response. Knees don't always do your
best thinking, though.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

use policy of the GnuPG-card

[Matthias Apitz]

Hello,

I'm using the GnuPG card for signing, SSH, password-store (Firefox web 
passwords)
and locking un-locking the KDE desktop on card-insert or withdraw.
After resolving some technical (FreeBSD) issues, I now have it on daily
usage on my netbook and my workstation in the office.

One problem comes obviously in mind: Someone with priv access to your 
workstation,
for example IT personal, could relatively easy steal your passwords, just 
setting your
environment and waiting for the moment that you have unlocked the card with the 
PIN;
than he/she could run as root:

# GNUPGHOME=/home/guru/.gnupg-ccid export GNUPGHOME
# PASSWORD_STORE_DIR=/home/guru/.password-store export PASSWORD_STORE_DIR
# pass Business/cheese-whiz-factory
gpg: WARNING: unsafe ownership on homedir '/home/guru/.gnupg-ccid'
cheese

It would also not help to just withdraw the card after any short usage, for 
example to
fire up a SSH session. The attacker could just sit in background waiting for 
this short moment,
which is long enough to copy all your passwords in to clear mode and send them 
away.

How is this supposed to be managed?


 matthias

-- 
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/  ☎ 
+49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
8. Mai 1945: Wer nicht feiert hat den Krieg verloren.
8 de mayo de 1945: Quien no festeja perdió la Guerra.
May 8, 1945: Who does not celebrate lost the War.


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [HELP] pinentry-curses breaks SSH auth, but pinentry-mac works fine?

[Ryan Lue]

> However, I think many people work around this problem by a) using a
> graphical pinentry and b) using a single graphical session. As long as
> one also refrains from SSH'ing from a remote terminal, with the
> combination, you've circumvented the problem by just using the
> effectively singleton graphical session :-).

That solution has certainly occurred to me. There were two reasons I was
really angling to get this working purely in the terminal:

1) I keep my dotfiles synced between multiple machines, and so try my
   best to keep them platform-agnostic when I can. There are definitely
   times when I can use conditionals to get different behavior on
   different machines (like `if [ "$(uname)" = Darwin ]` in `.profile`),
   but I don't even know if it's possible to set up `gpg-agent.conf` to
   use `pinentry-mac` on one machine but `pinentry-gtk` on another.

2) I chanced upon this presentation from a 2015 conference where the
   presenter describes a setup for being able to ssh into a machine and
   use its private keys locally by forwarding the remote machine's
   gpg-agent socket to a local socket (slides 57–61 of 62):

   https://2015.rmll.info/IMG/pdf/an-advanced-introduction-to-gnupg.pdf

   and I imagine that just wouldn't work if you had graphical pinentry
   on the remote machine. I did also find another tip about using
   `PINENTRY_USER_DATA` to force pinentry-curses for SSH sessions, but
   I'd already burned so much time on this that I haven't been able to
   justify getting around to it again:

   
https://gpgtools.tenderapp.com/kb/faq/enter-passphrase-with-pinentry-in-terminal-via-ssh-connection

   None of this was crucial, mind you; I was just trying to see what I
   could do with a new toy. -_-'

> That is a surprising characterization. Do they also think this of the
> GNOME and KDE SSH agents, to name two? I suspect those two are much more
> widely used, which might eliminate the qualification "unconventional",
> but that still begs, why "hack"?

There were a lot of strong opinions being thrown around that thread. I
suspect that a lot of people believe that taking an unconventional
approach to security is tantamount to opposing best practices.

In any case, thanks for all the insight!

—Ryan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [HELP] pinentry-curses breaks SSH auth, but pinentry-mac works fine?

[Ryan Lue]

Hi Daniel,

Yes, thanks, this absolutely did it! Sorry for not responding earlier —
I had intended to write a follow-up blog post that addressed this
question, along with that of forwarding the gpg-agent socket over SSH
with `ssh -R` (so that you can use your local machine's GPG private keys
in a remote session without having to manually copy them to another
machine), but figuring out how to do all that with pinentry-curses has
proven to be a real pickle.

So while I was originally going to wait until I'd finished that post and
send it back your way (as a weird kind of thank-you?), I'm just gonna
have to settle for actually saying “thank you” for the time being.

So, thanks.

—Ryan

On 2017 Jun 30, Daniel Kahn Gillmor wrote:
> Hi Ryan--
> 
> On Fri 2017-06-30 11:54:46 +0800, Ryan Lue wrote:
> > But for some reason, it just doesn't work with `pinentry-curses`: SSH
> > (GPG) key authentication fails silently, and the server falls back to
> > password authentication. (I have made sure to set `$GPG_TTY`, so
> > `pinentry-curses` works just fine for everything else, just not SSH
> > authentication. For instance, I can `echo hello | gpg -s` and I'll get
> > the pinentry password prompt in the terminal.)
> 
> setting GPG_TTY only works for clients that know to interpret it and to
> pass its value along to gpg-agent.
> 
> when ssh is speaking to gpg-agent, it's using the ssh-agent protocol,
> which has no mechanism for passing this info to the agent.
> 
> as a result, the agent (which *isn't* running attached to the current
> tty) can't tell pinentry which tty to use.
> 
> have you tried doing this:
> 
> GPG_TTY=$(tty) gpg-connect-agent updatestartuptty /bye
> 
> from the current terminal before trying to use ssh?
> 
> i consider this a workaround (which isn't satisfactory for easy everyday
> use without better integration), but it's probably better than nothing.
> 
> please let the list know if that workarund works for you!
> 
> regards,
> 
>  --dkg



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Questions using GPGME

[Andreas Heinlein]

Am 13.07.2017 um 09:27 schrieb Werner Koch:
> On Thu,  6 Jul 2017 14:48, aheinl...@gmx.com said:
>
>> decrypt with cancel'ing the pinentry, one with missing private key and
>> one with a truncated input file. All three gave
>>
>> print str(e): Invocation of gpgme_op_decrypt_verify: GPGME: Decryption
>> failed
> This has been fixed yesterday in GPGME.  You will now get back a
> dedicated error code for "No secret keys", "Bad passphrase", and
> "Canceled".  You need to wait for the releale of 1.9.1, though.
>
>
>
I know, I filed the bug report ;-)

Thanks again.

Andreas



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] Libgcrypt 1.7.8 released to fix CVE-2017-7526

[Werner Koch]

On Wed,  5 Jul 2017 21:39, gnupg-users@gnupg.org said:

>>   libgcrypt v<=?
>
> Probably all versions up to 1.7.7, starting from at least 1.2.0 (which
> is the oldest I could find).

Actaully starting at 1.6.0 which introduced the sliding window method to
catch up performance losses due to other side channel attack
mitigations.  Earlier versions than 1.6 may be affected by other side
channel attacks.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpwU0bZfN68l.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Questions using GPGME

[Werner Koch]

On Thu,  6 Jul 2017 14:48, aheinl...@gmx.com said:

> decrypt with cancel'ing the pinentry, one with missing private key and
> one with a truncated input file. All three gave
>
> print str(e): Invocation of gpgme_op_decrypt_verify: GPGME: Decryption
> failed

This has been fixed yesterday in GPGME.  You will now get back a
dedicated error code for "No secret keys", "Bad passphrase", and
"Canceled".  You need to wait for the releale of 1.9.1, though.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpK8e9_xo1H0.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Changing PINs of German bank card

[Binarus]

On 13.07.2017 01:19, MFPA wrote:
> 
> 
> On Wednesday 12 July 2017 at 6:51:42 AM, in
> , Binarus wrote:-
> 
> 
>> and this means that such software would
>> have to run on the
>> card.
> 
> Or The ATM.

You are right. The ATM will get hold of the PIN in clear in case the
user wants to change it, because the user has to type it then. The ATM
theoretically could check the PIN for certain criteria in that moment,
and refuse it if appropriate.

> But maybe chip and PIN cards have the capacity.
> 

Wherever it might run: I never have heard about a bank having
implemented such checks ...

Regards,

Binarus

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Changing PINs of German bank card

[Binarus]

On 13.07.2017 01:23, MFPA wrote:
> 
> 
> On Wednesday 12 July 2017 at 3:15:09 PM, in
> , Binarus wrote:-
> 
> 
> 
>> (if the
>> PIN needs to be
>> stored at all in some backend which I doubt).
> 
> The Bank must know the PIN (or a hash). Otherwise they would not know
> if you entered the correct PIN for online transactions.

I don't think so. Banking chip cards contain mechanisms for local PIN
verification. You can see that an ATM (or the card) immediately decides
if the PIN is correct or not even if the ATM's network connection is
failing at that moment.

Banking chip cards furthermore contain a processor and software for
cryptographic operations, so that the endless capabilities of modern
cryptography are at hand. Think of asymmetric methods like RSA ...

Regards,

Binarus



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users