Re: Line-wrapping the GPG key identity selection menu

[nunojsilva]

On 2018-08-30, nunojsi...@ist.utl.pt wrote:

> I've been sending GPG-encrypted e-mails with mutt, and I've noticed that
> the key ID selection menu, the one that shows up when there is more than
> one identity in a given recipient's key, is a bit too long for 80
> columns.
>
> This means that, when I send encrypted e-mails from an 80-column
> terminal, at least with some GPG keys, I can't read the e-mail address
> associated with each identity, as it goes beyond the 80th column.
>
> Is there any way to deal with this in mutt? An option to wrap long lines
> in menus, or keybindings to scroll the menu left/right?

I guess this applies to any menu with sufficiently long lines. Right
now, in the message index, I am unable to see the entire message subject
for some messages in an 80-column terminal.

In this case I can open the message in the pager and see the subject
there, but, out of curiosity, is there any other way to see the full
subject, line-wrapped?


But I start thinking what I really want is to be able to scroll
left/right...

-- 
Nuno Silva

Line-wrapping the GPG key identity selection menu

[nunojsilva]

I've been sending GPG-encrypted e-mails with mutt, and I've noticed that
the key ID selection menu, the one that shows up when there is more than
one identity in a given recipient's key, is a bit too long for 80
columns.

This means that, when I send encrypted e-mails from an 80-column
terminal, at least with some GPG keys, I can't read the e-mail address
associated with each identity, as it goes beyond the 80th column.

Is there any way to deal with this in mutt? An option to wrap long lines
in menus, or keybindings to scroll the menu left/right?

-- 
TIA,
Nuno Silva

Re: Why does mutt ask for a GPG key to use

[Ben McGinnes]

On Thu, May 24, 2018 at 08:15:17PM +0100, Dominik Vogt wrote:
> When I send a GPG-encrypted mail to, say "Foo Bar ",
> and there is a public key for that address in the GPG keyring,
> mutt still asks for a key to use for encryption.  Can I tell mutt
> to use the key matching the receiver address automatically?

It depends on which question it's asking you.  If it's asking which
key to use then there may be multipole UIDs on the key for which it
needs clarification or there may be multiple keys which match the UID
that matches the address.  This can be specified in advance with a
crypt-hook.

If you already use GPG group options iin gpg.conf, there's a script in
the GPGME Python binding examples directory that will generate
crypt-hooks from the gpg.conf automatically.  In spite of its
location, it does not require GPGME to run that script.  Pretty much
all the others in that directory do, but not that one (but it is in
Python and it had to go somewhere).

It's also possible that you may see a second question after the key
has been selected asking if you;'re sure you want to encrypt to that
key.  That's a result of encrypting to a key which you haven'tt
signed.  The traditional method of dealing with this has always been
to use a local signature that's not exportable.  Alternatively
changing the trust level on the key will do it or even changing the
trust model for the entire program to "trust-model always".

I tend to put all those rules into my gpg.conf file and these days
save myself a world of grief by running the aforementioned script.
Most of the time with just very rapid key presses on the "yes, I
really want to encrypt" question, with a handful of local signatures
(depending on the frequency of contact with the other party).


Rrgards,
Ben


signature.asc
Description: PGP signature

Why does mutt ask for a GPG key to use

[Dominik Vogt]

When I send a GPG-encrypted mail to, say "Foo Bar ",
and there is a public key for that address in the GPG keyring,
mutt still asks for a key to use for encryption.  Can I tell mutt
to use the key matching the receiver address automatically?

Ciao

Dominik ^_^  ^_^

-- 

Dominik Vogt

GPG, key listing

[Heinz Diehl]

Hi,

when trying to encrypt a message in mutt, pressing "p" brings on the common pgp
dialog:

PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or (c)lear?

Pressing "e" sets the "encrypt" flag. Then, when sending the mail, I'm asked to
enter a key id. Now, when I hit "ENTER", the listing of my public key ring
looks like this:

   1 ?  2048/0x00411886 RSA  es
   2 ?  1024/0x052E7D95 DSA  es
   3 ?  1024/0x1844AB0A DSA  es
   4 ?  2048/0x23543A63 RSA  es
   5 ?  1024/0x26C7CA3B DSA  es
   6 +  2048/0x3231BAC7 RSA  es
   7 ?  2048/0x4DFB75F4 RSA  es
   8 ?  4096/0x6092693E RSA  es
   9 +  4096/0x60F4A92C RSA  es
  10 +  4096/0x6E10FBDA RSA  es
  11 ?  1024/0x7F780279 DSA  es
  12 ?  4096/0x9893C549 RSA  es
  13 ?  4096/0xA28E2773 RSA  es
  14 +  4096/0xA3649EC3 RSA  es
  15 ?  2048/0xCB5D9718 DSA  es
  16 ?  4096/0xD93E98FC RSA  es
  17 ?  1024/0xF0D6B1E0 DSA  es
  18 +  4096/0xA3649EC3 RSA  es Name Name 
[ about 20 other keys with names and email adresses]

Some of the keys are missing, although gpg --list-keys clearly shows that they
are there. The above shown keys also seems to be duplicates of the keys listed
with names and email addresses.

The sourced gpg.rc looks like this:

set pgp_decode_command="gpg %?p?--passphrase-fd 0? --no-verbose --batch 
--output - %f"
set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - 
%f"
set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 
--armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 
0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose 
--output - --encrypt --textmode --armor --always-trust --encrypt-to 0xXXX 
-- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet 
--no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor 
--always-trust --encrypt-to 0xC9C40C31 -- -r %r -- %f"
set pgp_import_command="gpg --no-verbose --import -v %f"
set pgp_export_command="gpg --no-verbose --export --armor %r"
set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs 
%r"
set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons 
--list-keys %r" 
set pgp_list_secring_command="gpg --no-verbose --batch --with-colons 
--list-secret-keys %r" 
set pgp_timeout=1800
set pgp_good_sign="^gpg: Good signature from"

Does anybody know whats going on here? Why are some keys not listed, though
they exist?

Thanks,
Heinz.

Re: attach public GPG key by default?

[Heinz Diehl]

On 14.03.2015, Peter P. wrote: 

> how can I configure mutt to always attach my public GPG key to signed
> messages without manually having to ESC-k and selecting the correct key?

Besides exploring mutts macro functionality already mentioned in this thread,
it could be an idea to copy your pubkey to a website and linking to it in the
footer of your mails. And there's also the possibility to add an OpenPGP header
to all your mails.

This is what I use in .muttrc:
my_hdr OpenPGP: id=60F4A92C\; url=http://www.fritha.org/htd.asc\; 
preference\=signencrypt

Re: attach public GPG key by default?

[David Champion]

* On 17 Mar 2015, Will Yardley wrote: 
> 
> I've seen other mail clients (Evolution, I think) send the public key
> with every message, but seems a bit of a wste of bndwdth to me. Just put
> a link to your key (or your key-id and keyserver address) in your sig.

+1, if even that.  Don't all mail readers with basic PGP support have
the ability to query keyservers for unknown keys automatically?

-- 
David Champion • d...@bikeshed.us

Re: attach public GPG key by default?

[Will Yardley]

On Tue, Mar 17, 2015 at 08:11:59PM -0500, Chris Sussmann wrote:
> * Peter P.  wrote:
> > * Francesco Ariis  [2015-03-14 19:58]:

> > > > how can I configure mutt to always attach my public GPG key to
> > > > signed messages without manually having to ESC-k and selecting
> > > > the correct key?

> > > Maybe a macro [1] (exploiting ) could do?  Have you
> > > considered uploading your key to a pgp keyserver? In my opinion it
> > > is a more reliable and sensible way to share your public key.

> > Thanks Francesco, it is good to know now that such a thing does not
> > exist by default. Of course keyservers (or even better, multiple
> > publication paths in parallel) are a viable option.
> 
> I use this line in my .muttrc
> 
> set pgp_autosign=yes

That doesn't send the key by default; it just signs messages by default.

I've seen other mail clients (Evolution, I think) send the public key
with every message, but seems a bit of a wste of bndwdth to me. Just put
a link to your key (or your key-id and keyserver address) in your sig.

w

Re: attach public GPG key by default?

[Chris Sussmann]

* Peter P.  wrote:

> * Francesco Ariis  [2015-03-14 19:58]:
> > On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote:
> > > how can I configure mutt to always attach my public GPG key to signed
> > > messages without manually having to ESC-k and selecting the correct key?
> > 
> > Maybe a macro [1] (exploiting ) could do?
> > Have you considered uploading your key to a pgp keyserver? In my opinion
> > it is a more reliable and sensible way to share your public key.
> 
> Thanks Francesco, it is good to know now that such a thing does not
> exist by default. Of course keyservers (or even better, multiple
> publication paths in parallel) are a viable option.
> 
> best,P

I use this line in my .muttrc

set pgp_autosign=yes

Cheers,

-- 
Chris Sussmann
chrissussmann.com


signature.asc
Description: Digital signature

Re: attach public GPG key by default?

[Peter P.]

* Francesco Ariis  [2015-03-14 19:58]:
> On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote:
> > how can I configure mutt to always attach my public GPG key to signed
> > messages without manually having to ESC-k and selecting the correct key?
> 
> Maybe a macro [1] (exploiting ) could do?
> Have you considered uploading your key to a pgp keyserver? In my opinion
> it is a more reliable and sensible way to share your public key.

Thanks Francesco, it is good to know now that such a thing does not
exist by default. Of course keyservers (or even better, multiple
publication paths in parallel) are a viable option.

best,P

Re: attach public GPG key by default?

[Francesco Ariis]

On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote:
> how can I configure mutt to always attach my public GPG key to signed
> messages without manually having to ESC-k and selecting the correct key?

Maybe a macro [1] (exploiting ) could do?
Have you considered uploading your key to a pgp keyserver? In my opinion
it is a more reliable and sensible way to share your public key.

[1] http://dev.mutt.org/trac/wiki/MuttGuide/Macros

attach public GPG key by default?

[Peter P.]

Hi list,

how can I configure mutt to always attach my public GPG key to signed
messages without manually having to ESC-k and selecting the correct key?

thank you,
P

Re: OT: help signing gpg key

[ssizarit]

On Mon, Jan 19, 2009 at 17:17, Alexander Dahl  wrote:
> Hi,
>
>> So I've gotten around to generating my own personal GPG key and
>> signing every mail with it. Problem is, I don't know anyone with gpg
>> or pgp, and want my key to be signed. If I understand correctly, this
>> should be done face to face? Or can someone on this list do it? I'm
>> fairly new to all of this and don't really know where to start.
>
> Kyle already mentioned local groups and I can recommend that too.
>
> Short additional information: the signing itself is done by everyone by
> himself at home but the verification of identity and fingerprints should
> be face2face! I tried to find some information on the GnuPG site, but
> the manual is not very detailed in this topic, so try your luck with the
> keysigning party howto, at least the part about the "why":
> http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
>
> I assume there is lot of additional information especially for beginners
> on the web, just try the search engine of your choice. ;-)

Thanks guys, I'll go check that out. If anyone here lives in vienna
(aut) and wants to meet for some intimate key-signing, mail me.

Cheers,
Meli

Re: OT: help signing gpg key

[Alexander Dahl]

Hi,

> So I've gotten around to generating my own personal GPG key and
> signing every mail with it. Problem is, I don't know anyone with gpg
> or pgp, and want my key to be signed. If I understand correctly, this
> should be done face to face? Or can someone on this list do it? I'm
> fairly new to all of this and don't really know where to start.

Kyle already mentioned local groups and I can recommend that too.

Short additional information: the signing itself is done by everyone by
himself at home but the verification of identity and fingerprints should
be face2face! I tried to find some information on the GnuPG site, but
the manual is not very detailed in this topic, so try your luck with the
keysigning party howto, at least the part about the "why":
http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html

I assume there is lot of additional information especially for beginners
on the web, just try the search engine of your choice. ;-)

Greets
Alex

-- 
* http://www.lespocky.de ***
Those who would give up essential Liberty, to purchase
a little temporary Safety, deserve neither Liberty nor Safety.
(Benjamin Franklin)



signature.asc
Description: OpenPGP digital signature

Re: OT: help signing gpg key

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Monday, January 19 at 03:21 PM, quoth ssiza...@gmail.com:
> So I've gotten around to generating my own personal GPG key and 
> signing every mail with it. Problem is, I don't know anyone with gpg 
> or pgp, and want my key to be signed. If I understand correctly, this 
> should be done face to face? Or can someone on this list do it? I'm 
> fairly new to all of this and don't really know where to start.

For the best security, it should generally be done face-to-face. The 
way this often works is that some group will hold a key-signing party. 
Find your local Linux Users Group or Unix Users Group; they may have 
something for you.

But if you can't get it signed, don't worry about it. It's still 
usable.

~Kyle
- -- 
The truth is rarely pure and never simple.
 -- Oscar Wilde
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iEYEARECAAYFAkl0krwACgkQBkIOoMqOI15tOACg5q2ccn/ytA4VT/V2M357ejyr
U/AAoN0llnmHHVebzxXiTiQoqoBf1gYT
=xtqk
-END PGP SIGNATURE-

OT: help signing gpg key

[ssizarit]

So I've gotten around to generating my own personal GPG key and
signing every mail with it. Problem is, I don't know anyone with gpg
or pgp, and want my key to be signed. If I understand correctly, this
should be done face to face? Or can someone on this list do it? I'm
fairly new to all of this and don't really know where to start.

Thanks,
Meli

Re: extract pgp/gpg key

[Todd Zullinger]

Joseph wrote:
> According to manual ^K (ctrl-shift-K) is for "extract-key" 
> when I tried it, I got:
> 
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> Press any key to continue...   
> 
> The message was pgp signed.

The keys aren't transmitted with each signed message in the OpenPGP
spec.  The extract-key function works when you have a key block in the
message.  You can attach a key to a message using the attach-key
function from the compose menu (k by default).

-- 
ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~
Neuroses are red,
Melancholia's blue.
I'm schizophrenic,
What are you?



pgprd7e1wRdbj.pgp
Description: PGP signature

extract pgp/gpg key

[Joseph]

According to manual ^K (ctrl-shift-K) is for "extract-key" 
when I tried it, I got:

gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
Press any key to continue...   

The message was pgp signed.

-- 
#Joseph
GPG KeyID: ED0E1FB7

Re: How to activate a given GPG key through a macro...

[promulgato]

On Mon, Sep 24, 2007 at 10:59:05PM -0500, Kyle Wheeler wrote:
> ...

Thank you very much for your help... Now everything works
right. I have greatly appreciated your input.

Franz

Re: How to activate a given GPG key through a macro...

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tuesday, September 25 at 01:16 AM, quoth P.M.:
>Should I set "set pgp_ignore_subkeys=" to "no" (default is "yes"), or 
>it does not matter here?

Only unset it if you really need to (i.e. you find that mutt 
misbehaves otherwise). *Most* folks should ignore that setting.

>How is "user" determined? By the "from" field, or what
>else?

If you haven't set pgp_sign_as, then yes, the return address (and from 
field) is what mutt uses.

>In the case of an email address that does not have a
>pgp key, how do I tell mutt NOT to use pgp at all for
>this particular identity?

On a per-message basis, you can change it, of course. To have it 
happen automatically, I'd unset pgp_autosign (and similar) in your 
macro, or `push` the commands to unset it on the compose screen. You 
can even do it in a send hook. Here's what I do:

send-hook '~G !^%C pgp' 'push f'

~Kyle
- -- 
A little song, a little dance, a little seltzer down your pants.
  -- Chuckles the Clown
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iD8DBQFG+IeJBkIOoMqOI14RAp95AJ4i+eQdXwR81mGQwwXndtOu1yUcHQCfU/bz
ntNVfBdDvCvSeFkQlzNnev4=
=wtq1
-END PGP SIGNATURE-

Re: How to activate a given GPG key through a macro...

[P.M.]

--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb:

OK, I've applied the conditional version:

set pgp_encrypt_only_command="pgpewrap gpg --batch
--quiet --no-verbose --output - --encrypt --textmode
--armor --always-trust %?a? --encrypt-to %a? -- -r %r
-- %f"
set pgp_encrypt_sign_command="pgpewrap gpg
--passphrase-fd 0 --batch --quiet --no-verbose
--textmode --output - --encrypt --sign %?a?-u %a?
--armor --always-trust %?a?--encrypt-to %a? -- -r %r
-- %f"

and it works perfectly, as expected. THANKS!!!

Though, when leaving the "pgp_sign_as=" empty, it
still reverts to default pgp key instead of not
applying pgp at all to that identity (intended
behavior), even when I modify the "set
pgp_sign_command=" line to: 

set pgp_sign_command="gpg --no-verbose --batch
--output - --passphrase-fd 0 --armor --detach-sign
--textmode %?a? %a? %f"

(which last part I very likely misunderstood)

Franz


  __  
Yahoo! Clever: Sie haben Fragen? Yahoo! Nutzer antworten Ihnen. 
www.yahoo.de/clever

Re: How to activate a given GPG key through a macro...

[P.M.]

--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb:

> Hopefully, you see what I'm saying...

It's definitely much clearer now, and it's time for me
to apply your advice and experiment with it... I think
I've got it now.

A few quick questions before closing, if you will...

Should I set "set pgp_ignore_subkeys=" to "no"
(default is "yes"), or it does not matter here?
How is "user" determined? By the "from" field, or what
else?
In the case of an email address that does not have a
pgp key, how do I tell mutt NOT to use pgp at all for
this particular identity?

After those are answered, I should be all set. 

Thanks,
Franz


  Wissenswertes zum Thema PC, Zubehör oder Programme. BE A BETTER 
INTERNET-GURU!  www.yahoo.de/clever

Re: How to activate a given GPG key through a macro...

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Monday, September 24 at 10:03 PM, quoth P.M.:
>> Eh? That wouldn't do anything at all in a muttrc, that I'm aware 
>> of, and *should* cause mutt to complain. Under what context is that 
>> in your muttrc---is it in the middle of a variable setting or 
>> something?
>
> These are the two instances I was referring to, been 
> that way a long time and mutt has never complained:

Okay. The way to modify them to use %a in a straightforward way is 
this:

set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet 
  --no-verbose --output - --encrypt --textmode --armor --always-trust 
  --encrypt-to %a -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch 
  --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u 
  %a? --armor --always-trust --encrypt-to %a -- -r %r -- %f"

If you want to make them more flexible, you can use conditionals:

set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet 
  --no-verbose --output - --encrypt --textmode --armor --always-trust 
  %?a?--encrypt-to %a? -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch 
  --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u 
  %a? --armor --always-trust %?a?--encrypt-to %a? -- -r %r -- %f"

> So you say I should set the "--encrypt-to" in those two instances to 
> "%a?" and the "set pgp_sign_as=" to "%?a?-u %a?" (quoted or 
> unquoted?)... Please confirm and I'll go ahead with it.

No, you're not understanding me. The "%a", when used in a 
$pgp_*_command variable (namely $pgp_encrypt_only_command, 
$pgp_encrypt_sign_command, $pgp_sign_command, $pgp_decode_command, 
$pgp_decrypt_command, and $pgp_clearsign_command) gets replaced with 
the contents of the $pgp_sign_as variable.

Thus, if you have this:

set pgp_sign_as=foo
set pgp_sign_command="gpg %a"

Then when needed, $pgp_sign_command will be treated as if it had been  
set to "gpg foo". So, if you do this:

set pgp_sign_as=0x31577172
set pgp_sign_command="gpg --encrypt-to %a"

Then, when $pgp_sign_command is needed, mutt will treat it as if it 
had been set to "gpg --encrypt-to 0x31577172". If you want to make it 
able to handle the following situation:

unset pgp_sign_as

...then you'd need to rewrite it like this:

set pgp_sign_command="gpg %?a?--encrypt-to %a?"

In which case, if $pgp_sign_as is empty, $pgp_sign_command will be 
interpreted as "gpg ", but if $pgp_sign_as is set to something (say, 
"foo"), will be interpreted as "gpg --encrypt-to foo".

%a is NOT a "magic" token to magically read your mind and figure out 
what key you should be using to sign things. Thus, the following makes 
no sense:

set pgp_sign_as="%a"

That would be akin to doing this:

set pgp_sign_as="$pgp_sign_as"

Hopefully, you see what I'm saying...

> With my previous setup, then, I was erroneously encrypting/signing 
> with my public key?!?

Probably not. What makes you think that?

> Here is the whole of my pgp section... Please let me know what else 
> I messed up and should now change...

That all looks fine.

~Kyle
- -- 
In all matters of opinion, our adversaries are insane.
 -- Oscar Wilde
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iD8DBQFG+DhJBkIOoMqOI14RAmtwAJ9oqP5s0osmrmUtAjPe+OYHRJRiZwCfal6V
DlnExN6TOvcYe7xCpwsfSvM=
=euge
-END PGP SIGNATURE-

Re: How to activate a given GPG key through a macro...

[P.M.]

--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb:

Thank you, it is much appreciated.

> > Now, the code "set pgp --encrypt-to=0x31577172"
> occurs twice in the 
> > pgp section of my .muttrc. Within this scheme, do
> I need to include 
> > that too in the macro??
> 
> Eh? That wouldn't do anything at all in a muttrc,
> that I'm aware of, 
> and *should* cause mutt to complain. Under what
> context is that in 
> your muttrc---is it in the middle of a variable
> setting or something?

These are the two instances I was referring to, been
that way a long time and mutt has never complained:

set pgp_encrypt_only_command="pgpewrap gpg --batch
--quiet --no-verbose --output - --encrypt --textmode
--armor --always-trust --encrypt-to 0x31577172 -- -r
%r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg
--passphrase-fd 0 --batch --quiet --no-verbose
--textmode --output - --encrypt --sign %?a?-u %a?
--armor --always-trust --encrypt-to 0x31577172 -- -r
%r -- %f"

> > It makes perfect sense, thanks again for
> explaining it so clearly. 
> > Fantastic, then, so I just need to replace
> "0x31577172" at each 
> > occurrence in the .muttrc with "%?a?-u %a?"... 
> 
> Not exactly, but close. Here's an example from my
> muttrc (more or 
> less), to demonstrate how it's used. Pay close
> attention to what gets 
> replaced:
> 
> set pgp_encrypt_sign_command="pgpewrap gpg
> %?a?--encrypt-to %a? --charset utf-8 --force-mdc
> %?p?--passphrase-fd 0? --batch --quiet --no-verbose
> --textmode --output - --encrypt --sign %?a?-u %a?
> --armor --always-trust -- -r %r -- %f"
> 
> When that is actually executed (assuming I send a
> message to you, for 
> example, mutt will interpret that command to be:
> 
> pgpewrap gpg --encrypt-to 0xCA8E235E --charset utf-8
> --force-mdc 
> - --batch --quiet --no-verbose --textmode --output -
> --encrypt --sign -u 
> 0xCA8E235E --armor --always-trust -- -r 0x31577172
> -- 
> /tmp/mutt-tunican-501-8500-1097
> 
> See how that works?
> 
> But yes, then the command will always refer to the
> correct key ID's, 
> no matter what you've set that key ID to be, without
> having to reset 
> the pgp command yourself.

So you say I should set the "--encrypt-to" in those
two instances to "%a?" and the "set pgp_sign_as=" to
"%?a?-u %a?" (quoted or unquoted?)...
Please confirm and I'll go ahead with it.

With my previous setup, then, I was erroneously
encrypting/signing with my public key?!?

Here is the whole of my pgp section... Please let me
know what else I messed up and should now change...

set pgp_decode_command="gpg %?p?--passphrase-fd 0?
--no-verbose --batch --output - %f"
set pgp_verify_command="gpg --no-verbose --batch
--output - --verify %s %f"
set pgp_decrypt_command="gpg --passphrase-fd 0
--no-verbose --batch --output - %f"
set pgp_sign_command="gpg --no-verbose --batch
--output - --passphrase-fd 0 --armor --detach-sign
--textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --no-verbose --batch
--output - --passphrase-fd 0 --armor --textmode
--clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command="pgpewrap gpg --batch
--quiet --no-verbose --output - --encrypt --textmode
--armor --always-trust --encrypt-to 0x31577172 -- -r
%r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg
--passphrase-fd 0 --batch --quiet --no-verbose
--textmode --output - --encrypt --sign %?a?-u %a?
--armor --always-trust --encrypt-to 0x31577172 -- -r
%r -- %f"
set pgp_import_command="gpg --no-verbose --import -v
%f"
set pgp_export_command="gpg --no-verbose --export
--armor %r"
set pgp_verify_key_command="gpg --no-verbose --batch
--fingerprint --check-sigs %r"
set pgp_list_pubring_command="gpg --no-verbose --batch
--with-colons --list-keys %r" 
set pgp_list_secring_command="gpg --no-verbose --batch
--with-colons --list-secret-keys %r" 
set pgp_autosign=yes   #Always attempt to  sign
outgoing messsage
set pgp_sign_as=0x31577172
#set pgp_autoencrypt=no  #Always attempt to  PGP/MIME
encrypt outgoing message
##set
pgp_encryptself=yes 
#set pgp_replysign=yes   #Sign replies to messages
which are signed
set pgp_replyencrypt=yes  #Encrypt replies to messages
which are encrypted
set pgp_replysignencrypted=yes #Sign replies to
messages which are encrypted
set pgp_verify_sig=yes
set pgp_timeout=1800  #Seconds after which a cached
passphrase expires if not used
#set pgp_strict_enc=yes  #Encode PGP/MIME signed
messages as quoted-printable
set pgp_good_sign="^gpg: Good signature from"

Thank you again very much for your kind help.

Franz




  __  
Yahoo! Clever: Sie haben Fragen? Yahoo! Nutzer antworten Ihnen. 
www.yahoo.de/clever

Re: How to activate a given GPG key through a macro...

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Monday, September 24 at 08:03 AM, quoth [EMAIL PROTECTED]:
> Thank you for taking the time to explain...

You're quite welcome.

> Here's what I currently have:
>
> macro generic "2" "set [EMAIL PROTECTED] 
> hostname=yahoo.de realname=my_hdr Bcc: 
> <[EMAIL PROTECTED]> my_hdr X-PGP-Key:"

Ah, then this would be sufficient:

macro generic "2" " set [EMAIL PROTECTED] hostname=yahoo.de 
realname= pgp_sign_as=0x31577172 my_hdr Bcc: <[EMAIL 
PROTECTED]>"

Which is pretty close to what you had, but not exact.

> Now, the code "set pgp --encrypt-to=0x31577172" occurs twice in the 
> pgp section of my .muttrc. Within this scheme, do I need to include 
> that too in the macro??

Eh? That wouldn't do anything at all in a muttrc, that I'm aware of, 
and *should* cause mutt to complain. Under what context is that in 
your muttrc---is it in the middle of a variable setting or something?

> It makes perfect sense, thanks again for explaining it so clearly. 
> Fantastic, then, so I just need to replace "0x31577172" at each 
> occurrence in the .muttrc with "%?a?-u %a?"... 

Not exactly, but close. Here's an example from my muttrc (more or 
less), to demonstrate how it's used. Pay close attention to what gets 
replaced:

set pgp_encrypt_sign_command="pgpewrap gpg %?a?--encrypt-to %a? --charset utf-8 
--force-mdc %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode 
--output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"

When that is actually executed (assuming I send a message to you, for 
example, mutt will interpret that command to be:

pgpewrap gpg --encrypt-to 0xCA8E235E --charset utf-8 --force-mdc 
- --batch --quiet --no-verbose --textmode --output - --encrypt --sign -u 
0xCA8E235E --armor --always-trust -- -r 0x31577172 -- 
/tmp/mutt-tunican-501-8500-1097

See how that works?

But yes, then the command will always refer to the correct key ID's, 
no matter what you've set that key ID to be, without having to reset 
the pgp command yourself.

~Kyle
- -- 
Whenever you have an efficient government, you have a dictatorship.
  -- Harry Truman, lecturing at Columbia University, April 28, 1959
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iD8DBQFG9+KxBkIOoMqOI14RAlbpAJ4wzvoihFBC4WhHUCo+qW7Pulo+ggCgvmSr
Qy1qeMGvc0kzjMpEIB/ka9Q=
=9ZmT
-END PGP SIGNATURE-

Re: How to activate a given GPG key through a macro...

[promulgato]

Thank you for taking the time to explain...

On Sun, Sep 23, 2007 at 10:35:39PM -0500, Kyle Wheeler wrote:

> Here's how you'd set it in a macro:
> 
> macro index m 'set pgp_sign_as=0x31577172'
>
> I can mix that into your existing send-mail macro if you include 
> that in your message.

Here's what I currently have:

macro generic "2" "set [EMAIL PROTECTED] 
hostname=yahoo.de realname=my_hdr Bcc: 
<[EMAIL PROTECTED]> my_hdr X-PGP-Key:"

which, following your suggestion, would become:

macro generic "2" "set pgp_sign_as=0x31577172
<[EMAIL PROTECTED]>set [EMAIL PROTECTED] 
hostname=yahoo.de realname=my_hdr Bcc: 
<[EMAIL PROTECTED]> my_hdr X-PGP-Key:"

Is this correct?

Now, the code "set pgp --encrypt-to=0x31577172" occurs twice in the
pgp section of my .muttrc. Within this scheme, do I need to include 
that too in the macro??
 
> Many mutt string variables that support formatting strings (such as 
> %a) also support conditional formatting strings. Generally, if you 
> include %a in a pgp command variable, it will be replaced by the 
> sender of the email (e.g. [EMAIL PROTECTED], or whatever you've 
> configured your pgp_sign_as to be). Thus, if you always set 
> pgp_sign_as to something, you can put "-u %a" into your pgp command 
> string (according to the gpg manual, -u means "sign as this user") and 
> when "-u %a" is parsed by mutt, it becomes "-u [EMAIL PROTECTED]", or 
> something similar. Now then, to be generic, to take care of situations 
> when pgp_sign_as may not be set to anything, we have a conditional. A 
> conditional format string is in the format "%? formatletter ? iftrue ?", 
> in other words, the string "%?a?foo?" means "if %a would produce 
> anything, then use 'foo', otherwise ignore this". So, "%?a?-u %a?" 
> means "if %a is would produce anything, then use '-u %a'".
> 
> Does that make sense?

It makes perfect sense, thanks again for explaining it so clearly.
Fantastic, then, so I just need to replace "0x31577172" at each
occurrence in the .muttrc with "%?a?-u %a?"... with no further need 
to modify the macro sequences, as this string automatically points 
to the correct gpg key belonging to the current user (which user is
selected as needed through the old macro sequences, unmodified...)

Correct? If affirmative, it is an extremely elegant fix indeed...

Franz

pgpLXdatVLASc.pgp
Description: PGP signature

Re: How to activate a given GPG key through a macro...

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Monday, September 24 at 12:50 AM, quoth P.M.:
> Thank you very much for your reply.

You're quite welcome.

> I apologize for not being too quick in grasping the advice  you just 
> gave - being very new to this stuff - so please be patient with 
> me...

No problem.

> set pgp_sign_as=0x31577172
> set pgp --encrypt-to=0x31577172
>
> What would seem elegant to me is to replace those key 
> values with a $VARIABLE that can be changed on the fly 
> by changing a single value in the macro sequences I 
> use to change return address, hostname, realname, Bcc 
> field, etc. for each email address I have.

No, that would be silly. $pgp_sign_as *is* a variable that can be 
changed on the fly, so adding another one would be an extra 
redirection.

Here's how you'd set it in a macro:

macro index m 'set pgp_sign_as=0x31577172'

I can mix that into your existing send-mail macro if you include 
that in your message.

>> No, but you need to have the sign-as included in 
>> your pgp_*_command 
>> settings. For example, my pgp_encrypt_sign_command 
>> includes:
>> 
>>  %?a?-u %a?
>
> You lost me there... how that works goes beyond what I 
> am able to grasp at this time... 

Many mutt string variables that support formatting strings (such as 
%a) also support conditional formatting strings. Generally, if you 
include %a in a pgp command variable, it will be replaced by the 
sender of the email (e.g. [EMAIL PROTECTED], or whatever you've 
configured your pgp_sign_as to be). Thus, if you always set 
pgp_sign_as to something, you can put "-u %a" into your pgp command 
string (according to the gpg manual, -u means "sign as this user") and 
when "-u %a" is parsed by mutt, it becomes "-u [EMAIL PROTECTED]", or 
something similar. Now then, to be generic, to take care of situations 
when pgp_sign_as may not be set to anything, we have a conditional. A 
conditional format string is in the format "%? formatletter ? iftrue ?", 
in other words, the string "%?a?foo?" means "if %a would produce 
anything, then use 'foo', otherwise ignore this". So, "%?a?-u %a?" 
means "if %a is would produce anything, then use '-u %a'".

Does that make sense?

~Kyle
- -- 
Preach the Gospel at all times and when necessary use words.
   -- St. Francis of Assisi
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iD8DBQFG9zCKBkIOoMqOI14RAvs+AJwNDn598wJtfVK26zPPMVxj+Xfa+QCfSnsz
U4Sza0dirByTz0528j2ZNwQ=
=yG1E
-END PGP SIGNATURE-

Re: How to activate a given GPG key through a macro...

[P.M.]

--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb:

Thank you very much for your reply.

I apologize for not being too quick in grasping the
advice  you just gave - being very new to this stuff -
so please be patient with me...

> There are several ways to do it. You could include
> the command to 
> change pgp_sign_as in the macro that you use to
> change your return 
> address, or you could set it in send-hooks. Depends
> on which seems 
> more elegant to you.

The only pgp references to a specific key value that I
currently have in my .muttrc (which works perfectly
with the current one-key setup) are as follows:

set pgp_sign_as=0x31577172
set pgp --encrypt-to=0x31577172

What would seem elegant to me is to replace those key
values with a $VARIABLE that can be changed on the fly
by changing a single value in the macro sequences I
use to change return address, hostname, realname, Bcc
field, etc. for each email address I have.

As I said, I do not know how to specifically go about
it in my .muttrc... Would you give me an example of
exactly what code to put in the place of the current
key value (0x31577172) and in the macro sequence
(set="what_do_I_put_here?") to make it work?

> No, but you need to have the sign-as included in
> your pgp_*_command 
> settings. For example, my pgp_encrypt_sign_command
> includes:
> 
>  %?a?-u %a?

You lost me there... how that works goes beyond what I
am able to grasp at this time... 

Franz



  Wissenswertes zum Thema PC, Zubehör oder Programme. BE A BETTER 
INTERNET-GURU!  www.yahoo.de/clever

Re: How to activate a given GPG key through a macro...

[Kyle Wheeler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sunday, September 23 at 10:41 PM, quoth P.M.:
>I have a few gpg keys corresponding to a few different
>email addresses. When sending out mail within Mutt, I
>choose which address to make active through a macro
>key. So I am wondering how can I also include a
>command within each macro that activates the gpg key
>relative to that email address.
>
>This way, I would just assign a variable to the
>various pgp entries in my .muttrc, for instance:
>
>set pgp_sign_as=$UID
>set pgp --encryption-to=$UID
>and so forth
>
>and then assign the value of $UID each time I need to
>switch through a single command (added to the macro
>sequence activating a particular address), eg:
>
>set UID=0xD214
>
>The problem is, I do not know how to do this properly
>within Mutt. How do I do it???

There are several ways to do it. You could include the command to 
change pgp_sign_as in the macro that you use to change your return 
address, or you could set it in send-hooks. Depends on which seems 
more elegant to you.

>Also, is it necessary to run the command, 'pgp
>--local-user ' each time I switch to a different
>gpg key, or the abovementioned setup will suffice?

No, but you need to have the sign-as included in your pgp_*_command 
settings. For example, my pgp_encrypt_sign_command includes:

 %?a?-u %a?

What that does is makes sure that my gpg is told to sign with whatever 
key I have set as pgp_sign_as.

~Kyle
- -- 
We must not confuse dissent with disloyalty. When the loyal opposition 
dies, I think the soul of America dies with it.
-- Edward R. Murrow
-BEGIN PGP SIGNATURE-
Comment: Thank you for using encryption!

iD8DBQFG9uFnBkIOoMqOI14RAnuoAJ9KPWfdNRHRmppudvze7acsz52tUQCfRWes
Dz0QdSBDl6gvmyk9JyKBZWI=
=xJao
-END PGP SIGNATURE-

How to activate a given GPG key through a macro...

[P.M.]

I've searched the net, the manual and various How-To's
and not found this information anywhere.

I have a few gpg keys corresponding to a few different
email addresses. When sending out mail within Mutt, I
choose which address to make active through a macro
key. So I am wondering how can I also include a
command within each macro that activates the gpg key
relative to that email address.

This way, I would just assign a variable to the
various pgp entries in my .muttrc, for instance:

set pgp_sign_as=$UID
set pgp --encryption-to=$UID
and so forth

and then assign the value of $UID each time I need to
switch through a single command (added to the macro
sequence activating a particular address), eg:

set UID=0xD214

The problem is, I do not know how to do this properly
within Mutt. How do I do it???
Also, is it necessary to run the command, 'pgp
--local-user ' each time I switch to a different
gpg key, or the abovementioned setup will suffice?

By the way, I run Mutt 1.4.2.3 (not right now, I'm
writing this from my GF's laptop, while she's
sleeping... :))

Thanks so much,
Franz


  Jetzt Mails schnell in einem Vorschaufenster überfliegen. Dies und viel 
mehr bietet das neue Yahoo! Mail - www.yahoo.de/mail

Re: gpg-key probs

[Rocco Rutte]

Hi,

* Rob 'Feztaa' Park [04/02/02 01:12:14] wrote:
> Alas! Rocco Rutte spake thus:
> > On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote:
> > > begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at
> > > 11:02:23PM +0200:
> > > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote:
> > > ^
> > > Is that a stylistic choice, or is your config broken?
> >
> > Config broken... I'll try to figure out what exactly is going wrong
> > since it's working now without any change...

> Well, isn't "Aw" the German equivalent of "Re"?

It's a term that some German versions of broken pieces of software use
as default.

> Looks like something is
> going through and making all your Aw's are actually Re's, but only on
> that one message...

Yeah, that was the reason. I just changed the right pattern to a wrong
one allthough I wanted to change a wrong to a right one. That's why I
thought I didn't change anything. But it should do now.

Cheers, Rocco.



msg26531/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Rob 'Feztaa' Park]

--uh9ZiVrAOUUm9fzH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Alas! Rocco Rutte spake thus:
> On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote:
> > begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at
> > 11:02:23PM +0200:
> > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote:
> > ^
> > Is that a stylistic choice, or is your config broken?
>
> Config broken... I'll try to figure out what exactly is going wrong
> since it's working now without any change...

Well, isn't "Aw" the German equivalent of "Re"? Looks like something is
going through and making all your Aw's are actually Re's, but only on
that one message...

--=20
Rob 'Feztaa' Park
[EMAIL PROTECTED]
--
For certain people, after fifty, litigation takes the place of sex.
-- Gore Vidal

--uh9ZiVrAOUUm9fzH
Content-Type: application/pgp-signature
Content-Disposition: inline

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8qOlOPTh2iSBKeccRAr+8AJ9WH9PKxTKT/5a8nR/ir1Mh6QfL1QCfRbSD
ZIhhrdozZMBwLNDy5ox8mDQ=
=Nlx4
-END PGP SIGNATURE-

--uh9ZiVrAOUUm9fzH--

Re: gpg-key probs

[Rocco Rutte]

Hi,

On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote:
> begin  quoting what Rocco Rutte said on Mon, Apr 01, 2002 at 11:02:23PM +0200:
> > Hi,
> > 
> > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote:
> ^

> Is that a stylistic choice, or is your config broken?

Config broken... I'll try to figure out what exactly is going wrong
since it's working now without any change...

Cheers, Rocco.



msg26508/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Shawn McMahon]

begin  quoting what Rocco Rutte said on Mon, Apr 01, 2002 at 11:02:23PM +0200:
> Hi,
> 
> On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote:
^

Is that a stylistic choice, or is your config broken?




msg26501/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Rocco Rutte]

Hi,

On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote:
> begin  quoting what Rocco Rutte said on Thu, Mar 28, 2002 at 11:25:20PM +0100:
> > ... but it doesn't help at all if people don't submit their key because
> > of paranoia.

> What's most annoying are the folks who not only don't submit their
> key, but they also don't put it on their web page, or they don't
> put a link in their sigline.

I don't care about that unless they don't sign anything. I always got
the keys upon request.

If they were absolutely consequent they would have to stop using their
own key because it may be stored on a much more untrusted server than a
keyserver, IMHO. The most secure way is to carry a disc with the keys
from A to B to have absolute control of the carrier...

Cheers, Rocco.



msg26500/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Shawn McMahon]

begin  quoting what Rocco Rutte said on Thu, Mar 28, 2002 at 11:25:20PM +0100:
> 
> ... but it doesn't help at all if people don't submit their key because
> of paranoia.

What's most annoying are the folks who not only don't submit their
key, but they also don't put it on their web page, or they don't
put a link in their sigline.

I know one person who has a demonstrated abundance of clue, but his
sigline says "finger [EMAIL PROTECTED] for my public key", but foo.bar
doesn't accept finger...




msg26493/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Rocco Rutte]

Hi,

On Thu, Mar 28, 2002 at 04:14:23:PM -0500 David T-G wrote:
> ...and then Shawn McMahon said...
> % There's more than one keyserver network.

> So it seems.

> Are there just one or two, or are there a bunch, or does anyone really
> know?  Do the servers in a given network synchronize with each other, or
> do even they have problems?

There are a few, I guess. It would not make sence to not share the key
database as much as possible. Imagine, a keyserver with a non-shared
database is suddenly not available anymore.

... but it doesn't help at all if people don't submit their key because
of paranoia.

Rocco



msg26484/pgp0.pgp
Description: PGP signature

Re: gpg-key probs

[Rocco Rutte]

Hi,

On Thu, Mar 28, 2002 at 04:14:23:PM -0500 David T-G wrote:
> Are there just one or two, or are there a bunch, or does anyone really
> know?  Do the servers in a given network synchronize with each other, or
> do even they have problems?


,[ /home/pdmef/.gnupg/options ]-
|
| # Options for GnuPG
| # Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
| #
| [...]
| # GnuPG can import a key from a HKP keyerver if one is missing
| # for certain operations. Is you set this option to a keyserver
| # you will be asked in such a case whether GnuPG should try to
| # import the key from that server (server do syncronize with each
| # other and DNS Round-Robin may give you a random server each time).
| # Use "host -l pgp.net | grep www" to figure out a keyserver.
| #
| # If you do not want to use the default port 11371, you can give the
| # name of the keyserver like this:
| #   x-hkp://keyserver.example.net:22742
| # If you have problems connecting through a buggy proxy, you can use this:
| #   x-broken-hkp://keyserver.example.net:11371
| # But first you should make sure that you have read the man page regarding
| # proxies (--honor-http-proxy)
| # Most users just set the name of the preferred keyserver.
| keyserver blackhole.pca.dfn.de
|
`-

Cheers, Rocco.



msg26406/pgp0.pgp
Description: PGP signature

Re: gpg-key probs (Was: Re: Tag or delete...)

[Shawn McMahon]

begin  quoting what David T-G said on Thu, Mar 28, 2002 at 04:14:23PM -0500:
> 
> Are there just one or two, or are there a bunch, or does anyone really
> know?  Do the servers in a given network synchronize with each other, or
> do even they have problems?

I think there are a few, and some of them synchronize with others.

Beyond that, I dunno.

Generally they're clustered around a given piece of keyserver software,
so you can probably track them somewhat that way.




msg26372/pgp0.pgp
Description: PGP signature

Re: gpg-key probs (Was: Re: Tag or delete...)

[David T-G]

Shawn, et al --

...and then Shawn McMahon said...
% 
% begin  quoting what Martin Karlsson said on Thu, Mar 28, 2002 at 12:36:32PM +0100:
% > > 
% > And I get the same as David. I use 'keyserver pgp.mit.edu'.
% > But you should only have to upload to _one_ keyserver, right?
% 
% There's more than one keyserver network.

So it seems.

Are there just one or two, or are there a bunch, or does anyone really
know?  Do the servers in a given network synchronize with each other, or
do even they have problems?

I have this huge list of keyservers in my options file and it would be
nice to *know* that I could prune it down to one per network and go from
there, assuming I know which machines are in which networks.  Since gpg
doesn't offer any simple way to rotate or fall through key servers, the
list I have is hardly helpful, either.


TIA & HAND

:-D
-- 
David T-G  * It's easier to fight for one's principles
(play) [EMAIL PROTECTED] * than to live up to them. -- fortune cookie
(work) [EMAIL PROTECTED]
http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg!




msg26370/pgp0.pgp
Description: PGP signature

Re: gpg-key probs (Was: Re: Tag or delete...)

[Shawn McMahon]

begin  quoting what Martin Karlsson said on Thu, Mar 28, 2002 at 12:36:32PM +0100:
> > 
> And I get the same as David. I use 'keyserver pgp.mit.edu'.
> But you should only have to upload to _one_ keyserver, right?

There's more than one keyserver network.

However, it's easier to ask somebody what server they use, and then
figure out what network it's on, than to ask them what network it's on.

They can get the answer to the one question from their options file; the
other requires clue.  Not saying anyone involved in this discussion
doesn't have clue, just saying the general case.




msg26368/pgp0.pgp
Description: PGP signature

gpg-key probs (Was: Re: Tag or delete...)

[Martin Karlsson]

* John Buttery <[EMAIL PROTECTED]> [2002-03-28 04.07 GMT -0600]:
[...snip...]
>   That's odd, I get the same thing as Shawn:
> 
> gpg: Signature made Wed 27 Mar 2002 02:29:20 PM CST using DSA key ID 57C3430B
> gpg: requesting key 57C3430B from wwwkeys.us.pgp.net ...
> gpg: key 57C3430B: invalid subkey binding
> gpg: key 57C3430B: no valid user IDs

And I get the same as David. I use 'keyserver pgp.mit.edu'.
But you should only have to upload to _one_ keyserver, right?

As you said, John: odd.

regards,
-- 
Martin Karlsson



msg26349/pgp0.pgp
Description: PGP signature

Re: Add header for gpg key location

[Rob 'Feztaa' Park]

Alas! Nick Wilson spake thus:
> Hi aqain.
> Someone mentioned to me that you could add a header to mails giving the
> location of your gpg public key.
> 
> How is this done, or are there some useful docs on the topic?
> I figure I just create a page from the export-key func on my site and
> then point people to it?

You could do that with my_hdr (which is how I did the X-* headers on
this email), but I think it is much better to just submit your key to a
few popular keyservers for everybody else to download automatically :)

-- 
Rob 'Feztaa' Park
[EMAIL PROTECTED]
--
"Computers are useless. They can only give you answers."
-- Pablo Picasso



msg22372/pgp0.pgp
Description: PGP signature

Re: Add header for gpg key location

[Justin R. Miller]

Thus spake Nick Wilson ([EMAIL PROTECTED]):

> Someone mentioned to me that you could add a header to mails giving
> the location of your gpg public key.
> 
> How is this done, or are there some useful docs on the topic?

Here's what I have in my .muttrc:

my_hdr X-PGP-Key: 
http://pgp.dtype.org:11371/pks/lookup?op=get&search=0xC9C40C31

-- 
Justin R. Miller <[EMAIL PROTECTED]>
View my website at http://codesorcery.net
Please encrypt email using key 0xC9C40C31



msg22352/pgp0.pgp
Description: PGP signature

Add header for gpg key location

[Nick Wilson]

Hi aqain.
Someone mentioned to me that you could add a header to mails giving the
location of your gpg public key.

How is this done, or are there some useful docs on the topic?
I figure I just create a page from the export-key func on my site and
then point people to it?

Cheers
-- 

Nick Wilson

Tel:+45 3325 0688
Fax:+45 3325 0677
Web:www.explodingnet.com






msg22350/pgp0.pgp
Description: PGP signature

Re: gpg key: SOLVED

[Dale Morris]

* Dale Morris <[EMAIL PROTECTED]> [010618 14:17]:
> I am going to start using gpg (again) and I can't remember how to
> export the key to a keyserver, could someone tell me where I can find
> it? currently I'm using the following command and getting nowhere:
> 
> gpg --send-keys [EMAIL PROTECTED] www.MASTER.pgp.net.
> gpg: www.MASTER.pgp.net.: user not found: public key not found
> gpg: can't connect to `www.ch.pgp.net.': Connection refused
> 
> thanks

I had the wrong syntax, I've got it working now..

Here's *what worked*:
gpg --send-keys [EMAIL PROTECTED] keyserver wwwkeys.eu.pgp.net

Now I just need to learn a little more about encryption...


> 

gpg key

[Dale Morris]

I am going to start using gpg (again) and I can't remember how to
export the key to a keyserver, could someone tell me where I can find
it? currently I'm using the following command and getting nowhere:

gpg --send-keys [EMAIL PROTECTED] www.MASTER.pgp.net.
gpg: www.MASTER.pgp.net.: user not found: public key not found
gpg: can't connect to `www.ch.pgp.net.': Connection refused

thanks

Re: selecting gpg key

[Joshua Haberman]

* Dave Murray ([EMAIL PROTECTED]) wrote:
> BTW, have you PGP/GPG users seen this?:
>   http://cryptome.org/pgp-email-flaw.htm

Yes, and I'm not worried. The exploit requires that:

1. The attacker obtain your secret key.

2. The attacker must replace your secret key in its original location
   with a modified version

3. The attacker must have access to a message signed with the modified
   version of your secret key

Conventional wisdom says that once someone gets ahold of your secret
key, you're basically toast anyway. Once someone has your secret key,
the only thing keeping them from breaking the scheme entirely is a
passphrase which can be ruthlessly bruteforced anyway.

Joshua

-- 
Joshua Haberman<[EMAIL PROTECTED]>
University of Puget Sound<[EMAIL PROTECTED]>
http://www.reverberate.org   <[EMAIL PROTECTED]>

Re: selecting gpg key

[Horace G. Friend III]

Hi Dave,

I've seen the article about the PGP flaw. :(

Question is, where does that leave PGP/GPG users and the security
issues involved?

Cheers.

Horace


On Sun, Mar 25, 2001 at 12:40:29PM -0700, Dave Murray wrote:
> Horace G. Friend III wrote on mutt-users:
> > I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with
> > any that I choose by selecting the "save as" option. I am prompted for
> > which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and
> > I select the key by their keyid. I've also got the default signing key
> > in my muttrc set to DSS/ElGamal.
> > 
> > Can't think of what's wrong with your GnuPG unless something's wrong
> > with the muttrc config file.
> > 
> > Have you tried running GnuPG outside of Mutt?
> 
> Thanks Horace.  I've revoked my old PGP DSS & RSA keys and only
> use my GPG DSS/ElGamal keys now.  They were compatible, and I could
> select them.  My issue is sub keys, I went ahead and expired all but
> one.  I've decided that probably the best purpose for sub keys is
> for changing encryption keys while keeping the same signing key.
> Anyway, thanks again.
> 
> BTW, have you PGP/GPG users seen this?:
>   http://cryptome.org/pgp-email-flaw.htm
> 
> Dave

Re: selecting gpg key

[Dave Murray]

Horace G. Friend III wrote on mutt-users:
> I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with
> any that I choose by selecting the "save as" option. I am prompted for
> which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and
> I select the key by their keyid. I've also got the default signing key
> in my muttrc set to DSS/ElGamal.
> 
> Can't think of what's wrong with your GnuPG unless something's wrong
> with the muttrc config file.
> 
> Have you tried running GnuPG outside of Mutt?

Thanks Horace.  I've revoked my old PGP DSS & RSA keys and only
use my GPG DSS/ElGamal keys now.  They were compatible, and I could
select them.  My issue is sub keys, I went ahead and expired all but
one.  I've decided that probably the best purpose for sub keys is
for changing encryption keys while keeping the same signing key.
Anyway, thanks again.

BTW, have you PGP/GPG users seen this?:
  http://cryptome.org/pgp-email-flaw.htm

Dave

Re: selecting gpg key

[Horace G. Friend III]

Hi Dave,

I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with
any that I choose by selecting the "save as" option. I am prompted for
which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and
I select the key by their keyid. I've also got the default signing key
in my muttrc set to DSS/ElGamal.

Can't think of what's wrong with your GnuPG unless something's wrong
with the muttrc config file.

Have you tried running GnuPG outside of Mutt?

-- 
Horace G. Friend III
[EMAIL PROTECTED]
GnuPG DSA/ElGamal Key Fingerprint
9295 80C4 C723 621B 9C2D  B53E D432 7936 4CA9 8AD6orace

On Mon, Mar 19, 2001 at 10:56:01PM -0700, Dave Murray wrote:
> I encrypt with GPG it appears to give me a choice in which of my keys
> to use, but it always uses the shortest key for encryption, regardless
> of which one I chose.  Any ideas?
> 
> Regards,
> Dave

 PGP signature

selecting gpg key

[Dave Murray]

I encrypt with GPG it appears to give me a choice in which of my keys
to use, but it always uses the shortest key for encryption, regardless
of which one I chose.  Any ideas?

Regards,
Dave

Re: GPG Key Selection Problems

[Franz Gorkotte]

Hello!

On 2000-02-08 22:44:11 -0500, Adam Sherman wrote:
> My pgp_list_pubring_command is "gpg --no-verbose --batch --with-colons
> --list-keys %r".

> Mutt seems to have trouble with the output, it first wants me to
> select a key instead of using the 'pub' entry. Is my format wrong or
> is this a bug/feature?

It's a feature, I think.

The key may contain different subkeys for different purposes (sign only,
encrypt only or encrypt and sign). It could even be, that there are
subkeys for (real) strong encryption (8192 bit) and for "weak"
encryption (768 bit). Mutt lets you choose which key you actually want
to use.


Franz

GPG Key Selection Problems

[Adam Sherman]

Mutt 1.1.3, GPG 1.0.1


My pgp_list_pubring_command is "gpg --no-verbose --batch --with-colons
--list-keys %r".

Mutt seems to have trouble with the output, it first wants me to
select a key instead of using the 'pub' entry. Is my format wrong or
is this a bug/feature?

Thanks,

A.

-- 
Adam Sherman
<[EMAIL PROTECTED]>
+1 (613) 223-5746