Hi, With the upgrade to GnuPG 2.1 my GPG+Tor setup broke. This was due to the fact that GnuPG now relies on dirmngr to handle all its networking. Which is good, because it separates different parts of functionality, but it also cost me some time to figure out.
In the end, it’s very easy: 1. You create a 2 line script, which calls dirmngr with torify: user@computer:~$ cat /home/user/bin/tordirmngr.sh #! /bin/sh torify dirmngr --daemon --homedir /home/user/.gnupg 2. You write the keyserver, which preferably is an Onion Service, because as such you can be sure that you connect to it via Tor, with the just created script into your ~/.gnupg/gpg.conf: dirmngr-program /home/user/bin/tordirmngr.sh keyserver hkp://euggdcsexz2dqbwb.onion keyserver-options no-honor-keyserver-url 2.b. For good measure I would also add: use-agent keyid-format 0xlong with-fingerprint After you’re done, run "killall dirmngr" once, so that already existing, not torified, dirmngr processes are not used accidentally. Please be aware that, while this adds a lot of anonymity and confidentiality to you GPG usage, if you were to refresh your whole keyring at once, the operator of the keyserver might very well figure out who you are. And please be further aware that most Linux distribution still ship GnuPG 1 and 2 in parallel, so make sure you invoke it with gpg2 (e.g. gpg2 --search [email protected]). Feedback welcome (here or under the original post on Diaspora: https://pod.geraspora.de/posts/4027114) Sincerely, Malte _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
