Re: Line-wrapping the GPG key identity selection menu
On 2018-08-30, nunojsi...@ist.utl.pt wrote: > I've been sending GPG-encrypted e-mails with mutt, and I've noticed that > the key ID selection menu, the one that shows up when there is more than > one identity in a given recipient's key, is a bit too long for 80 > columns. > > This means that, when I send encrypted e-mails from an 80-column > terminal, at least with some GPG keys, I can't read the e-mail address > associated with each identity, as it goes beyond the 80th column. > > Is there any way to deal with this in mutt? An option to wrap long lines > in menus, or keybindings to scroll the menu left/right? I guess this applies to any menu with sufficiently long lines. Right now, in the message index, I am unable to see the entire message subject for some messages in an 80-column terminal. In this case I can open the message in the pager and see the subject there, but, out of curiosity, is there any other way to see the full subject, line-wrapped? But I start thinking what I really want is to be able to scroll left/right... -- Nuno Silva
Line-wrapping the GPG key identity selection menu
I've been sending GPG-encrypted e-mails with mutt, and I've noticed that the key ID selection menu, the one that shows up when there is more than one identity in a given recipient's key, is a bit too long for 80 columns. This means that, when I send encrypted e-mails from an 80-column terminal, at least with some GPG keys, I can't read the e-mail address associated with each identity, as it goes beyond the 80th column. Is there any way to deal with this in mutt? An option to wrap long lines in menus, or keybindings to scroll the menu left/right? -- TIA, Nuno Silva
Re: Why does mutt ask for a GPG key to use
On Thu, May 24, 2018 at 08:15:17PM +0100, Dominik Vogt wrote: > When I send a GPG-encrypted mail to, say "Foo Bar ", > and there is a public key for that address in the GPG keyring, > mutt still asks for a key to use for encryption. Can I tell mutt > to use the key matching the receiver address automatically? It depends on which question it's asking you. If it's asking which key to use then there may be multipole UIDs on the key for which it needs clarification or there may be multiple keys which match the UID that matches the address. This can be specified in advance with a crypt-hook. If you already use GPG group options iin gpg.conf, there's a script in the GPGME Python binding examples directory that will generate crypt-hooks from the gpg.conf automatically. In spite of its location, it does not require GPGME to run that script. Pretty much all the others in that directory do, but not that one (but it is in Python and it had to go somewhere). It's also possible that you may see a second question after the key has been selected asking if you;'re sure you want to encrypt to that key. That's a result of encrypting to a key which you haven'tt signed. The traditional method of dealing with this has always been to use a local signature that's not exportable. Alternatively changing the trust level on the key will do it or even changing the trust model for the entire program to "trust-model always". I tend to put all those rules into my gpg.conf file and these days save myself a world of grief by running the aforementioned script. Most of the time with just very rapid key presses on the "yes, I really want to encrypt" question, with a handful of local signatures (depending on the frequency of contact with the other party). Rrgards, Ben signature.asc Description: PGP signature
Why does mutt ask for a GPG key to use
When I send a GPG-encrypted mail to, say "Foo Bar ", and there is a public key for that address in the GPG keyring, mutt still asks for a key to use for encryption. Can I tell mutt to use the key matching the receiver address automatically? Ciao Dominik ^_^ ^_^ -- Dominik Vogt
GPG, key listing
Hi, when trying to encrypt a message in mutt, pressing "p" brings on the common pgp dialog: PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or (c)lear? Pressing "e" sets the "encrypt" flag. Then, when sending the mail, I'm asked to enter a key id. Now, when I hit "ENTER", the listing of my public key ring looks like this: 1 ? 2048/0x00411886 RSA es 2 ? 1024/0x052E7D95 DSA es 3 ? 1024/0x1844AB0A DSA es 4 ? 2048/0x23543A63 RSA es 5 ? 1024/0x26C7CA3B DSA es 6 + 2048/0x3231BAC7 RSA es 7 ? 2048/0x4DFB75F4 RSA es 8 ? 4096/0x6092693E RSA es 9 + 4096/0x60F4A92C RSA es 10 + 4096/0x6E10FBDA RSA es 11 ? 1024/0x7F780279 DSA es 12 ? 4096/0x9893C549 RSA es 13 ? 4096/0xA28E2773 RSA es 14 + 4096/0xA3649EC3 RSA es 15 ? 2048/0xCB5D9718 DSA es 16 ? 4096/0xD93E98FC RSA es 17 ? 1024/0xF0D6B1E0 DSA es 18 + 4096/0xA3649EC3 RSA es Name Name [ about 20 other keys with names and email adresses] Some of the keys are missing, although gpg --list-keys clearly shows that they are there. The above shown keys also seems to be duplicates of the keys listed with names and email addresses. The sourced gpg.rc looks like this: set pgp_decode_command="gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f" set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f" set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f" set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f" set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f" set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0xXXX -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xC9C40C31 -- -r %r -- %f" set pgp_import_command="gpg --no-verbose --import -v %f" set pgp_export_command="gpg --no-verbose --export --armor %r" set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r" set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r" set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r" set pgp_timeout=1800 set pgp_good_sign="^gpg: Good signature from" Does anybody know whats going on here? Why are some keys not listed, though they exist? Thanks, Heinz.
Re: attach public GPG key by default?
On 14.03.2015, Peter P. wrote: > how can I configure mutt to always attach my public GPG key to signed > messages without manually having to ESC-k and selecting the correct key? Besides exploring mutts macro functionality already mentioned in this thread, it could be an idea to copy your pubkey to a website and linking to it in the footer of your mails. And there's also the possibility to add an OpenPGP header to all your mails. This is what I use in .muttrc: my_hdr OpenPGP: id=60F4A92C\; url=http://www.fritha.org/htd.asc\; preference\=signencrypt
Re: attach public GPG key by default?
* On 17 Mar 2015, Will Yardley wrote: > > I've seen other mail clients (Evolution, I think) send the public key > with every message, but seems a bit of a wste of bndwdth to me. Just put > a link to your key (or your key-id and keyserver address) in your sig. +1, if even that. Don't all mail readers with basic PGP support have the ability to query keyservers for unknown keys automatically? -- David Champion • d...@bikeshed.us
Re: attach public GPG key by default?
On Tue, Mar 17, 2015 at 08:11:59PM -0500, Chris Sussmann wrote: > * Peter P. wrote: > > * Francesco Ariis [2015-03-14 19:58]: > > > > how can I configure mutt to always attach my public GPG key to > > > > signed messages without manually having to ESC-k and selecting > > > > the correct key? > > > Maybe a macro [1] (exploiting ) could do? Have you > > > considered uploading your key to a pgp keyserver? In my opinion it > > > is a more reliable and sensible way to share your public key. > > Thanks Francesco, it is good to know now that such a thing does not > > exist by default. Of course keyservers (or even better, multiple > > publication paths in parallel) are a viable option. > > I use this line in my .muttrc > > set pgp_autosign=yes That doesn't send the key by default; it just signs messages by default. I've seen other mail clients (Evolution, I think) send the public key with every message, but seems a bit of a wste of bndwdth to me. Just put a link to your key (or your key-id and keyserver address) in your sig. w
Re: attach public GPG key by default?
* Peter P. wrote: > * Francesco Ariis [2015-03-14 19:58]: > > On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote: > > > how can I configure mutt to always attach my public GPG key to signed > > > messages without manually having to ESC-k and selecting the correct key? > > > > Maybe a macro [1] (exploiting ) could do? > > Have you considered uploading your key to a pgp keyserver? In my opinion > > it is a more reliable and sensible way to share your public key. > > Thanks Francesco, it is good to know now that such a thing does not > exist by default. Of course keyservers (or even better, multiple > publication paths in parallel) are a viable option. > > best,P I use this line in my .muttrc set pgp_autosign=yes Cheers, -- Chris Sussmann chrissussmann.com signature.asc Description: Digital signature
Re: attach public GPG key by default?
* Francesco Ariis [2015-03-14 19:58]: > On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote: > > how can I configure mutt to always attach my public GPG key to signed > > messages without manually having to ESC-k and selecting the correct key? > > Maybe a macro [1] (exploiting ) could do? > Have you considered uploading your key to a pgp keyserver? In my opinion > it is a more reliable and sensible way to share your public key. Thanks Francesco, it is good to know now that such a thing does not exist by default. Of course keyservers (or even better, multiple publication paths in parallel) are a viable option. best,P
Re: attach public GPG key by default?
On Sat, Mar 14, 2015 at 11:14:37AM +0100, Peter P. wrote: > how can I configure mutt to always attach my public GPG key to signed > messages without manually having to ESC-k and selecting the correct key? Maybe a macro [1] (exploiting ) could do? Have you considered uploading your key to a pgp keyserver? In my opinion it is a more reliable and sensible way to share your public key. [1] http://dev.mutt.org/trac/wiki/MuttGuide/Macros
attach public GPG key by default?
Hi list, how can I configure mutt to always attach my public GPG key to signed messages without manually having to ESC-k and selecting the correct key? thank you, P
Re: OT: help signing gpg key
On Mon, Jan 19, 2009 at 17:17, Alexander Dahl wrote: > Hi, > >> So I've gotten around to generating my own personal GPG key and >> signing every mail with it. Problem is, I don't know anyone with gpg >> or pgp, and want my key to be signed. If I understand correctly, this >> should be done face to face? Or can someone on this list do it? I'm >> fairly new to all of this and don't really know where to start. > > Kyle already mentioned local groups and I can recommend that too. > > Short additional information: the signing itself is done by everyone by > himself at home but the verification of identity and fingerprints should > be face2face! I tried to find some information on the GnuPG site, but > the manual is not very detailed in this topic, so try your luck with the > keysigning party howto, at least the part about the "why": > http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html > > I assume there is lot of additional information especially for beginners > on the web, just try the search engine of your choice. ;-) Thanks guys, I'll go check that out. If anyone here lives in vienna (aut) and wants to meet for some intimate key-signing, mail me. Cheers, Meli
Re: OT: help signing gpg key
Hi, > So I've gotten around to generating my own personal GPG key and > signing every mail with it. Problem is, I don't know anyone with gpg > or pgp, and want my key to be signed. If I understand correctly, this > should be done face to face? Or can someone on this list do it? I'm > fairly new to all of this and don't really know where to start. Kyle already mentioned local groups and I can recommend that too. Short additional information: the signing itself is done by everyone by himself at home but the verification of identity and fingerprints should be face2face! I tried to find some information on the GnuPG site, but the manual is not very detailed in this topic, so try your luck with the keysigning party howto, at least the part about the "why": http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html I assume there is lot of additional information especially for beginners on the web, just try the search engine of your choice. ;-) Greets Alex -- * http://www.lespocky.de *** Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. (Benjamin Franklin) signature.asc Description: OpenPGP digital signature
Re: OT: help signing gpg key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday, January 19 at 03:21 PM, quoth ssiza...@gmail.com: > So I've gotten around to generating my own personal GPG key and > signing every mail with it. Problem is, I don't know anyone with gpg > or pgp, and want my key to be signed. If I understand correctly, this > should be done face to face? Or can someone on this list do it? I'm > fairly new to all of this and don't really know where to start. For the best security, it should generally be done face-to-face. The way this often works is that some group will hold a key-signing party. Find your local Linux Users Group or Unix Users Group; they may have something for you. But if you can't get it signed, don't worry about it. It's still usable. ~Kyle - -- The truth is rarely pure and never simple. -- Oscar Wilde -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iEYEARECAAYFAkl0krwACgkQBkIOoMqOI15tOACg5q2ccn/ytA4VT/V2M357ejyr U/AAoN0llnmHHVebzxXiTiQoqoBf1gYT =xtqk -END PGP SIGNATURE-
OT: help signing gpg key
So I've gotten around to generating my own personal GPG key and signing every mail with it. Problem is, I don't know anyone with gpg or pgp, and want my key to be signed. If I understand correctly, this should be done face to face? Or can someone on this list do it? I'm fairly new to all of this and don't really know where to start. Thanks, Meli
Re: extract pgp/gpg key
Joseph wrote: > According to manual ^K (ctrl-shift-K) is for "extract-key" > when I tried it, I got: > > gpg: no valid OpenPGP data found. > gpg: Total number processed: 0 > Press any key to continue... > > The message was pgp signed. The keys aren't transmitted with each signed message in the OpenPGP spec. The extract-key function works when you have a key block in the message. You can attach a key to a message using the attach-key function from the compose menu (k by default). -- ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ Neuroses are red, Melancholia's blue. I'm schizophrenic, What are you? pgprd7e1wRdbj.pgp Description: PGP signature
extract pgp/gpg key
According to manual ^K (ctrl-shift-K) is for "extract-key" when I tried it, I got: gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Press any key to continue... The message was pgp signed. -- #Joseph GPG KeyID: ED0E1FB7
Re: How to activate a given GPG key through a macro...
On Mon, Sep 24, 2007 at 10:59:05PM -0500, Kyle Wheeler wrote: > ... Thank you very much for your help... Now everything works right. I have greatly appreciated your input. Franz
Re: How to activate a given GPG key through a macro...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday, September 25 at 01:16 AM, quoth P.M.: >Should I set "set pgp_ignore_subkeys=" to "no" (default is "yes"), or >it does not matter here? Only unset it if you really need to (i.e. you find that mutt misbehaves otherwise). *Most* folks should ignore that setting. >How is "user" determined? By the "from" field, or what >else? If you haven't set pgp_sign_as, then yes, the return address (and from field) is what mutt uses. >In the case of an email address that does not have a >pgp key, how do I tell mutt NOT to use pgp at all for >this particular identity? On a per-message basis, you can change it, of course. To have it happen automatically, I'd unset pgp_autosign (and similar) in your macro, or `push` the commands to unset it on the compose screen. You can even do it in a send hook. Here's what I do: send-hook '~G !^%C pgp' 'push f' ~Kyle - -- A little song, a little dance, a little seltzer down your pants. -- Chuckles the Clown -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iD8DBQFG+IeJBkIOoMqOI14RAp95AJ4i+eQdXwR81mGQwwXndtOu1yUcHQCfU/bz ntNVfBdDvCvSeFkQlzNnev4= =wtq1 -END PGP SIGNATURE-
Re: How to activate a given GPG key through a macro...
--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb: OK, I've applied the conditional version: set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust %?a? --encrypt-to %a? -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust %?a?--encrypt-to %a? -- -r %r -- %f" and it works perfectly, as expected. THANKS!!! Though, when leaving the "pgp_sign_as=" empty, it still reverts to default pgp key instead of not applying pgp at all to that identity (intended behavior), even when I modify the "set pgp_sign_command=" line to: set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a? %a? %f" (which last part I very likely misunderstood) Franz __ Yahoo! Clever: Sie haben Fragen? Yahoo! Nutzer antworten Ihnen. www.yahoo.de/clever
Re: How to activate a given GPG key through a macro...
--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb: > Hopefully, you see what I'm saying... It's definitely much clearer now, and it's time for me to apply your advice and experiment with it... I think I've got it now. A few quick questions before closing, if you will... Should I set "set pgp_ignore_subkeys=" to "no" (default is "yes"), or it does not matter here? How is "user" determined? By the "from" field, or what else? In the case of an email address that does not have a pgp key, how do I tell mutt NOT to use pgp at all for this particular identity? After those are answered, I should be all set. Thanks, Franz Wissenswertes zum Thema PC, Zubehör oder Programme. BE A BETTER INTERNET-GURU! www.yahoo.de/clever
Re: How to activate a given GPG key through a macro...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday, September 24 at 10:03 PM, quoth P.M.: >> Eh? That wouldn't do anything at all in a muttrc, that I'm aware >> of, and *should* cause mutt to complain. Under what context is that >> in your muttrc---is it in the middle of a variable setting or >> something? > > These are the two instances I was referring to, been > that way a long time and mutt has never complained: Okay. The way to modify them to use %a in a straightforward way is this: set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to %a -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to %a -- -r %r -- %f" If you want to make them more flexible, you can use conditionals: set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust %?a?--encrypt-to %a? -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust %?a?--encrypt-to %a? -- -r %r -- %f" > So you say I should set the "--encrypt-to" in those two instances to > "%a?" and the "set pgp_sign_as=" to "%?a?-u %a?" (quoted or > unquoted?)... Please confirm and I'll go ahead with it. No, you're not understanding me. The "%a", when used in a $pgp_*_command variable (namely $pgp_encrypt_only_command, $pgp_encrypt_sign_command, $pgp_sign_command, $pgp_decode_command, $pgp_decrypt_command, and $pgp_clearsign_command) gets replaced with the contents of the $pgp_sign_as variable. Thus, if you have this: set pgp_sign_as=foo set pgp_sign_command="gpg %a" Then when needed, $pgp_sign_command will be treated as if it had been set to "gpg foo". So, if you do this: set pgp_sign_as=0x31577172 set pgp_sign_command="gpg --encrypt-to %a" Then, when $pgp_sign_command is needed, mutt will treat it as if it had been set to "gpg --encrypt-to 0x31577172". If you want to make it able to handle the following situation: unset pgp_sign_as ...then you'd need to rewrite it like this: set pgp_sign_command="gpg %?a?--encrypt-to %a?" In which case, if $pgp_sign_as is empty, $pgp_sign_command will be interpreted as "gpg ", but if $pgp_sign_as is set to something (say, "foo"), will be interpreted as "gpg --encrypt-to foo". %a is NOT a "magic" token to magically read your mind and figure out what key you should be using to sign things. Thus, the following makes no sense: set pgp_sign_as="%a" That would be akin to doing this: set pgp_sign_as="$pgp_sign_as" Hopefully, you see what I'm saying... > With my previous setup, then, I was erroneously encrypting/signing > with my public key?!? Probably not. What makes you think that? > Here is the whole of my pgp section... Please let me know what else > I messed up and should now change... That all looks fine. ~Kyle - -- In all matters of opinion, our adversaries are insane. -- Oscar Wilde -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iD8DBQFG+DhJBkIOoMqOI14RAmtwAJ9oqP5s0osmrmUtAjPe+OYHRJRiZwCfal6V DlnExN6TOvcYe7xCpwsfSvM= =euge -END PGP SIGNATURE-
Re: How to activate a given GPG key through a macro...
--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb: Thank you, it is much appreciated. > > Now, the code "set pgp --encrypt-to=0x31577172" > occurs twice in the > > pgp section of my .muttrc. Within this scheme, do > I need to include > > that too in the macro?? > > Eh? That wouldn't do anything at all in a muttrc, > that I'm aware of, > and *should* cause mutt to complain. Under what > context is that in > your muttrc---is it in the middle of a variable > setting or something? These are the two instances I was referring to, been that way a long time and mutt has never complained: set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x31577172 -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x31577172 -- -r %r -- %f" > > It makes perfect sense, thanks again for > explaining it so clearly. > > Fantastic, then, so I just need to replace > "0x31577172" at each > > occurrence in the .muttrc with "%?a?-u %a?"... > > Not exactly, but close. Here's an example from my > muttrc (more or > less), to demonstrate how it's used. Pay close > attention to what gets > replaced: > > set pgp_encrypt_sign_command="pgpewrap gpg > %?a?--encrypt-to %a? --charset utf-8 --force-mdc > %?p?--passphrase-fd 0? --batch --quiet --no-verbose > --textmode --output - --encrypt --sign %?a?-u %a? > --armor --always-trust -- -r %r -- %f" > > When that is actually executed (assuming I send a > message to you, for > example, mutt will interpret that command to be: > > pgpewrap gpg --encrypt-to 0xCA8E235E --charset utf-8 > --force-mdc > - --batch --quiet --no-verbose --textmode --output - > --encrypt --sign -u > 0xCA8E235E --armor --always-trust -- -r 0x31577172 > -- > /tmp/mutt-tunican-501-8500-1097 > > See how that works? > > But yes, then the command will always refer to the > correct key ID's, > no matter what you've set that key ID to be, without > having to reset > the pgp command yourself. So you say I should set the "--encrypt-to" in those two instances to "%a?" and the "set pgp_sign_as=" to "%?a?-u %a?" (quoted or unquoted?)... Please confirm and I'll go ahead with it. With my previous setup, then, I was erroneously encrypting/signing with my public key?!? Here is the whole of my pgp section... Please let me know what else I messed up and should now change... set pgp_decode_command="gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f" set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f" set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f" set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f" set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f" set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x31577172 -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x31577172 -- -r %r -- %f" set pgp_import_command="gpg --no-verbose --import -v %f" set pgp_export_command="gpg --no-verbose --export --armor %r" set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r" set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r" set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r" set pgp_autosign=yes #Always attempt to sign outgoing messsage set pgp_sign_as=0x31577172 #set pgp_autoencrypt=no #Always attempt to PGP/MIME encrypt outgoing message ##set pgp_encryptself=yes #set pgp_replysign=yes #Sign replies to messages which are signed set pgp_replyencrypt=yes #Encrypt replies to messages which are encrypted set pgp_replysignencrypted=yes #Sign replies to messages which are encrypted set pgp_verify_sig=yes set pgp_timeout=1800 #Seconds after which a cached passphrase expires if not used #set pgp_strict_enc=yes #Encode PGP/MIME signed messages as quoted-printable set pgp_good_sign="^gpg: Good signature from" Thank you again very much for your kind help. Franz __ Yahoo! Clever: Sie haben Fragen? Yahoo! Nutzer antworten Ihnen. www.yahoo.de/clever
Re: How to activate a given GPG key through a macro...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday, September 24 at 08:03 AM, quoth [EMAIL PROTECTED]: > Thank you for taking the time to explain... You're quite welcome. > Here's what I currently have: > > macro generic "2" "set [EMAIL PROTECTED] > hostname=yahoo.de realname=my_hdr Bcc: > <[EMAIL PROTECTED]> my_hdr X-PGP-Key:" Ah, then this would be sufficient: macro generic "2" " set [EMAIL PROTECTED] hostname=yahoo.de realname= pgp_sign_as=0x31577172 my_hdr Bcc: <[EMAIL PROTECTED]>" Which is pretty close to what you had, but not exact. > Now, the code "set pgp --encrypt-to=0x31577172" occurs twice in the > pgp section of my .muttrc. Within this scheme, do I need to include > that too in the macro?? Eh? That wouldn't do anything at all in a muttrc, that I'm aware of, and *should* cause mutt to complain. Under what context is that in your muttrc---is it in the middle of a variable setting or something? > It makes perfect sense, thanks again for explaining it so clearly. > Fantastic, then, so I just need to replace "0x31577172" at each > occurrence in the .muttrc with "%?a?-u %a?"... Not exactly, but close. Here's an example from my muttrc (more or less), to demonstrate how it's used. Pay close attention to what gets replaced: set pgp_encrypt_sign_command="pgpewrap gpg %?a?--encrypt-to %a? --charset utf-8 --force-mdc %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f" When that is actually executed (assuming I send a message to you, for example, mutt will interpret that command to be: pgpewrap gpg --encrypt-to 0xCA8E235E --charset utf-8 --force-mdc - --batch --quiet --no-verbose --textmode --output - --encrypt --sign -u 0xCA8E235E --armor --always-trust -- -r 0x31577172 -- /tmp/mutt-tunican-501-8500-1097 See how that works? But yes, then the command will always refer to the correct key ID's, no matter what you've set that key ID to be, without having to reset the pgp command yourself. ~Kyle - -- Whenever you have an efficient government, you have a dictatorship. -- Harry Truman, lecturing at Columbia University, April 28, 1959 -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iD8DBQFG9+KxBkIOoMqOI14RAlbpAJ4wzvoihFBC4WhHUCo+qW7Pulo+ggCgvmSr Qy1qeMGvc0kzjMpEIB/ka9Q= =9ZmT -END PGP SIGNATURE-
Re: How to activate a given GPG key through a macro...
Thank you for taking the time to explain... On Sun, Sep 23, 2007 at 10:35:39PM -0500, Kyle Wheeler wrote: > Here's how you'd set it in a macro: > > macro index m 'set pgp_sign_as=0x31577172' > > I can mix that into your existing send-mail macro if you include > that in your message. Here's what I currently have: macro generic "2" "set [EMAIL PROTECTED] hostname=yahoo.de realname=my_hdr Bcc: <[EMAIL PROTECTED]> my_hdr X-PGP-Key:" which, following your suggestion, would become: macro generic "2" "set pgp_sign_as=0x31577172 <[EMAIL PROTECTED]>set [EMAIL PROTECTED] hostname=yahoo.de realname=my_hdr Bcc: <[EMAIL PROTECTED]> my_hdr X-PGP-Key:" Is this correct? Now, the code "set pgp --encrypt-to=0x31577172" occurs twice in the pgp section of my .muttrc. Within this scheme, do I need to include that too in the macro?? > Many mutt string variables that support formatting strings (such as > %a) also support conditional formatting strings. Generally, if you > include %a in a pgp command variable, it will be replaced by the > sender of the email (e.g. [EMAIL PROTECTED], or whatever you've > configured your pgp_sign_as to be). Thus, if you always set > pgp_sign_as to something, you can put "-u %a" into your pgp command > string (according to the gpg manual, -u means "sign as this user") and > when "-u %a" is parsed by mutt, it becomes "-u [EMAIL PROTECTED]", or > something similar. Now then, to be generic, to take care of situations > when pgp_sign_as may not be set to anything, we have a conditional. A > conditional format string is in the format "%? formatletter ? iftrue ?", > in other words, the string "%?a?foo?" means "if %a would produce > anything, then use 'foo', otherwise ignore this". So, "%?a?-u %a?" > means "if %a is would produce anything, then use '-u %a'". > > Does that make sense? It makes perfect sense, thanks again for explaining it so clearly. Fantastic, then, so I just need to replace "0x31577172" at each occurrence in the .muttrc with "%?a?-u %a?"... with no further need to modify the macro sequences, as this string automatically points to the correct gpg key belonging to the current user (which user is selected as needed through the old macro sequences, unmodified...) Correct? If affirmative, it is an extremely elegant fix indeed... Franz pgpLXdatVLASc.pgp Description: PGP signature
Re: How to activate a given GPG key through a macro...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday, September 24 at 12:50 AM, quoth P.M.: > Thank you very much for your reply. You're quite welcome. > I apologize for not being too quick in grasping the advice you just > gave - being very new to this stuff - so please be patient with > me... No problem. > set pgp_sign_as=0x31577172 > set pgp --encrypt-to=0x31577172 > > What would seem elegant to me is to replace those key > values with a $VARIABLE that can be changed on the fly > by changing a single value in the macro sequences I > use to change return address, hostname, realname, Bcc > field, etc. for each email address I have. No, that would be silly. $pgp_sign_as *is* a variable that can be changed on the fly, so adding another one would be an extra redirection. Here's how you'd set it in a macro: macro index m 'set pgp_sign_as=0x31577172' I can mix that into your existing send-mail macro if you include that in your message. >> No, but you need to have the sign-as included in >> your pgp_*_command >> settings. For example, my pgp_encrypt_sign_command >> includes: >> >> %?a?-u %a? > > You lost me there... how that works goes beyond what I > am able to grasp at this time... Many mutt string variables that support formatting strings (such as %a) also support conditional formatting strings. Generally, if you include %a in a pgp command variable, it will be replaced by the sender of the email (e.g. [EMAIL PROTECTED], or whatever you've configured your pgp_sign_as to be). Thus, if you always set pgp_sign_as to something, you can put "-u %a" into your pgp command string (according to the gpg manual, -u means "sign as this user") and when "-u %a" is parsed by mutt, it becomes "-u [EMAIL PROTECTED]", or something similar. Now then, to be generic, to take care of situations when pgp_sign_as may not be set to anything, we have a conditional. A conditional format string is in the format "%? formatletter ? iftrue ?", in other words, the string "%?a?foo?" means "if %a would produce anything, then use 'foo', otherwise ignore this". So, "%?a?-u %a?" means "if %a is would produce anything, then use '-u %a'". Does that make sense? ~Kyle - -- Preach the Gospel at all times and when necessary use words. -- St. Francis of Assisi -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iD8DBQFG9zCKBkIOoMqOI14RAvs+AJwNDn598wJtfVK26zPPMVxj+Xfa+QCfSnsz U4Sza0dirByTz0528j2ZNwQ= =yG1E -END PGP SIGNATURE-
Re: How to activate a given GPG key through a macro...
--- Kyle Wheeler <[EMAIL PROTECTED]> schrieb: Thank you very much for your reply. I apologize for not being too quick in grasping the advice you just gave - being very new to this stuff - so please be patient with me... > There are several ways to do it. You could include > the command to > change pgp_sign_as in the macro that you use to > change your return > address, or you could set it in send-hooks. Depends > on which seems > more elegant to you. The only pgp references to a specific key value that I currently have in my .muttrc (which works perfectly with the current one-key setup) are as follows: set pgp_sign_as=0x31577172 set pgp --encrypt-to=0x31577172 What would seem elegant to me is to replace those key values with a $VARIABLE that can be changed on the fly by changing a single value in the macro sequences I use to change return address, hostname, realname, Bcc field, etc. for each email address I have. As I said, I do not know how to specifically go about it in my .muttrc... Would you give me an example of exactly what code to put in the place of the current key value (0x31577172) and in the macro sequence (set="what_do_I_put_here?") to make it work? > No, but you need to have the sign-as included in > your pgp_*_command > settings. For example, my pgp_encrypt_sign_command > includes: > > %?a?-u %a? You lost me there... how that works goes beyond what I am able to grasp at this time... Franz Wissenswertes zum Thema PC, Zubehör oder Programme. BE A BETTER INTERNET-GURU! www.yahoo.de/clever
Re: How to activate a given GPG key through a macro...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday, September 23 at 10:41 PM, quoth P.M.: >I have a few gpg keys corresponding to a few different >email addresses. When sending out mail within Mutt, I >choose which address to make active through a macro >key. So I am wondering how can I also include a >command within each macro that activates the gpg key >relative to that email address. > >This way, I would just assign a variable to the >various pgp entries in my .muttrc, for instance: > >set pgp_sign_as=$UID >set pgp --encryption-to=$UID >and so forth > >and then assign the value of $UID each time I need to >switch through a single command (added to the macro >sequence activating a particular address), eg: > >set UID=0xD214 > >The problem is, I do not know how to do this properly >within Mutt. How do I do it??? There are several ways to do it. You could include the command to change pgp_sign_as in the macro that you use to change your return address, or you could set it in send-hooks. Depends on which seems more elegant to you. >Also, is it necessary to run the command, 'pgp >--local-user ' each time I switch to a different >gpg key, or the abovementioned setup will suffice? No, but you need to have the sign-as included in your pgp_*_command settings. For example, my pgp_encrypt_sign_command includes: %?a?-u %a? What that does is makes sure that my gpg is told to sign with whatever key I have set as pgp_sign_as. ~Kyle - -- We must not confuse dissent with disloyalty. When the loyal opposition dies, I think the soul of America dies with it. -- Edward R. Murrow -BEGIN PGP SIGNATURE- Comment: Thank you for using encryption! iD8DBQFG9uFnBkIOoMqOI14RAnuoAJ9KPWfdNRHRmppudvze7acsz52tUQCfRWes Dz0QdSBDl6gvmyk9JyKBZWI= =xJao -END PGP SIGNATURE-
How to activate a given GPG key through a macro...
I've searched the net, the manual and various How-To's and not found this information anywhere. I have a few gpg keys corresponding to a few different email addresses. When sending out mail within Mutt, I choose which address to make active through a macro key. So I am wondering how can I also include a command within each macro that activates the gpg key relative to that email address. This way, I would just assign a variable to the various pgp entries in my .muttrc, for instance: set pgp_sign_as=$UID set pgp --encryption-to=$UID and so forth and then assign the value of $UID each time I need to switch through a single command (added to the macro sequence activating a particular address), eg: set UID=0xD214 The problem is, I do not know how to do this properly within Mutt. How do I do it??? Also, is it necessary to run the command, 'pgp --local-user ' each time I switch to a different gpg key, or the abovementioned setup will suffice? By the way, I run Mutt 1.4.2.3 (not right now, I'm writing this from my GF's laptop, while she's sleeping... :)) Thanks so much, Franz Jetzt Mails schnell in einem Vorschaufenster überfliegen. Dies und viel mehr bietet das neue Yahoo! Mail - www.yahoo.de/mail
Re: gpg-key probs
Hi, * Rob 'Feztaa' Park [04/02/02 01:12:14] wrote: > Alas! Rocco Rutte spake thus: > > On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote: > > > begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at > > > 11:02:23PM +0200: > > > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote: > > > ^ > > > Is that a stylistic choice, or is your config broken? > > > > Config broken... I'll try to figure out what exactly is going wrong > > since it's working now without any change... > Well, isn't "Aw" the German equivalent of "Re"? It's a term that some German versions of broken pieces of software use as default. > Looks like something is > going through and making all your Aw's are actually Re's, but only on > that one message... Yeah, that was the reason. I just changed the right pattern to a wrong one allthough I wanted to change a wrong to a right one. That's why I thought I didn't change anything. But it should do now. Cheers, Rocco. msg26531/pgp0.pgp Description: PGP signature
Re: gpg-key probs
--uh9ZiVrAOUUm9fzH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Alas! Rocco Rutte spake thus: > On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote: > > begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at > > 11:02:23PM +0200: > > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote: > > ^ > > Is that a stylistic choice, or is your config broken? > > Config broken... I'll try to figure out what exactly is going wrong > since it's working now without any change... Well, isn't "Aw" the German equivalent of "Re"? Looks like something is going through and making all your Aw's are actually Re's, but only on that one message... --=20 Rob 'Feztaa' Park [EMAIL PROTECTED] -- For certain people, after fifty, litigation takes the place of sex. -- Gore Vidal --uh9ZiVrAOUUm9fzH Content-Type: application/pgp-signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qOlOPTh2iSBKeccRAr+8AJ9WH9PKxTKT/5a8nR/ir1Mh6QfL1QCfRbSD ZIhhrdozZMBwLNDy5ox8mDQ= =Nlx4 -END PGP SIGNATURE- --uh9ZiVrAOUUm9fzH--
Re: gpg-key probs
Hi, On Mon, Apr 01, 2002 at 04:18:29:PM -0500 Shawn McMahon wrote: > begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at 11:02:23PM +0200: > > Hi, > > > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote: > ^ > Is that a stylistic choice, or is your config broken? Config broken... I'll try to figure out what exactly is going wrong since it's working now without any change... Cheers, Rocco. msg26508/pgp0.pgp Description: PGP signature
Re: gpg-key probs
begin quoting what Rocco Rutte said on Mon, Apr 01, 2002 at 11:02:23PM +0200: > Hi, > > On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote: ^ Is that a stylistic choice, or is your config broken? msg26501/pgp0.pgp Description: PGP signature
Re: gpg-key probs
Hi, On Mon, Apr 01, 2002 at 03:07:58:PM -0500 ShRen McMahon wrote: > begin quoting what Rocco Rutte said on Thu, Mar 28, 2002 at 11:25:20PM +0100: > > ... but it doesn't help at all if people don't submit their key because > > of paranoia. > What's most annoying are the folks who not only don't submit their > key, but they also don't put it on their web page, or they don't > put a link in their sigline. I don't care about that unless they don't sign anything. I always got the keys upon request. If they were absolutely consequent they would have to stop using their own key because it may be stored on a much more untrusted server than a keyserver, IMHO. The most secure way is to carry a disc with the keys from A to B to have absolute control of the carrier... Cheers, Rocco. msg26500/pgp0.pgp Description: PGP signature
Re: gpg-key probs
begin quoting what Rocco Rutte said on Thu, Mar 28, 2002 at 11:25:20PM +0100: > > ... but it doesn't help at all if people don't submit their key because > of paranoia. What's most annoying are the folks who not only don't submit their key, but they also don't put it on their web page, or they don't put a link in their sigline. I know one person who has a demonstrated abundance of clue, but his sigline says "finger [EMAIL PROTECTED] for my public key", but foo.bar doesn't accept finger... msg26493/pgp0.pgp Description: PGP signature
Re: gpg-key probs
Hi, On Thu, Mar 28, 2002 at 04:14:23:PM -0500 David T-G wrote: > ...and then Shawn McMahon said... > % There's more than one keyserver network. > So it seems. > Are there just one or two, or are there a bunch, or does anyone really > know? Do the servers in a given network synchronize with each other, or > do even they have problems? There are a few, I guess. It would not make sence to not share the key database as much as possible. Imagine, a keyserver with a non-shared database is suddenly not available anymore. ... but it doesn't help at all if people don't submit their key because of paranoia. Rocco msg26484/pgp0.pgp Description: PGP signature
Re: gpg-key probs
Hi, On Thu, Mar 28, 2002 at 04:14:23:PM -0500 David T-G wrote: > Are there just one or two, or are there a bunch, or does anyone really > know? Do the servers in a given network synchronize with each other, or > do even they have problems? ,[ /home/pdmef/.gnupg/options ]- | | # Options for GnuPG | # Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc. | # | [...] | # GnuPG can import a key from a HKP keyerver if one is missing | # for certain operations. Is you set this option to a keyserver | # you will be asked in such a case whether GnuPG should try to | # import the key from that server (server do syncronize with each | # other and DNS Round-Robin may give you a random server each time). | # Use "host -l pgp.net | grep www" to figure out a keyserver. | # | # If you do not want to use the default port 11371, you can give the | # name of the keyserver like this: | # x-hkp://keyserver.example.net:22742 | # If you have problems connecting through a buggy proxy, you can use this: | # x-broken-hkp://keyserver.example.net:11371 | # But first you should make sure that you have read the man page regarding | # proxies (--honor-http-proxy) | # Most users just set the name of the preferred keyserver. | keyserver blackhole.pca.dfn.de | `- Cheers, Rocco. msg26406/pgp0.pgp Description: PGP signature
Re: gpg-key probs (Was: Re: Tag or delete...)
begin quoting what David T-G said on Thu, Mar 28, 2002 at 04:14:23PM -0500: > > Are there just one or two, or are there a bunch, or does anyone really > know? Do the servers in a given network synchronize with each other, or > do even they have problems? I think there are a few, and some of them synchronize with others. Beyond that, I dunno. Generally they're clustered around a given piece of keyserver software, so you can probably track them somewhat that way. msg26372/pgp0.pgp Description: PGP signature
Re: gpg-key probs (Was: Re: Tag or delete...)
Shawn, et al -- ...and then Shawn McMahon said... % % begin quoting what Martin Karlsson said on Thu, Mar 28, 2002 at 12:36:32PM +0100: % > > % > And I get the same as David. I use 'keyserver pgp.mit.edu'. % > But you should only have to upload to _one_ keyserver, right? % % There's more than one keyserver network. So it seems. Are there just one or two, or are there a bunch, or does anyone really know? Do the servers in a given network synchronize with each other, or do even they have problems? I have this huge list of keyservers in my options file and it would be nice to *know* that I could prune it down to one per network and go from there, assuming I know which machines are in which networks. Since gpg doesn't offer any simple way to rotate or fall through key servers, the list I have is hardly helpful, either. TIA & HAND :-D -- David T-G * It's easier to fight for one's principles (play) [EMAIL PROTECTED] * than to live up to them. -- fortune cookie (work) [EMAIL PROTECTED] http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg26370/pgp0.pgp Description: PGP signature
Re: gpg-key probs (Was: Re: Tag or delete...)
begin quoting what Martin Karlsson said on Thu, Mar 28, 2002 at 12:36:32PM +0100: > > > And I get the same as David. I use 'keyserver pgp.mit.edu'. > But you should only have to upload to _one_ keyserver, right? There's more than one keyserver network. However, it's easier to ask somebody what server they use, and then figure out what network it's on, than to ask them what network it's on. They can get the answer to the one question from their options file; the other requires clue. Not saying anyone involved in this discussion doesn't have clue, just saying the general case. msg26368/pgp0.pgp Description: PGP signature
gpg-key probs (Was: Re: Tag or delete...)
* John Buttery <[EMAIL PROTECTED]> [2002-03-28 04.07 GMT -0600]: [...snip...] > That's odd, I get the same thing as Shawn: > > gpg: Signature made Wed 27 Mar 2002 02:29:20 PM CST using DSA key ID 57C3430B > gpg: requesting key 57C3430B from wwwkeys.us.pgp.net ... > gpg: key 57C3430B: invalid subkey binding > gpg: key 57C3430B: no valid user IDs And I get the same as David. I use 'keyserver pgp.mit.edu'. But you should only have to upload to _one_ keyserver, right? As you said, John: odd. regards, -- Martin Karlsson msg26349/pgp0.pgp Description: PGP signature
Re: Add header for gpg key location
Alas! Nick Wilson spake thus: > Hi aqain. > Someone mentioned to me that you could add a header to mails giving the > location of your gpg public key. > > How is this done, or are there some useful docs on the topic? > I figure I just create a page from the export-key func on my site and > then point people to it? You could do that with my_hdr (which is how I did the X-* headers on this email), but I think it is much better to just submit your key to a few popular keyservers for everybody else to download automatically :) -- Rob 'Feztaa' Park [EMAIL PROTECTED] -- "Computers are useless. They can only give you answers." -- Pablo Picasso msg22372/pgp0.pgp Description: PGP signature
Re: Add header for gpg key location
Thus spake Nick Wilson ([EMAIL PROTECTED]): > Someone mentioned to me that you could add a header to mails giving > the location of your gpg public key. > > How is this done, or are there some useful docs on the topic? Here's what I have in my .muttrc: my_hdr X-PGP-Key: http://pgp.dtype.org:11371/pks/lookup?op=get&search=0xC9C40C31 -- Justin R. Miller <[EMAIL PROTECTED]> View my website at http://codesorcery.net Please encrypt email using key 0xC9C40C31 msg22352/pgp0.pgp Description: PGP signature
Add header for gpg key location
Hi aqain. Someone mentioned to me that you could add a header to mails giving the location of your gpg public key. How is this done, or are there some useful docs on the topic? I figure I just create a page from the export-key func on my site and then point people to it? Cheers -- Nick Wilson Tel:+45 3325 0688 Fax:+45 3325 0677 Web:www.explodingnet.com msg22350/pgp0.pgp Description: PGP signature
Re: gpg key: SOLVED
* Dale Morris <[EMAIL PROTECTED]> [010618 14:17]: > I am going to start using gpg (again) and I can't remember how to > export the key to a keyserver, could someone tell me where I can find > it? currently I'm using the following command and getting nowhere: > > gpg --send-keys [EMAIL PROTECTED] www.MASTER.pgp.net. > gpg: www.MASTER.pgp.net.: user not found: public key not found > gpg: can't connect to `www.ch.pgp.net.': Connection refused > > thanks I had the wrong syntax, I've got it working now.. Here's *what worked*: gpg --send-keys [EMAIL PROTECTED] keyserver wwwkeys.eu.pgp.net Now I just need to learn a little more about encryption... >
gpg key
I am going to start using gpg (again) and I can't remember how to export the key to a keyserver, could someone tell me where I can find it? currently I'm using the following command and getting nowhere: gpg --send-keys [EMAIL PROTECTED] www.MASTER.pgp.net. gpg: www.MASTER.pgp.net.: user not found: public key not found gpg: can't connect to `www.ch.pgp.net.': Connection refused thanks
Re: selecting gpg key
* Dave Murray ([EMAIL PROTECTED]) wrote: > BTW, have you PGP/GPG users seen this?: > http://cryptome.org/pgp-email-flaw.htm Yes, and I'm not worried. The exploit requires that: 1. The attacker obtain your secret key. 2. The attacker must replace your secret key in its original location with a modified version 3. The attacker must have access to a message signed with the modified version of your secret key Conventional wisdom says that once someone gets ahold of your secret key, you're basically toast anyway. Once someone has your secret key, the only thing keeping them from breaking the scheme entirely is a passphrase which can be ruthlessly bruteforced anyway. Joshua -- Joshua Haberman<[EMAIL PROTECTED]> University of Puget Sound<[EMAIL PROTECTED]> http://www.reverberate.org <[EMAIL PROTECTED]>
Re: selecting gpg key
Hi Dave, I've seen the article about the PGP flaw. :( Question is, where does that leave PGP/GPG users and the security issues involved? Cheers. Horace On Sun, Mar 25, 2001 at 12:40:29PM -0700, Dave Murray wrote: > Horace G. Friend III wrote on mutt-users: > > I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with > > any that I choose by selecting the "save as" option. I am prompted for > > which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and > > I select the key by their keyid. I've also got the default signing key > > in my muttrc set to DSS/ElGamal. > > > > Can't think of what's wrong with your GnuPG unless something's wrong > > with the muttrc config file. > > > > Have you tried running GnuPG outside of Mutt? > > Thanks Horace. I've revoked my old PGP DSS & RSA keys and only > use my GPG DSS/ElGamal keys now. They were compatible, and I could > select them. My issue is sub keys, I went ahead and expired all but > one. I've decided that probably the best purpose for sub keys is > for changing encryption keys while keeping the same signing key. > Anyway, thanks again. > > BTW, have you PGP/GPG users seen this?: > http://cryptome.org/pgp-email-flaw.htm > > Dave
Re: selecting gpg key
Horace G. Friend III wrote on mutt-users: > I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with > any that I choose by selecting the "save as" option. I am prompted for > which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and > I select the key by their keyid. I've also got the default signing key > in my muttrc set to DSS/ElGamal. > > Can't think of what's wrong with your GnuPG unless something's wrong > with the muttrc config file. > > Have you tried running GnuPG outside of Mutt? Thanks Horace. I've revoked my old PGP DSS & RSA keys and only use my GPG DSS/ElGamal keys now. They were compatible, and I could select them. My issue is sub keys, I went ahead and expired all but one. I've decided that probably the best purpose for sub keys is for changing encryption keys while keeping the same signing key. Anyway, thanks again. BTW, have you PGP/GPG users seen this?: http://cryptome.org/pgp-email-flaw.htm Dave
Re: selecting gpg key
Hi Dave, I've got three keys (DSS/DH, RSA and DSS/ElGamal) and I can sign with any that I choose by selecting the "save as" option. I am prompted for which key to use. All my keys have the same userid ([EMAIL PROTECTED]) and I select the key by their keyid. I've also got the default signing key in my muttrc set to DSS/ElGamal. Can't think of what's wrong with your GnuPG unless something's wrong with the muttrc config file. Have you tried running GnuPG outside of Mutt? -- Horace G. Friend III [EMAIL PROTECTED] GnuPG DSA/ElGamal Key Fingerprint 9295 80C4 C723 621B 9C2D B53E D432 7936 4CA9 8AD6orace On Mon, Mar 19, 2001 at 10:56:01PM -0700, Dave Murray wrote: > I encrypt with GPG it appears to give me a choice in which of my keys > to use, but it always uses the shortest key for encryption, regardless > of which one I chose. Any ideas? > > Regards, > Dave PGP signature
selecting gpg key
I encrypt with GPG it appears to give me a choice in which of my keys to use, but it always uses the shortest key for encryption, regardless of which one I chose. Any ideas? Regards, Dave
Re: GPG Key Selection Problems
Hello! On 2000-02-08 22:44:11 -0500, Adam Sherman wrote: > My pgp_list_pubring_command is "gpg --no-verbose --batch --with-colons > --list-keys %r". > Mutt seems to have trouble with the output, it first wants me to > select a key instead of using the 'pub' entry. Is my format wrong or > is this a bug/feature? It's a feature, I think. The key may contain different subkeys for different purposes (sign only, encrypt only or encrypt and sign). It could even be, that there are subkeys for (real) strong encryption (8192 bit) and for "weak" encryption (768 bit). Mutt lets you choose which key you actually want to use. Franz
GPG Key Selection Problems
Mutt 1.1.3, GPG 1.0.1 My pgp_list_pubring_command is "gpg --no-verbose --batch --with-colons --list-keys %r". Mutt seems to have trouble with the output, it first wants me to select a key instead of using the 'pub' entry. Is my format wrong or is this a bug/feature? Thanks, A. -- Adam Sherman <[EMAIL PROTECTED]> +1 (613) 223-5746