Hi!
I'm currently helping my workplace test out Yubikeys - to see how/if they
could help us with our software development. One expected benefit is to
allow developers cryptographically sign Git commits/tags (e.g).
My question is based on this awesome answer by Thomas Pornin:
https://security.stac
Hi Dirk-Willem!
Thanks for your reply - but I'm unfortunately lost as to your (what I
surmise is your implied) hypothetical use-case?
Ref:
On Tue, Dec 22, 2020 at 2:56 PM Dirk-Willem van Gulik
wrote:
> Keep in mind that in some workplaces the building of that trust explicitly
> includes the need
Nvm, apologies for the spam.
I retract my question now after having conferred with a third-party.
I understand now your hypothetical scenario - thanks!
Does anyone else have any thoughts on the reduced complexity of juggling
multiple (sub?)keys vs the security implications of not separating
Authe
Have you tried checking with update-alternatives which pinentry is default
selected?
I remember having to switch mine from pinentry-gnome to pinentry-tty on my
machine (I don't use emacs though).
On Tue, Feb 9, 2021 at 9:22 PM Phillip Susi wrote:
> I have installed the pinetry module and run M-x
Hi!
Say I want to use the tools pass, or git secret to semi-automatically
encrypt secrets I share with others in my team.
In addition I have a separate git repository where I've co-located both
passwords and totp tokens (though separated with different yubikeys so as
not to completely invalidate t
Hi Klaus,
On Sat, Jun 12, 2021 at 2:44 PM Klaus Ethgen wrote:
> You can combine multiple pass repositories into one using, for example,
> git submodules. I used that over many years. Having a cron job that
> committed all submodules changes in the top pass git automatically.
>
Thank you so much
Hi!
# Background
Ref: https://lists.gnupg.org/pipermail/gnupg-users/2021-June/065212.html,
I'm now in a situation where I've got a GPG pub/priv (not subkeys) key-pair
used for work-purposes, and one for personal/private purposes (read:
separate identities). Each GPG pub/priv key-pair resides on ea
Hi,
I've got the same ~/.profile and ~/.bashrc configs (see below) on both
machines, yet on one machine I have to disconnect one to make use of the
other.
And on the other machine I can make use of GPG keys on either yubikey while
both are conected via USB.
What's puzzling is that it's the one wi
On Fri, Oct 29, 2021 at 10:15 PM Matthias Apitz wrote:
> The question here is: Can I somehow transfer the keys from the used
> OpenPGP card to this new card (and copy over the tree of encrypted
> passwords to the phone) or do I have to move the passwords in clear and
> crypt them again with the n
On Fri, Oct 29, 2021 at 11:46 PM Romain LT via Gnupg-users <
gnupg-users@gnupg.org> wrote:
> If you can get the 2 keys on your PC or the 2 keys on your phone you can
> add your new key or even replace the old with the new one by running 'pass
> Id ...'
>
Never heard of the `pass id` command, maybe
Hi!
I've currently got some sensitive data I'd like to require _two_ gpg keys
for decryption/unlocking.
As in both are needed (AND operation), not that either can decrypt on their
own (OR operation).
I can only find description of AND operation in manpages/tutorials online.
I'm hoping for a solu
Hi!
So, I've come across either a bug, or a somewhat unfortunate wording in the
man-pages I wanted to ask if it has been discussed before, before I spend
any more effort learning man-pages' source and coming with a patch.
I'm currently in the process of updating the expiry date on my gpg key's
su
A small correction:
On Sun, 26 Dec 2021, 04:47 Christian Chavez, wrote:
(...)
> As in both are needed (AND operation), not that either can decrypt on
> their own (OR operation).
> I can only find description of AND operation in manpages/tutorials online.
>
The second line is supposed to read "I
On Sun, Jan 2, 2022 at 11:01 PM Ángel wrote:
> You could use a wrapper which calls gpg twice, while the user only
> calls your wrapper (as if it is gpg) once.
>
Thank you, I think that sounds like the best solution I've come across so
far! =)
> However, I would like to question your need for req
14 matches
Mail list logo
