Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 12:55:52PM +, Marcelo C . Martinelli wrote: > On Mon, Oct 09, 2000 at 01:43:48PM +0200, Jan Houtsma wrote: > > I dont know anything ab gpg. After installing a clean RH7.0 which > > includes mutt-1.2.5i-3 i always get the following warnings > > if i view a gpg signed message: > > > > "gpg: Warning: using insecure memory! > > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > > gpg: Can't check signature: public key not found" > > > > Prolly gpg is not quite supported or i havent configured it yet? > > What do i need to suppress this. > > thanks, > > jan > > -- > >___ ___ ___ > > / // // / Jan H. Houtsma > > / // // / Comeniushof 92 > > / // // /1216 HH Hilversum > > ___ / _ _ / Netherlands > > / / / // // / > >/ /__/ // // / http://www.houtsma.net > > ///__//__/[EMAIL PROTECTED] > > I think that's a gpg problem and not a mutt one. You should edit the > file ``options" which is created by default during installation of gpg > under ~/.gnupg. You should add 2 lines in there like these: > > no-secmem-warning > keyserver wwwkeys.pgp.net > > The first line will get rid of the insecure memory warning, which i've > been told you can safely disregard. The second line will inform gpg > about which keyserver to fetch public keys from (you can use a > different one if you want), i think that the default installation > doesn't include that line in so whenever gpg can't find a key in your > publick key ring it gives out the key not found warning. > > Also, i don't know whether RedHat's installation is the same as mine > (i use Slackware) but you should find a file called gpg.rc under > /usr/local/doc/mutt/samples/ - make sure you source this file in your > .muttrc and this should do the trick. > > Marcelo C. Martinelli Thanks! It works. I get "good signature" now. All i still get is something ab the key not being certified with a trusted signature. And btw sourcing /usr/share/doc/mutt-1.2.5i/gpg.rc didnt make any difference. Guess without it you get the defaults? This just for fyi. thanks, jan -- ___ ___ ___ / // // / Jan H. Houtsma / // // / Comeniushof 92 / // // /1216 HH Hilversum ___ / _ _ / Netherlands / / / // // / / /__/ // // / http://www.houtsma.net ///__//__/[EMAIL PROTECTED]
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:43:48PM +0200, Jan Houtsma wrote: > I dont know anything ab gpg. After installing a clean RH7.0 which > includes mutt-1.2.5i-3 i always get the following warnings > if i view a gpg signed message: > > "gpg: Warning: using insecure memory! > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > gpg: Can't check signature: public key not found" > > Prolly gpg is not quite supported or i havent configured it yet? > What do i need to suppress this. > thanks, > jan > -- >___ ___ ___ > / // // / Jan H. Houtsma > / // // / Comeniushof 92 > / // // /1216 HH Hilversum > ___ / _ _ / Netherlands > / / / // // / >/ /__/ // // / http://www.houtsma.net > ///__//__/[EMAIL PROTECTED] I think that's a gpg problem and not a mutt one. You should edit the file ``options" which is created by default during installation of gpg under ~/.gnupg. You should add 2 lines in there like these: no-secmem-warning keyserver wwwkeys.pgp.net The first line will get rid of the insecure memory warning, which i've been told you can safely disregard. The second line will inform gpg about which keyserver to fetch public keys from (you can use a different one if you want), i think that the default installation doesn't include that line in so whenever gpg can't find a key in your publick key ring it gives out the key not found warning. Also, i don't know whether RedHat's installation is the same as mine (i use Slackware) but you should find a file called gpg.rc under /usr/local/doc/mutt/samples/ - make sure you source this file in your .muttrc and this should do the trick. Marcelo C. Martinelli PGP signature
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 04:38:26PM +, Marcelo C . Martinelli <[EMAIL PROTECTED]> wrote: > I am using gpg 1.0.3 but i think that that's not the problem here. The > only thing i can think of in your case is that probably you have the > options directory in a different location from ~/.gnupg, in which case > you would have to set up a variable GNUPGHOME=/your/gnupg/directory in > /etc/profile. > > On Mon, Oct 09, 2000 at 12:09:04PM -0400, Bob Bell wrote: > > Is this a new feature in gpg. This doesn't appear to get rid of the > > warning for me. gpg --version reports "gpg (GnuPG) 1.0.1". Nope, turns out it's a new thing. I upgraded to 1.0.3 and it works now. -- Bob Bell <[EMAIL PROTECTED]> - "Linux, WinNT, MS-DOS - also known as the Good, the Bad and the Ugly." -- Anonymous
Re: gpg: Warning: using insecure memory!
I am using gpg 1.0.3 but i think that that's not the problem here. The only thing i can think of in your case is that probably you have the options directory in a different location from ~/.gnupg, in which case you would have to set up a variable GNUPGHOME=/your/gnupg/directory in /etc/profile. Marcelo C. Martinelli <[EMAIL PROTECTED]> On Mon, Oct 09, 2000 at 12:09:04PM -0400, Bob Bell wrote: > On Mon, Oct 09, 2000 at 01:06:39PM +, Marcelo C . Martinelli <[EMAIL PROTECTED]> >wrote: > > I think that's a gpg problem and not a mutt one. You should edit the > > file ``options" which is created by default during installation of gpg > > under ~/.gnupg. You should add 2 lines in there like these: > > > > no-secmem-warning > > keyserver wwwkeys.pgp.net > > > > The first line will get rid of the insecure memory warning, which i've > > been told you can safely disregard. > > Is this a new feature in gpg. This doesn't appear to get rid of the > warning for me. gpg --version reports "gpg (GnuPG) 1.0.1". > > > -- > Bob Bell <[EMAIL PROTECTED]> > - > "For example, OS/360 devotes 26 bytes of the permanently > resident date-turnover routine to the proper handling of > December 31 on leap years (when it is Day 366). That might > have been left to the operator." >-- Fred Brooks, _The Mythical Man-Month_, on wasting resources PGP signature
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:06:39PM +, Marcelo C . Martinelli <[EMAIL PROTECTED]> wrote: > I think that's a gpg problem and not a mutt one. You should edit the > file ``options" which is created by default during installation of gpg > under ~/.gnupg. You should add 2 lines in there like these: > > no-secmem-warning > keyserver wwwkeys.pgp.net > > The first line will get rid of the insecure memory warning, which i've > been told you can safely disregard. Is this a new feature in gpg. This doesn't appear to get rid of the warning for me. gpg --version reports "gpg (GnuPG) 1.0.1". -- Bob Bell <[EMAIL PROTECTED]> - "For example, OS/360 devotes 26 bytes of the permanently resident date-turnover routine to the proper handling of December 31 on leap years (when it is Day 366). That might have been left to the operator." -- Fred Brooks, _The Mythical Man-Month_, on wasting resources
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 02:53:52PM +0200, Jan Houtsma wrote: > On Mon, Oct 09, 2000 at 01:32:52PM +0100, Dave Pearson wrote: > > > Have you considered reading the documentation for GPG? For example: > > Sure i would consider it if i knew that there was a program like that!! I > didnt even know i there was a program called gpg. I thought it was > something in mutt! No, gpg is not something inside mutt. It is, however, called from mutt if you configure mutt to do this. >So if i knew i would have! That why i was asking the > question in the first place. To learn something from others! Thought that > was what mailing lists are for! They are, that's why I responded. Wasn't the suggestion to read the manual for gpg helpful? > > ,[ man gpg ] > > |--no-secmem-warning > > | Suppress the warning about "using insecure mem > > | ory". > > ` > > Is this gpg program called by mutt or so? Yes, it can be called by mutt if you (or something who wrote the configuration) told it to do so. > Because mutt complains. Is this > '--no-secmem-warning' option an option i can pass to mutt then? No, it is an option for GPG. Have a read of the GPG manual. > Because i > did read that manual, but couldn't find the option. Which manual did you read? Did you do a "man gpg" and have a read of the GPG documentation? -- Take a look in Hagbard's World: | mutt.octet.filter - autoview octet-streams http://www.hagbard.demon.co.uk/ | mutt.vcard.filter - autoview simple vcards http://www.acemake.com/hagbard/ | muttrc2html - muttrc -> HTML utility Free software, including| muttrc.sl - Jed muttrc mode
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:43:48PM +0200 or so it is rumoured hereabouts, Jan Houtsma thought: > I dont know anything ab gpg. After installing a clean RH7.0 which > includes mutt-1.2.5i-3 i always get the following warnings > if i view a gpg signed message: > > "gpg: Warning: using insecure memory! > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > gpg: Can't check signature: public key not found" > > Prolly gpg is not quite supported or i havent configured it yet? > What do i need to suppress this. > thanks, It's about doing a suid on some binary which gives it root privileges and allows it to lock memory. Otherwise your private key or passphrase or something could get written to the swap partition where someone could copy it. Or something like that... The details are in one of the documents on the gpg website... -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-)
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:43:48PM +0200, Jan Houtsma wrote: > I dont know anything ab gpg. After installing a clean RH7.0 which > includes mutt-1.2.5i-3 i always get the following warnings > if i view a gpg signed message: > > "gpg: Warning: using insecure memory! > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > gpg: Can't check signature: public key not found" > > Prolly gpg is not quite supported or i havent configured it yet? > What do i need to suppress this. > thanks, > jan > -- >___ ___ ___ > / // // / Jan H. Houtsma > / // // / Comeniushof 92 > / // // /1216 HH Hilversum > ___ / _ _ / Netherlands > / / / // // / >/ /__/ // // / http://www.houtsma.net > ///__//__/[EMAIL PROTECTED] I think that's a gpg problem and not a mutt one. You should edit the file ``options" which is created by default during installation of gpg under ~/.gnupg. You should add 2 lines in there like these: no-secmem-warning keyserver wwwkeys.pgp.net The first line will get rid of the insecure memory warning, which i've been told you can safely disregard. The second line will inform gpg about which keyserver to fetch public keys from (you can use a different one if you want), i think that the default installation doesn't include that line in so whenever gpg can't find a key in your publick key ring it gives out the key not found warning. Also, i don't know whether RedHat's installation is the same as mine (i use Slackware) but you should find a file called gpg.rc under /usr/local/doc/mutt/samples/ - make sure you source this file in your .muttrc and this should do the trick. Marcelo C. Martinelli PGP signature
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:32:52PM +0100, Dave Pearson wrote: > On Mon, Oct 09, 2000 at 01:43:48PM +0200, Jan Houtsma wrote: > > > I dont know anything ab gpg. After installing a clean RH7.0 which includes > > mutt-1.2.5i-3 i always get the following warnings if i view a gpg signed > > message: > > > > "gpg: Warning: using insecure memory! > > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > > gpg: Can't check signature: public key not found" > > > > Prolly gpg is not quite supported or i havent configured it yet? > > What do i need to suppress this. > > Have you considered reading the documentation for GPG? For example: > Sure i would consider it if i knew that there was a program like that!! I didnt even know i there was a program called gpg. I thought it was something in mutt! So if i knew i would have! That why i was asking the question in the first place. To learn something from others! Thought that was what mailing lists are for! > ,[ man gpg ] > |--no-secmem-warning > | Suppress the warning about "using insecure memĀ > | ory". > ` > Is this gpg program called by mutt or so? Because mutt complains. Is this '--no-secmem-warning' option an option i can pass to mutt then? Because i did read that manual, but couldn't find the option. jan -- ___ ___ ___ / // // / Jan H. Houtsma / // // / Comeniushof 92 / // // /1216 HH Hilversum ___ / _ _ / Netherlands / / / // // / / /__/ // // / http://www.houtsma.net ///__//__/[EMAIL PROTECTED]
Re: gpg: Warning: using insecure memory!
On Mon, Oct 09, 2000 at 01:43:48PM +0200, Jan Houtsma wrote: > I dont know anything ab gpg. After installing a clean RH7.0 which includes > mutt-1.2.5i-3 i always get the following warnings if i view a gpg signed > message: > > "gpg: Warning: using insecure memory! > gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 > gpg: Can't check signature: public key not found" > > Prolly gpg is not quite supported or i havent configured it yet? > What do i need to suppress this. Have you considered reading the documentation for GPG? For example: ,[ man gpg ] |--no-secmem-warning | Suppress the warning about "using insecure memĀ | ory". ` -- Take a look in Hagbard's World: | mutt.octet.filter - autoview octet-streams http://www.hagbard.demon.co.uk/ | mutt.vcard.filter - autoview simple vcards http://www.acemake.com/hagbard/ | muttrc2html - muttrc -> HTML utility Free software, including| muttrc.sl - Jed muttrc mode
gpg: Warning: using insecure memory!
I dont know anything ab gpg. After installing a clean RH7.0 which includes mutt-1.2.5i-3 i always get the following warnings if i view a gpg signed message: "gpg: Warning: using insecure memory! gpg: Signature made Mon 09 Oct 2000 02:07:06 AM CEST using DSA key ID FC5C7370 gpg: Can't check signature: public key not found" Prolly gpg is not quite supported or i havent configured it yet? What do i need to suppress this. thanks, jan -- ___ ___ ___ / // // / Jan H. Houtsma / // // / Comeniushof 92 / // // /1216 HH Hilversum ___ / _ _ / Netherlands / / / // // / / /__/ // // / http://www.houtsma.net ///__//__/[EMAIL PROTECTED]