Is it possible to require two private keys to decrypt with gpg?

2021-12-25 Thread Christian Chavez via Gnupg-users
Hi!

I've currently got some sensitive data I'd like to require _two_ gpg keys
for decryption/unlocking.

As in both are needed (AND operation), not that either can decrypt on their
own (OR operation).
I can only find description of AND operation in manpages/tutorials online.

I'm hoping for a solution which doesn't just require encrypting twice
(though I admit that will give the same security benefit).
The reason why I'd like a "single gpg command solution" is the hope that
such a magical incantation would play well with other tools, such as pass
for passwordstore (e.g.).

Anyone on this mailing list got any tips on how that might be achieved?

-- 
Med vennlig hilsen/Kind regards,
Christian Chavez
Phone/Tlf: +47 922 22 603
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: issue with gpg4win

2021-12-25 Thread Andrew Gallagher via Gnupg-users

> On 25 Dec 2021, at 11:24, Alex Nadtoka  wrote:
> 
> 
> Hi Andrew, yes I have changed the real name of my mailbox and the server) 
> Thanks for the reply. 
> My Client Machine is Windows . If you can tell me how to do that I would 
> appreciate it. Thanks again for the update) 
> Finally got some help. 

I haven’t had to do this myself on windows, so I’m not an expert; if you have 
windows update enabled it should get fixed automatically. If for whatever 
reason you aren’t getting updates you could try something like this:

https://www.stephenwagner.com/2021/09/30/sophos-dst-root-ca-x3-expiration-problems-fix/

> Sorry for all these troubles and Merry Christmas 

Merry Christmas!

A___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: issue with gpg4win

2021-12-25 Thread Alex Nadtoka via Gnupg-users
Hi Andrew, yes I have changed the real name of my mailbox and the server)
Thanks for the reply.
My Client Machine is Windows . If you can tell me how to do that I
would appreciate it. Thanks again for the update)
Finally got some help.

Sorry for all these troubles and Merry Christmas

Regards,
Oleksandr

пт, 24 груд. 2021 р. о 16:50 Andrew Gallagher via Gnupg-users <
gnupg-users@gnupg.org> пише:

>
> 2021-12-23 11:27:30 gpg[12864] DBG: connection to the dirmngr established
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c -> GETINFO version
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c <- D 2.3.4
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c -> KEYSERVER --clear
> hkps://gpg.example.com/
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c -> KS_SEARCH --
> oleksa...@example.com
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c <- ERR 167772261
> Certificate expired 
> 2021-12-23 11:27:30 gpg[12864] error searching keyserver: Certificate
> expired
> 2021-12-23 11:27:30 gpg[12864] keyserver search failed: Certificate expired
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x025c -> BYE
>
>
> OK, so I can see from the image that you’re not actually using example.com,
> fair enough :-) I do notice that your chosen keyserver is using a
> recently-issued letsencrypt certificate. There is a known issue with
> Letsencrypt certificates due to the replacement of their upstream CA and a
> known bug in openssl. Are you able to upgrade openssl and the
> ca-certificates bundle on your client machine?
>
> A
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users