Re: Several GnuPG instances, with their corresponding agents

On 2019-03-11 19:56, Phil Pennock wrote: On 2019-03-10 at 01:25 -0500, Konstantin Boyandin via Gnupg-users wrote: I would like to use, whenever I like, manually builds (such as current 2.2.13). Question: how do I keep several GnuPG versions installed, every version with its own gpg-agent? A

gpg is destroying my messages ...

(Note I'm not subscribed, please cc me on replies) Basically, I'm very frustrated that gpg is losing random emails of mine. The problem is I am NOT using it by default, but every now and then it will "grab" a message I send. I then can only access it by typing in my pass-phrase. (And, iirc, the me

Re: smartcard reader

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 >Are there any new options that weren't listed already? yubikey4 Although I had very good experience with the SPR 532 (and a lot of trouble with another Cyberjack reader, the Comfort IIRC), the yubikey token has a better trade-off between usabili

Re: every keyserver submit/retrieve returns " ERR 167772346 No keyserver available " ?

hi On Mon, Oct 10, 2016, at 02:17 AM, Werner Koch wrote: > To which ADNS version is dirmngr linked? libadnd1 v1.5.0 ldd `which dirmngr` linux-vdso.so.1 (0x7fffb67ed000) >> libadns.so.1 => /usr/lib64/libadns.so.1 (0x7f8ebb2d6000) libass

Re: every keyserver submit/retrieve returns " ERR 167772346 No keyserver available " ?

hi On Sun, Oct 9, 2016, at 10:26 AM, Kristian Fiskerstrand wrote: >> What am I missing? > For one thing a just fyi, more here @ https://bugs.gnupg.org/gnupg/issue2745 > $ dig +trace hkps.pool.sks-keyservers.net to see resolver results, >From the machine on which I'm running gpg

every keyserver submit/retrieve returns " ERR 167772346 No keyserver available " ?

I'm trying to get gpg2 up & running on linux. I've installed gpg2 --version gpg (GnuPG) 2.1.15 libgcrypt 1.7.3 Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later

gpg: signing failed: Invalid IPC response

Hello! After upgrading my packages (now on gnupg 2.1.9), I am getting an error when trying to sign: $ echo "test"|gpg2 -sa gpg: signing failed: Invalid IPC response -BEGIN PGP MESSAGE- gpg: signing failed: Invalid IPC response gpg-agent.conf contains: pinentry-program /usr/local/bin/pin

Re: Same key on different smart cards

he signing and email decryption part, that would now be two different identities. I hope my intents are a bit clearer now. Rgds Richard On Do, 2012-12-13 at 10:43 +0100, Hauke Laging wrote: > Am Do 13.12.2012, 08:43:53 schrieb Richi Lists: > > > But as far as I understand, for eMail signing

smart card OpenId

Has anybody here used an OpenPGP card for authenticating OpenId? There are lots of options on http://www.crypto-stick.com/en/certificate-authentication And browsing them branches into even more options, and at some point I lose track of the link to OpenPGP cards. So, If anybody uses such a setup

Same key on different smart cards

Hi, I want to have a second and third smart card as fallback. For full disk encryption and ssh it would be ok to have different keys. But as far as I understand, for eMail signing and decryption, it needs to be the same key on all cards. I set up two crypto sticks to contain the same sub keys. But

SmartCard reader

Hi, how are the chances that I can use an agrolis (http://argolis.com/) usb smart card reader with GPG? It shows up as /dev/ttyACM0 Rgds Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Signing eMails doesn't work anymore

Now I had a similar problem with debian packages. That's what I got from dpkg-buildpackage : dpkg-buildpackage: warning: Failed to sign .dsc and .changes file Checking signature on .changes gpg: no valid OpenPGP data found. gpg: the signature could not be verified. Please remember that the signa

Re: Changing the email address of a key

That worked. Thanks a lot! Rgds Richard On Do, 2012-08-30 at 10:48 +0200, Peter Lebbing wrote: > On 30/08/12 10:25, Richi Lists wrote: > > Using the primary key was what I tried first. But when I saw the error > > message "signing failed", I thought I'd ha

Re: Changing the email address of a key

R/E8401492 created: 2012-08-07 expires: never card-no: 0005 115F ssb> 2048R/5A097EF6 created: 2012-08-07 expires: never card-no: 0005 115F On Mi, 2012-08-29 at 14:11 +0200, Peter Lebbing wrote: > On 29/08/12 13:53, Richi Lists wrote: > > I

Re: Changing the email address of a key

0AE275A9 gpg: RSA/SHA1 signature from: "E8401492 Richard Ulrich (ulrichard) " On Mi, 2012-08-29 at 08:49 +0200, Peter Lebbing wrote: > On 28/08/12 21:54, Richi Lists wrote: > > Will this also write also to the smart-card or are the changes only in > > the local keyring?

Re: Changing the email address of a key

Will this also write also to the smart-card or are the changes only in the local keyring? I'm a bit hesitant because the full disk encryption on my netbook works also with the same key, and I don't want to reinstall the whole thing. Rgds Richard On Di, 2012-08-28 at 10:49 +0200, Peter Lebbing wro

Re: Signing eMails doesn't work anymore

Hi Werner, the ! exclamation mark did the trick! I tried specifying the subkey I wanted before, but only the exclamation mark makes it work. With the exclamation mark, also signing in evolution works again. Is this documented somewhere? Thanks a lot. Richard On Di, 2012-08-28 at 10:47 +0200, W

Re: Problem with GPG

Hello Werner, Yesterday, Aug 8, Werner Koch wrote to lists.gnupg-us...@duinheks.nl about...: WK > You should better use WK > gpg --batch --sign --armour --clearsig --passphrase-fd 0 --yes -o "$1".asc "$1" I will do that in future. WK > to avoid the mv. Even better use gpg-agent. That will t

Problem with GPG

Hello, I call PGP from Pine with a simple script: #!/bin/sh echo "" | /usr/bin/gpg --batch --sign --armour --clearsig --passphrase-fd 0 $1 mv $1.asc $2 Lately I noticed that it did not work, withour giving me any warning. When I use it 'by hand' I see an error: echo "xxx

Re: [OT] passphrases Was: Re: Allowing paste into pinentry-gtk-2?

I think a lot of this password philosophy is nonsense for most people. The only things that are likely to be brute-forced are Edge devices with some sort of tactical purpose. Average Joe user is more at risk from phishing or another social engineering tactic. I'm a big fan of ridiculously large

GnuPG failing to decrypt all files

Hi! I have a curious problem. I just installed GPG4win and I'm having issues with my tests. I randomly selected three files from my desktop to encrypt. Two were clear text and one was an xlsx. I encrypted them in a folder with no errors. It did package them in a gzipped tarball I believe. When

Re: what are the sub keys

On Wed, Mar 23, 2011 at 10:58:38PM +0100 Also sprach Ingo Klöcker: I claim that of all 4096 keys that can be found on the public keyservers most have been created by people who just went for the highest number. Because bigger must be better, right? I cannot resist offering the following quote

Re: what are the sub keys

On Tue, Mar 22, 2011 at 08:28:57AM -0700 Also sprach Robert J. Hansen: IME, engineering starting from a base maxim of, "why not?", ultimately leads to curious things that leave you scratching your head (like the aforementioned, "why are you using SHA512 with DSA-1K?"). This is why I would much

Re: what are the sub keys

On Sat, Mar 19, 2011 at 11:36:57PM -0400 Also sprach Robert J. Hansen: On 3/19/11 10:34 PM, Jonathan Ely wrote: but be sure to set your preferences and choose a 4096 over 2048. Why? This is like saying, "I like the bank vault on my front door, but I wish it was thicker: I want the extra secu

Re: Why do we use a different key to sign than to encrypt

On Tue, Mar 01, 2011 at 01:13:16PM + Also sprach Guy Halford-Thompson: Not GPG specific, but I was wondering if someone could point me in the direction of some resources that explain why we use different keys to sign and encrypt (for cases where the same key _could_ do both e.g. RSA). Thi

Re: Smart Card Physical Best Practices?

On Sat, Feb 26, 2011 at 09:40:07PM -0500 Also sprach David Tomaschik: I've recently received my smart card, but was wondering what the "best practices" are, mainly from a physical standpoint. When I use it in my laptop reader, it sticks about 2" out of the side, and I have some concern about th

Re: Some SHA-2 news

On Sun, Feb 20, 2011 at 07:19:15AM -0500 Also sprach Jerry: > On Sat, 19 Feb 2011 14:55:14 -0500 > Robert J. Hansen articulated: > > > On 2/19/11 9:53 AM, lists.gn...@mephisto.fastmail.net wrote: > > > Think we'll see this included one day in OpenPGP, or will we just > > > skip to SHA-3 when it's

Some SHA-2 news

I found this linked from slashdot; I thought some readers of this list might find it interesting: http://www.thinq.co.uk/2011/2/18/nist-boosts-crypto-faster-sha-2-functions/ Think we'll see this included one day in OpenPGP, or will we just skip to SHA-3 when it's ready? -- "Le hasard favorise l

Re: Help with OpenPGP plugin in Mozilla Thunderbird and Claws Mail

On Tue, Feb 15, 2011 at 05:38:47AM -0800 Also sprach AgoristTeen1994: > > Okay thanks for the help though I'm still somewhat confused...I understand > that they key id is the entire keypair, but then how do I found out what is > just my public key, and just my secret key, the reason I"m asking is

Re: Help with OpenPGP plugin in Mozilla Thunderbird and Claws Mail

On Tue, Feb 15, 2011 at 05:38:47AM -0800 Also sprach AgoristTeen1994: > > Okay thanks for the help though I'm still somewhat confused...I understand > that they key id is the entire keypair, but then how do I found out what is > just my public key, and just my secret key, the reason I"m asking is

Re: MacGPG2 2.0.17

On Tue, Jan 25, 2011 at 02:17:01AM -0500 Also sprach Charly Avital: > > I have not run the GPGTools installer, I have run the MacGPG2 2.0.17 > released a few hours ago by Ben Donnachie... My understanding is the GPGTools installer is a meta-package, which (as of the time I downloaded and installed

Re: very short plaintexts symmetrically encrypted

On Sun, 10 Jan 2010 14:02 +0100, "Werner Koch" wrote: > On Sun, 10 Jan 2010 04:44:35 -0500, ved...@hush.com wrote: > > > symmetrical encryption is a simple way to avoid signing, while > > still maintaining relative reliability of knowledge as to who sent > > the message > > That is not true.