o split the key, then import one part, set
passphrase A, export it (encrypted with A), delete it, then import the
other part, set passphrase B.
~flapflap
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg
d. If the data
is valid, the computed CRC should be 0, if it is not 0, the data is
damaged. But basically it's the same as computing the CRC for the
payload only and comparing it with the received CRC.
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
h "em...@example.com" as "email" in the
first place when you actually don't want "em...@example.com" to be in
public?
Why not just create a key saying "" or "X" for "email" instead?
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
cessarily
overwrite the data on the physical medium. Flash drives use
wear-leveling algorithms that map the logical to physical addresses, to
limit the damages/wear-out due to writing the same physical locations
too often. So if you "overwrite" a logical address, your writt
Robert J. Hansen:
[snip]
> Also note that, contrary to the FSF's press release, this isn't
> government surveillance. It isn't even surveillance in the usual sense
> of the word. If you run a public service like HTTP, how is it
> "surveillance" for someone, anyone, to say "the server sixdemonbag.
model
(like trust-always) this could be a very bad idea... Or it could result
in a DOS as the evil admin deleted the secret parts of some key pairs..
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Dr. Peter Voigt:
> Recently I have added a new identity to my GPG key pair. Can I still
> use my existing revocation certificate with my key pair or do I have to
> renew it because of the added identity?
>
> I am supposing the revocation certificate just refers to my main
> key ID regardless of th
Johan Wevers wrote:
> On 13-11-2014 23:23, Robert J. Hansen wrote:
>
>> I mean no offense, but this seems like a really bad idea. Putting it on
>> CD-ROM might be a pretty cool idea, but USB is just ... scary.
>
> There exist USB sticks with a write-protection jumper (I have 2 so I'm
> sure). If
(in cash) there?
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
r keys - which normally is
not a daily scenario - what about using a GNU/Linux live system/CD/USB
for that purpose?
That way you can use a normal GNU/Linux supported filesystem and don't
have to worry whether to trust your normal OS or which filesystem is
compatible with all OSses you intend to use.
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
the criminals got more than CHF 50k _per
case_ in 2013 in Switzerland.
This is because the telephone channel does not prove authenticity of the
caller and thus cannot be secure.
~flapflap
[0] https://de.wikipedia.org/wiki/Enkeltrick
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
tion [6] (there's a lot of it!) or write an email to their
mailing lists
tails-support-priv...@boum.org [7] (private/non-public)
tails-supp...@boum.org [7] (public)
HTH,
~flapflap
[0]
https://tails.boum.org/doc/encryption_and_privacy/virtual_keyboard/index.en.html
[1] https:
Jonathan Schleifer:
> On Thu, 05 Mar 2015 22:27:36 +0000, flapflap wrote:
>
>> The current version (1.3) of Tails comes with GnuPG 1.4.12.
>
> That's just not true. Not only is the gpg2 command available, but the change
> log even explicitly states that GnuPG 2 was
Josh Clearihan:
> Hi,
>
> Thanks, but our requirement is that the key is secured with a passphrase.
>
> Any other ideas into what is wrong with my coding?
> echo "mypassphrase"| gpg2.exe ...
In my opinion it makes little sense to use a passphrase in this way: the
passphrase is supposed to be e
George Lee:
> I'm not trying to generate multiple random numbers, but just generate a PGP
> key one time in a way that is very hard to crack by basing it on a one-time
> seed generated manually in a reliably random way.
I might be wrong here, but as I understand it you need way more often
random n
Greg Sabino Mullane:
>
>
>> We exchange sensitive files with multiple corporate partners and would like
>> to set our keys up so that a single private key compromise does not require
>> generating new keys for all partners.
>
>> 1) Should we generate separate pub / priv key pairs for all partner
version is 2.0.25 and libgcrypt is 1.5.0)
Thanks in advance,
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Ludwig Hügelschäfer:
> On 22.07.15 16:36, flapflap wrote:
>
>> Should I be worried by the warning or is this normal behaviour?
>
> You should set ultimate ownertrust on your own key after
> (re-)importing. Then it will become valid again.
My key still looked/looks valid,
d
Disable all checks on the form of the user ID while
generating a new one. This option should only be used
in very special environments as it does not ensure the
de-facto standard format of user IDs.
~flapflap
___
Gnu
don't know any sources).
Is there a possibility to modify the (main/sub) key capabilities once
its generated so they can migrate away from the insecure/less secure
setting to, for instance, separate subkeys for Sign and Encrypt?
Cheers,
~flapflap
signature.asc
Description: OpenPGP di
certificate is generated by default so that the user can revoke the
key if s/he lost the passphrase/secret key. Also, the user is
advised to make a copy to an external medium (CD/USB) or print it
out. It is already 'fail safe' so to say.
~flapflap
_
Dashamir Hoxha:
> If it doesn't work, try also `--passphrase-fd=0 <<< "your-passphrase" `
sounds like a bad idea to me because the passphrase could end up in the
~/.bash_history (if bash is used) and physically stored on (a
potentially unencrypted) hard disk...
___
--sign-with flapflap --sign-key muri
But strangely enough, I did not find --sign-with in the man page (Debian
stable) or gpg2 --help...
Cheers,
-- flapflap
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-user
ld also look
for events/cyptoparties in your area:
https://www.cryptoparty.in/location#netherlands
https://privacycafe.bof.nl/
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
MFPA:
> [0] is a How-To for creating an OpenPGP keypair for use with GnuPG on
> an airgapped system (using Tails) and exporting the subkeys for
> day-to-day use. There is a link [1] to a second guide to export the
> subkeys to an OpenPGP smartcard.
I was also about suggesting Tails, so thanks for
y are two different organisations for
different purposes.
Previously, I believed to have read these rules in the "Information for
Maintainers of GNU Software" [0] but could not find it any more.
~flapflap
[0] https://www.gnu.org/prep/maintain/maintain.html
_
flapflap:
> Peter Lebbing:
>> On 05/05/16 17:17, Werner Koch wrote:
>>> Well, this is not an FSF sponsored list. I never received any money or
>>> other resources from the FSF.
>>
>> gnu.org lists GnuPG as a "GNU package", a part of the GNU Proje
Robert J. Hansen:
> And at that point I decided that I *will not* test this code. If
> WORKDIR is set in the user's environment before they start egpg, egpg
> will shred and rm -rf $WORKDIR. This could have terrifying consequences
> for my doctoral thesis, and even worse if someone has WORKDIR se
r supported V2 keys?).
This decrypts the messages but also strips/removes signatures on
messages, so you loose information whether a message was signed or not
afterwards.
By doing this on an encrypted disk (e.g., LUKS) you don't accidentially
store decrypted copies of the confidential emails
need to trust both the
reader and the smartcard, Nitrokey put both in the same package and
labeled it Nitrokey Pro so you can carry it around.
Cheers,
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
l -hashfile gpg4win-2.3.3.exe sha1
3. press [enter] to start the command
4. compare the output with the "SHA1 checksum" for your file listed on
https://www.gpg4win.org/package-integrity.html
Cheers,
~flapflap
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
31 matches
Mail list logo