Re: [newbie] Renew gpg key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Fajar, On Tue, 30 Sep 2003 08:08:31 +0700, Fajar Priyanto [EMAIL PROTECTED] wrote about [newbie] Renew gpg key: Dear all, I've just realized that today my gpg key is expired. How do I renew it without importing and signing all my friends' key again? gpg --edit-key 0xdeadbeef expire Regards, =Dick Gevers= . Mandrake visibility? See headers... . -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Encryption is an envelope - the contents are private. iD8DBQE/eeXZwC/zk+cxEdMRAqEEAJ4qmIdYZJ/kxfDTwGTTArRe6kLKyACg62ah 4tSDsiM8riSff4NBXw2+uOw= =SbQE -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie-it] gpg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alle 21:33, lunedì 16 giugno 2003, miKe ha scritto: Alle 23:42, domenica 15 giugno 2003, in merito a Re: [newbie-it] ... hai già provato a dare gpg --edit-key .. e quindi segnare l' uid che vuoi come predefinito con 'uid 3 ' e dargli 'primary' ? No, non avevo provato! Adesso funziona (ho appena fatto una prova). Grazie! - -- E' stata una donna a portarmi all'alcolismo, ed io non ho mai avuto la cortesia di ringraziarla. -- W. C. Fields -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+7shoTvJtVxCNwP4RAmdFAKCNYmR6FQLJCuvyK5arXZd0eS66egCghfZr jHTQNGJXzoDh13ACPYp9gDY= =sijz -END PGP SIGNATURE-
Re: [newbie-it] gpg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alle 23:42, domenica 15 giugno 2003, in merito a Re: [newbie-it] gpg, Luigi Pinna ha scritto: Alle 01:01, domenica 15 giugno 2003, miKe ha scritto: Alle 02:51, giovedì 12 giugno 2003, in merito a [newbie-it] gpg, Luigi Pinna ha scritto: Come faccio? lo fa solo con l'identità principale!!! Nel senso che non mi firma più con l'identità principale! spiegaci meglio.. ti firma solo con l'dentità principale o non ti firma? Il contrario! Ho 3 chiavi, la principale (a) non viene più usata anche se selezionata mentre (b) e (c) vengono usate. In pratica il posto di (a) mi usa (c) Cercando di settare il uid come primario il programma me lo ha impedito! Che fare? la chiave che vuoi usare come principale l'hai trustata? (le hai dato la tua fiducia e l'hai processata con sign?) Questo è l'output di gpg; come puoi vedere è trustata. Peccato che la chiave a cui si riferisca è quella di (a) e non di (c)! gpg --edit-key ... gpg (GnuPG) 1.2.2; Copyright (C) 2003 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. È disponibile una chiave segreta. pub 1024D/DC9798AB creata: 2002-09-12 scade: 2003-09-12 fiducia: u/u sub 1024g/2688BBE3 creata: 2002-09-12 scade: 2003-09-12 (1). (c) (2) (a) (3) (b) hai già provato a dare gpg --edit-key ... e quindi segnare l' uid che vuoi come predefinito con 'uid 3 ' e dargli 'primary' ? - -- bye miKe Slackware 8.1 GNU/Linux 2.4.21 @ hp Xe3 R.U.#219755 -- S.R.U.#705 -- R.M.#110932 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+7ht5F/9fksDJ4y0RArrsAJ9+wBK6fyrNx6uF0KacpwnKB8MfrACfeLKZ NyBGJ2RgSctonEC/Q7U5I+Y= =F/uo -END PGP SIGNATURE-
Re: [newbie-it] gpg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alle 01:01, domenica 15 giugno 2003, miKe ha scritto: Alle 02:51, giovedì 12 giugno 2003, in merito a [newbie-it] gpg, Luigi Pinna ha scritto: Come faccio? lo fa solo con l'identità principale!!! Nel senso che non mi firma più con l'identità principale! spiegaci meglio.. ti firma solo con l'dentità principale o non ti firma? Il contrario! Ho 3 chiavi, la principale (a) non viene più usata anche se selezionata mentre (b) e (c) vengono usate. In pratica il posto di (a) mi usa (c) Cercando di settare il uid come primario il programma me lo ha impedito! Che fare? la chiave che vuoi usare come principale l'hai trustata? (le hai dato la tua fiducia e l'hai processata con sign?) Questo è l'output di gpg; come puoi vedere è trustata. Peccato che la chiave a cui si riferisca è quella di (a) e non di (c)! gpg --edit-key ... gpg (GnuPG) 1.2.2; Copyright (C) 2003 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. È disponibile una chiave segreta. pub 1024D/DC9798AB creata: 2002-09-12 scade: 2003-09-12 fiducia: u/u sub 1024g/2688BBE3 creata: 2002-09-12 scade: 2003-09-12 (1). (c) (2) (a) (3) (b) - -- Come spieghi cos'e' la scuola ad un'intelligenza superiore? -- Elliot, E.T. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+7OhNTvJtVxCNwP4RArP2AJ9s/ZP2QXzRSciuD0U6xgDFMfhhXQCfTUCf up2A3WvTR0aMSJ60iFrBCwE= =IqDk -END PGP SIGNATURE-
[newbie-it] gpg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ciao a tutti! Siccome possiedo diversi account email e ho deciso che era più semplice creare diverse chiavi private, mi ritrovo ora con 3 chiavi private e altrettante pubbliche. Il problema nasce dal fatto che Kmail mi sta firmando in una cartella con l'identità sbagliata! Come faccio? lo fa solo con l'identità principale!!! Nel senso che non mi firma più con l'identità principale! Cercando di settare il uid come primario il programma me lo ha impedito! Che fare? - -- Ho una mappa esistenziale. Ha Voi siete qui scritto dappertutto. -- Steven Wright -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+586cTvJtVxCNwP4RAonUAJ9F35zAMSA0eLejF2I6I37vhmUVgwCg1Mie jRsxyUT+4BoYub4InFxflAk= =+KLJ -END PGP SIGNATURE-
Re: [newbie] No GPG signature?
The risks may be small, but last year the openssh project site (I think it was openssh) was hacked and a malicious .tar.gz file was substituted in the download area. It was about a week before anyone noticed. To put someones gpg identity on your key ring. Download their public key which you will find somewhere on their download site and in a root terminal enter ' gpg --import key_file_name' The problem is often that the rpm's aren't signed to begin with... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re[2]: [newbie] No GPG signature?
Hello eric, Monday, June 2, 2003, 11:20:10 PM, you wrote: eh I asked the same ? and a couple people said not to worry about it if it was eh from one of the known/respected sites. I guess it would depend on just eh how paranoid you are I have a large amount of valuable-to-me info on my local net. I was also a victim of identity theft - a terrible experience. My paranoia index is QUITE high! Hello Charles, Tuesday, June 3, 2003, 5:53:18 AM, you wrote: CAE Normally, since Contrib is not 'officially' maintained CAE some/many/most Contrib rpms are not signed. I think this was what the MD install was complaining about. CAE I did the sylpheed-claws rpms and I believe that Lenny did the one for CAE 'plain' sylpheed. Thanks for your contribution. Hello Derek, Tuesday, June 3, 2003, 2:44:40 AM, you wrote: DJ If the package is coming from a 'respectable' site, then the risk DJ is small. OK - I'll install it and hope for the best. :-) -- Thank you, rikonamailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] No GPG signature?
Hello, I downloaded sylpheed from a contrib mirror, and during the install I get a message 'No GPG signature in package'. Does this imply a security risk in installing the package? I didn't get this in 9.0. Is this a new check in 9.1 or is the package really different? Thanks. -- Best regards, rikona mailto:[EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] No GPG signature?
I asked the same ? and a couple people said not to worry about it if it was from one of the known/respected sites. I guess it would depend on just how paranoid you are If the sig is borked (ie you actually did download the key, the package has one, *and* you get an error) that might be a problem. eric On Mon June 2 2003 10:34 pm, rikona wrote: I downloaded sylpheed from a contrib mirror, and during the install I get a message 'No GPG signature in package'. Does this imply a security risk in installing the package? I didn't get this in 9.0. Is this a new check in 9.1 or is the package really different? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] No GPG signature?
On Mon, 2 Jun 2003 22:34:12 -0700 rikona [EMAIL PROTECTED] wrote: I downloaded sylpheed from a contrib mirror, and during the install I get a message 'No GPG signature in package'. Does this imply a security risk in installing the package? I didn't get this in 9.0. Is this a new check in 9.1 or is the package really different? Normally, since Contrib is not 'officially' maintained some/many/most Contrib rpms are not signed. I did the sylpheed-claws rpms and I believe that Lenny did the one for 'plain' sylpheed. Charles -- The best portion of a good man's life, his little, nameless, unremembered acts of kindness and love. -- Wordsworth - Mandrake Linux 9.2 on PurpleDragon Kernel-enterprise-2.4.21.0rc1.1mdk - pgp0.pgp Description: PGP signature
Re: [newbie] RPM GPG.
On Mon, 2002-11-11 at 17:06, Seedkum Aladeem wrote: Hi, I was trying to install an rpm package using the software installer that came with LM9.0 and its KDE gui. Using Konqueror, I right clicked on the rpm package on the source ftp site then I selected software installer from the pop-up window. A short while later I got this message No GPG signature in package. Do you want to install anyway? I was trying to install the following package: ftp://icarus.com/pub/eda/verilog/v0.6/RPMS/verilog-0.6-0.i386.rpm How dangerous is it to go ahead with the install? Thanx, Seedkum OH MY GOD - IT COULD BE HORRIBLY DANGEROUS! (Not!) Having the GPG sig is only really reassurance that it's not been messed with by anyone but the author (or packager)...so by installing it without the GPG sig, you're just assuming that the package is alright and sticking it on your system FAITHFULLY...I personally don't think that a script kiddie is going to muck around with an RPM...that is, IF a script kiddie even knew what an RPM was in the first place... -- Mon Nov 11 22:40:00 EST 2002 |____ | | / \ /| |'-. | | .\__/ || | | | | _ / `._ \|_|_.-' | | | / \__.`=._) (_ |kuhn media australia | |/ ._/ || |http://kma.0catch.com | |'. `\ | | |stephen kuhn | ;/ / | | |email: [EMAIL PROTECTED] | smk ) /_/| |.---.| |mobile: 0410-728-389 | ' `-`' | I hope you millionaires are having fun! I just invested half your life savings in yeast!! Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] RPM GPG.
Hi, I was trying to install an rpm package using the software installer that came with LM9.0 and its KDE gui. Using Konqueror, I right clicked on the rpm package on the source ftp site then I selected software installer from the pop-up window. A short while later I got this message No GPG signature in package. Do you want to install anyway? I was trying to install the following package: ftp://icarus.com/pub/eda/verilog/v0.6/RPMS/verilog-0.6-0.i386.rpm How dangerous is it to go ahead with the install? Thanx, Seedkum Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com