Re: GnuPG 2.1.0 Merging secret key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I was wondering about merging secret keys. Le 14 novembre 2014 08:58:45 CET, Werner Koch a écrit : >On Thu, 13 Nov 2014 21:00, must...@mustrum.net said: > >> I'm wondering : what is the planned usage for that feature ? > >--try-secret-keys is used to specify keys to be used in addition to the >default secret key when it comes to decrypt messages with anonymous >recipients. > >I have often the case that I receive a messages encrypted to a bunch of >keys where many of them use an anonymous recipient (e.g. for private >backup keys). By using this option I can define which of my secret >keys >are to be used for trial decryption. > > >Shalom-Salam, > > Werner > >-- >Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -BEGIN PGP SIGNATURE- Version: APG v1.1.1 iQI7BAEBCgAlBQJUZdP0HhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRDXUCfO5tif7hIED/wJnKHLep7kSWxlDuM6gJn+SA9yvszpeCQmsxpy2FE7co0s 7+ZUy1IkdQBWarkJ5Q3K2Ytxn72p2DbOSX471iSGivoJwsQiQxUwgpzYOqAjL9vd EaiybtoW2WcAU/a6a+7VQ+voV9HwugL0i8cG5XiMB92DYL7s0nzeupHUdVAIsVF8 1/LzphzqfX6lkpfdsnD5678W3yXS1rfqMu01s0gD1iMkBaFbZNzZZ8mThv7rg9FG iJqhvqhmP0gLfdWEWDSoEgPLP5uln1g9EO08fNZepzVomkdTsCXgoFl7Y4ndkwSi QnrhmhoPTIGPyb8KtIHK/lJWvhnePVZUjoVM83lOwlquj95iEu3ONxfkSobwadsV IgElqqdJqJ2kGILI9t0AFcjwG0c2o5sQixOMFMYrAAkDtP0S1h2LQBD1DxYCldhX gU0iaqg0F1IBGrXLzDjQECLNP+7fQSioKqDVwOpW6A3dt3OR12T0Thge9HQB/hH2 xX26SrMdC67brtp9BICMFKQRq9sy3XlsgLYcNOg9GSzaJ6oE5/vslHUWzF+3fBX0 eAj1BXFRBM2r6mFGANkvCF5VQgJJJFpKjyld0l6LoPOc+eOjMsa0Z/8Mixurxu4E 7VNQhqV3MPPR0xO4311qgd8YHvVfs2zFr1QXTgMXwi1brq5HBuZpQvs5Vwu0jQ== =2uLE -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG 2.1.0 Merging secret key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, >My guess would be the option "--try-secret-key name" where "name" might be the >subkey's new ID followed by an exclamation mark. Nope I got the error "no secret key available". I'm wondering : what is the planned usage for that feature ? -BEGIN PGP SIGNATURE- iJ4EARMKAAYFAlRlDdgACgkQduVShR3cXu8gzgH+M0ZxuU6D8NfotRxW+D0PFdP3 zn34TNeuRiRfgYTL0bScZ1YrvYaJM0nW8ULWMnoK/i8NvXLBJ2s9xrEhyfyFZQIA p8LbtduQ9eO/x24LHNs5hYeP2uRP8zqdIkr/MYxO2Ux2MjLXi2joeV2UZWygTLpl h3ejCQwBC8RQ1Ht9Pi8vRA== =VolJ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG 2.1.0 Merging secret key
Hi all, I'm merging one of my 'old' sub-key into another key-pair. It kept the same keygrip but got a new ID/fingerprint. How can I use that new subkey to decrypt something encrypted to my 'old' subkey ? Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG 2.1 pinentry copy/paste on windows system
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 If you need to be able to past your 'very strong passphrase' (may be from keepass) you can use the old pinentry provided with gpg4win 2.2, without install it. Open the installer with 7z and copy all the dll and pinentry exec onto a new ditectory. Edit your gpg-agent.conf to add the option: Pinentry-program "your own pinentry full path" Restart your gpg-agent.. Works on my xp and win7.. Regards. -BEGIN PGP SIGNATURE- Version: APG v1.1.1 iQI7BAEBCgAlBQJUXH8tHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDni7eEADDmoKx5y0x6SavYJ79Bw7uCDH49js01W19WVwocaHW042d oCZRbdcgIQSfzEqCdVggm+V5CMhyxqYotxKxKSn2Vq3fLXyxfB8DMP465PsDqFma 6PslQrlE2rulW1mkwj3mLMo/08q9GRebQJK/Dha9wAEz9uouEDP3rCaCYuJ6rp5R LzIc4jM1BQoJHDTP32XIwbGBkBPjJgrBU2LhxHgveiN1M2wMFfWY7P7YOsUoRV95 FLzcXpaImmNsMyTFTatgnwgn3ALDDWhX7FQoK/irTmxsOxGFVdk0M9crczY6Gf0v uzW3vaw9r6TeiX4VkOiwTzafGrAYioZvf3ooyA9z/5tvoSiG7HHuJ6m1c+aIt7R/ vLnpq8CMKOeu0wAYLdOlC3Ql5fsL0aiQDAhU7d9hqEzzEUwfUeRoe+0PA2dH6uOr xWQ0rEgb5FofzVnqIJDZSoWjtnNkhrXBl+UtHVLCNWl+Q3Nr3D68qyn4qH4a2+a0 FPG2DxJyBABtFn7um8cYs146jB76/GjL149Szs0jKVwvE5GxhWTHCFtqUvBazelu PVzWrphyIlAOO9N9u3ujGNuXVwPjyPqZzcjWkxCzqajNiCWVWGF4Q4tutRMmrLqY PjGlmt2Rp3dkgX10epJfgIPqrgjltFqmC707IKr10Y+9kbfpecaR12OKNt04qA== =bT3x -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Gpg-agent ECDSA and pageant
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi everyone. The last gpg-agent supports ECDSA and putty's pageant. But, does it support ECDSA for putty/pageant ? Regards. Ps: oups, sorry for my last message without any subject, bad clicking... -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJSJb9AHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDniPlD/kBMS7njhxHUrogbL30GonJZcUqiuhAHdgkg+mOSXbtOGqR 8g7JTb30oFka99KRB1xKRhiJwhIUKWpb1NAdrhjPirCGpxmpUctw7Ds6o1KfrdpZ 8gcIffQvs/3gSmfcOSI9gO4ycAW+uGxxpAJDKst4i0+RqJJxQproLivjzwPSs2hv jTcT3mKQJ0JA8tTfzwL2iU4Ac74xAgeFeCnjlwSHMveuQtl/xhjlrBMDyFVx/CzY VUHRb7/0jBmRkx4DnxhL80XaECUzo5hS5LV40mzBw9sj2+GIVxmw850/F084JORe p84ypaAzkMKMPvVZszGVx7eaFR8TwVqZB0lvZrnDpTZr+sRdqGu00mRAHbv4PAou ispe8o1fQpYO5/zTx+5gqyTQaspbPyTthvCXUxygyRpLhqGeZIGySRoWL/cfodfU EJ7J9ZxbXBCAGuRXu+F/B7Z9inVR1FHFqPupXoTdJDgd4KDMwey4YH3O71djLwhC LhG535G8dALkmYMy9K8FDGjFxP7SsOIe+2DkULyEZebmgPvIiBYdCarJj6IdNfCS MvdOl0KTWXuxiLhhpD2UolCaNltJr6QFxNgUVTbL0yg62BwJgKH8yQ3ZAaQOzNWR 5Rw2/y5ROtD9J8Gq+Y6DqVsBfx8RviIxkBTUN6uGjEs/BjdfWl3Muu+92JnAaw== =cZaO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi everyone. The last gpg-agent supports ECDSA and putty's pageant. But, does it support ECDSA for putty/pageant ? Regards. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJSJbADHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnh40D/9Zf8Mho4GYBedjrKBhPq6CXLr+fBmla/VFbKa08NNDJ+Jg kA0cD/CWo/3N5QgY7bSzkzHPHFz3X3zleL/+glGci7ILgybtow8d8M6TEaxg5uUk kAsxd6As9sdTGVJqhSHwX4f6o214izkjNFl710YWqwzXqIyyf5N40jnhrNBwodvN RGIYaqIgFULRUqC8G6FOnMqGv4Oz+JOwJuwbNu/qoYDMMZ8FckOdaM0CUnpOswyY SwZTYoArFKYnzwTiEr8OEtmqEczybdgkQzeeay25cbCqZncEC0lFXizfRZl1/mBS wW4m9WrTaMuBlbJ/maHy6twAxL6PxZiQaDg8065tK060PUM1MtunTJcjZbgtRpMj culIrtlKi68rwhvVGaEp1MOSgdBKdv1gIlSizyyGwtxTZd3ZzF1QLX42JFdftNvu H5YzfG1EVTamIn7Vz0JC+cJmjnrZ54dTIDqnBe5zXc+5EFXbmIkWIOjScZzbmkcc BtyUonwFM876SGp8i0FQNgdL2ugLi4Az5yBSzNsSQqkFEbn5i0ZrEXA6ANcLBepJ mgfT3N7SuB2MygdUSVSqLCINO+LoPvAhOotsDoBuI5+H5KaaLRbSfk0nvjbhrECV 8kWpZn54BO7LgHx3YDDK5ZZBGWRLMHqNEGuYtVsoDr/G8eFDt7DeXH+2JsiNcA== =ZwEs -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter Lebbing a écrit : >On 05/06/13 22:57, Mustrum wrote: >> how can we change a key capability ? > >Hmmm. Good point. No idea :) > >If you use a hex editor to change flags, the signature will not check >out. >Possibly --edit-key and then "expire" will allow you to re-issue a >signature. >But I simply hadn't realised it's not a properly supported function of >GnuPG. > >Peter. I sucessfully add the signing capability to my key by editing it with the APG app on my android phone. Don't ask how it's done... I'll try again with my catd asap. Thanks for your help anyway. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJRsG/fHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnhtSD/4tVuaE3rZDK/j8RWFo5ZRbpvxI9fA09G0El3ItjzUAj8yN A3mQieshAolCDSnaBAqLlRstsZW5leCYEXzbpjXahN1sh/h8PuLYz+Kw4NGOGhRQ AY1hMIxnGOShMf/8BVuTPq6qdV2vY1cSDpJqTWnY7twRusAXxo+Ebb2b3OfQYhaY wchInP7m7aW/kZNj6bNGqtKfnASmdhaxbXa5jVKKapSP+4coNzUjv22oYac2r3kb TbuGSJku4RJf6Edpxd/xCqUzYD48ADaZrzvo6hT7VnlfmKKcBheOwWPqDMv6hdAF EZ+lW6ZObL74tcTZUflVuk1Oz1BDu8bTNcSMAEdTf8EaRHB8znxH7jJ10GJ2PeUt hdMixAlGj4op82/GllC7OPlI+TVd2QQgue4mnE6f1/EgcTmP6+bl5vu0NYMYdgPq txpTuHN8E2A6nYEjEFQTWlSN4QDyUSztLLzfG+NrdBKq6aDshQK/E6bAct9p8K4M kcZ27ueZJJjqI48umajEz01V8LKTtiCM47td/jpajDtwHiN6NFIphmKGeFyiWmSG /trr3tekOk8Cq/cSvYbxSlJlUZxI7L3bWlh+SyZEWZsHwql96YsjgaVqBgrI4Gb6 Ff1XiolV+QJMzEYXTMtLSdEkid9JguQBnlDyFw4QYRzjoq5U4nC1r2DWdGaa4g== =cREH -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Le 05/06/2013 20:20, Peter Lebbing a écrit : > On 05/06/13 19:37, Mustrum wrote: >> I'm quite sur the root cause is the "certification only" capacity >> of my key: > > I'm quite sure I never had data signature capability on my primary > key. And I moved it to an OpenPGP v2 card, so it worked for me. I > did use a 2048-bit key, but I don't see why that should make a > difference. > > You could try to temporarily add data signature capability to your > primary key, and see if it accepts it then. Then remove it > afterwards. But I can't come up with something better right now, > sorry. > > Good luck, > > Peter. > how can we change a key capability ? -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJRr6ZXAAoJEEy6/YZf1YOe93MP/0+TLKw5q0qmcpF9edxZov+D 82Hpd6L6JRRmVh0dxKmE2jwTvBc0bbN/e8+en7Ds00OCVbhwbIePzXf/01MWyE78 8MELesvlDuSetiym8ePPMufrRkzxsocJ1gHFAPDmjrt5FAokiQkofWZNGHbd4Zac ZB0GQVRujzo0fJ6uQNNiH0o3ASECTvL2VLIgAOeoS2GtaW+Sv3WnQLCrLzYyVSd3 k2/wRJdlDM4zeAcqEwP6yh2ivfmnXRzB9lyhqh9WnDO4kPDypCs7W7gFNghxv15D nEDEML0M7VtmcQFeIoRt9cSxWnGabnIrLuHi+u7/3Sw16RCnHxRTAkF61L4neMyP 6PmZKE6y4sFoiN67YZqido6AmwSDVtJZch04a+ofIzBSECnEO/8wGbY6RemegvjH 8iJcCqFrrvLP20/Cj5lN1ewi1+oCnuMT9NBaJA0vvLw8HpdQkf63HPfXWjKhQhJX 5G9yUq66Uy0bCvxBzqreAumvMUnejpoEo9a6GZSq3KmxxhUjSu92NDEzLYCLENql vOKBF9+u/7gQGbJx0cteNblqmOcLGvmuv+rJr1ADkYq3DDK4Y27Uz6jcmbUfYAm/ xr0RU/oZe5dqCodmtplKCQZJX5rj0Dw5bmMQkBzUTNqUTjf32a42OReszH4IFJTW VZEkbId0IINu1PTSbJkX =ds9h -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Le 05/06/2013 14:50, Peter Lebbing a écrit : > On 05/06/13 12:55, Mustrum wrote: >> The keytocard command displays the 3 slots, but none of them are >> listed as a valid choice. I've to choose from an empty list. > > Ah. I hadn't noticed that. I believe the problem is that the "Key > attributes" (displayed on --card-edit) force a specific keylength > and keytocard only works for that keylength. I think I remember the > solution was to create a key on card of the desired length, and > then overwrite that one with keytocard. > > Peter. > I moved a 4096/rsa signature key to the card, with succes, and tried to overwrite it with my real primary key gpg> keytocard Really move the primary key? (y/N) y Signature key : A41C 227F C1EB BA5C 3CFE 776D C011 169C 983F E396 Encryption key: [none] Authentication key: [none] Please select where to store the key: Your selection? 1 Invalid selection. Your selection? 2 Invalid selection. Your selection? 3 Invalid selection. Your selection? 0 Invalid selection. Your selection? 4 Invalid selection. Your selection? 42 Invalid selection. Your selection? Same issue, no valid selection avalaible. I'm quite sur the root cause is the "certification only" capacity of my key: usage: C <-primary usage: S <-subkey usage: E <-subkey All keys with the S or E flags are fine. All my real and test keys with only the C flag can't be move to my card. Regards. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJRr3dFAAoJEEy6/YZf1YOezg8QAItXI48uKdbEeSKxw6eALJ/p RSxmib3rH5DlL+BN9WkufPKw3RJkNsRwEDlnojzHaQ4i3QWICw2zgv2lGUBaw1Bw UoPx1A74hjGZjgzySBjEhoQvjK3pywhRWQebguJ0iMcnZDQHkY92iKPybdR7z3r5 0QASl+WAFsrvkclLS3xawpLf9ZnhixR+w92nobKauTo8lufIrVO4l9QDQvM6BMmi x//Tx+k7URMJJjb5IyDxkbnsjcSdYFjtWtl0mMCbcm/zbbSEYFHWX/F6EX2yw992 cph8lhvey4/JXiGpSxjxq9/3ReifoYYVlZT15t/AFxj2Jk/Axc8L2eUfmdW9z6YW b72EYUj531Nio5Dcij4eRQLAP5MTTuksbMSx4FAHALzJbIJDuw1ZW/rtYY3mW3/G 4O1y1uo3SGN8UBzmmxkoad3HUmLiuVYspmt6gnDH2VHUCk9/5MygtbCeiueYgiTE G8hYpUOsa3A+PMDkbq0b60j3iaKpxtX+DYgtAQYfWbGKzbCl+Z8qAqNtlanPm9qK HRQ6hucRNV2MY0zbc1SLHRh3sFUs2xKl9PQyEFGJZkLqfZJA4qxHK5dXrX3n2mmP lY/ZKpQuQP91NmUrBMP9FfFvg9Do6mwz5ZyBoG0GorZIMPyPcz/oVl1prVktrC9k H1imYGmH44cdHjXLacJy =z8dK -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
Peter Lebbing a écrit : >On 03/06/13 20:10, Mustrum wrote: >> Note that there is NO valid choice. > >Stick it in signature, that works. > >Peter. -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Peter Lebbing a écrit : On 03/06/13 20:10, Mustrum wrote: Note that there is NO valid choice. Stick it in signature, that works. Peter. But I can't. The keytocard command displays the 3 slots, but none of them are listed as a valid choice. I've to choose from an empty list. I need a ctrl-c to exit gpg Regards. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJRrxh4HhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnrnLD/wPD1D7WAJJRqT28EEqRMZPQMLEi/jxtAcFUyYmBJvOSdKN BS07/y1NoDmPvgMMHmg5h2TRkJ8wkzapnCq5J0wgPtm4P6WDEDRPFOlOqepGmsxK dZPZ2lobUiUd3WwpKqI6HI5b5QvYtNXliS2tnF4nOpL8tkSzJI3fMDE6E5n46zj7 TJiqnXhyUU9gl/pBtzWkpUc6vrLOve5LJ+q1c6xIe4muvob57TipQK0XXdm6J+e4 QD73A3ByG4FKWRnYpFhMkN6hAvQ+FzoJHGMZ6mOO4UOuGPJ3SxM0ridSKQBSxjrR C22DyuSR03Fik5PEkd/m/7BivaY5QTNAfe3hSHbB/yDFq/lV1VSKj68hcpR8jL/J a0fz2XbEMPN5zPer3d2sbLlTLRnqWKdkSNnmKcWjEVg1S8evh6b4H1xxgmnyI0Ja +tUVNgvNd4ycyexMTqsCBWv5KZ5E7L7IcLydcIJG2penlnKTaAEOlnbOHunpsryP nAqAX0qqoJ6ulGHqHp2iLabtQr7kwPoJ5h82PnZUtPVT+spLt9YHFZE6PeF48Zed VtIHdnKJPTVEUIJGN8Mwykc8ISw+OXPZIM1ck47P/7ZngPYCLmOiZ79A1KuAj6aT MWFHASQZEubppPfYqi3NCtn4VQoAQ8whxYkm7mLvqsI4P41/09kZ2Oh98PDNLw== =QMEm -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Pete Stephenson a écrit : >On Mon, Jun 3, 2013 at 11:10 AM, Mustrum wrote: >> I already moved my subkeys to one cryptostick. >> When i tried to move the primary key (4096 RSA) to another stick i >got: >> >>>gpg> keytocard >>>Really move the primary key? (y/N) y >>>Signature key : [none] >>>Encryption key: [none] >>>Authentication key: [none] >> >>>Please select where to store the key: >>>Your selection? >> >> Note that there is NO valid choice. >> >> Any ideas ? >> >> I'm using gpg 2.0.20 > >What version of the Crypto Stick are you using? I've successfully >moved 4096-bit RSA primary keys to the OpenPGP smartcard and 2048-bit >RSA subkeys to a Crypto Stick v1.2, but I would expect the Crypto >Stick would also support 4096-bit keys. I don't know if early versions >wouldn't support keys of that length. I'm using the v1.2. It's supposed to be fine with 4096 rsa key if used with GnuPG 2.0.20. May be the capacity flags of my primary key is the probleme. As i'm using subkeys to sign & encrypt, i created the primary with only the "certify" capability and the stick only got 3 slots: Signing Enccrypt Authentification. Nothing to receive a certification only key ? -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJRrYnBHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnvJ/EACANz5ROnge/bJshG/doKcZvw3KNomeZ2PWQn4Gu1QA9vTf xQ2BCuHmHogoOD0sp49tcFa/8WM05PxoafNTmuUNZjgi9lR5nMvv69VmHNMe2jrD Z9Oox/MsWttEVXYKpV3ydFjOG30Fy6ht6MUY+RzsOjx4B7LrdU4uH837PDvOc/Zq OuWGsBIhA0nfvY4sEUSq3uK0GYB2iXdyY5oYuBH+zWt1ome/vo/rZWe9RHyzw7yv S3PPnjLZSxmVNTFV4ADZeUue/0d9fa3vv43H/YBoLOCDS0AlMSCGW15IBiAgMsKD Q3KXpw0W2cX1gpnYpEhvGAT8H4BFG3O5EmZDpkqPW0dm6Cn8djAGuh5+waBhfycS IxZwvhOlFyhdSE2ksuNG8CkWevVpkuythuiEwjTDcphf0EzBaHxN3Pn74UaecL6O VhSC/goKf5WzLJcPfAHfKZ/vC6N0z+PWfW4meYf7Tz7CpRSpDLI+VmmYOurpXpxO jk2iIpcmjwfi8SFSKnV6wVf+usIH9y7gZyoAb3If5Gbwv/AzohTlUQoyxWzMSJXb 0gwqOQRwozbiHeyCqTJZyo6g7te4vIrLWlW1adEhRDsuOLVVhvA0/RNh4tSmTCpU QTPyzncbwgwv0zX1X+foePgw2ganQ7gOY5KtlAJZUBAP5CnSgVNpo49bbVZ8lw== =K1FW -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Separate OpenPGP cards for master key and sub-keys
I already moved my subkeys to one cryptostick. When i tried to move the primary key (4096 RSA) to another stick i got: >gpg> keytocard >Really move the primary key? (y/N) y >Signature key : [none] >Encryption key: [none] >Authentication key: [none] >Please select where to store the key: >Your selection? Note that there is NO valid choice. Any ideas ? I'm using gpg 2.0.20 signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: There may be more to security than password length, or even its complexity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Http://xkcd.com/538 :-) -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCgAlBQJPvPDuHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnv71EADJYr8hgWu/5yGnKgrYHhE/w+uxieCAAtIlZDvXxHKKVFGC MC1xVgeYeksvM8fNL4RPMCs5ttsi1uA0OUax6jGxUg7WrGYBjcPhie5tiMfcIUjS nixGxsLu05PWlC/kH4vYF1dlRM2hVucokLck4MoCP/JqXsCMMmV0saw55sXl6bqq X2prtZegMXNGZ3ZlsOalvV2kPhKorbtvMqKW4p/M+de59eQC7bvV/boyL8HxzHR0 rCYf6e1vDqtoVaE0l0nDipbi7erKHNbcc62/g+WsvXleY0OEY4Uf9QBMgdyt+h/y d8LuYO7Hai4z5TA+FRrouP+ENiFyw2u8ddUl1IfiF3+OIh/z41tEQoWTM9fU0LC6 tjYIbodcLS/Vj4dTCKk8ppsj41EIW1AFEqnKXTpJppBroUeqs12WTCUQEv3V5PRu Js4xUyL4T2Qt5m/F06cgPLu2zcOSZ/60D0UvdqF5/dhZHxkK9/c9XnE5m7Xu/X3r 9JXmrrIMBP4p+dfRbrwrpiqLmdtDjPKzzO86Bta8UIBjxFD47nWEjstKwELk0R1w hnVSCUYQwdjTSdtL4eSXW+m+LlAOTVzsTevICODpomXuthLJ2/fQVwbbQCrEMSbb LaGFc67sNDk7CgIav8AZksBSJm8RToxchbF9MF8SBq19iBTft5ehPuiYJMkWkg== =fvwJ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Current key servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 How can we use private IPs ? >OK, here's my list of addresses: >192.168.1.2booboo # Windows 2003 Svr[*] >192.168.1.4yogi# Slackware Linux >192.168.1.5picnic # Slackware Linux >192.168.1.18 basket # MacOS X >192.168.1.19 horse # Solaris 10 >192.168.1.20 nell# Solaris 10 > -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCgAlBQJPlS2YHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnjI0D/4rjQm7rkAgVDWeU4OYWW8yqHur/l71lKga/8Gk9EFzJdY0 SSU69qPZknT2HATilCWudX/0Wixh9LAhs8Si6KQ0o9tOxZBG7FbH+LxFKG36Bj1q qA4L2kYQ4YlAZ6Le3wNHr8+ktxctfAgAUwyiNvOgAtx7cgPUOj+xo6LsNUwbG4WN esF8FLvHqEpBdR5LCHZ8mpSFyAQVWb+RnhVTYiqKh5QfgpR1TRpsSXNBP7INNNGo IbMw3dPIMkMT0s1TY34r7aULWM7kmiw3+nGqfrW8OSZ6FzcU03Asn9YXkQdTIi1S +6cW8/PVO97J2120W6lpg9PPDqZ+DbXEA1ZIClfoWWciKE4D+vfIottM1VAAfGdk jfjwn/3iMJJFuJRRvT4gqDUbq3pgrnkCPJcyvyzYDzSHhdLxaLXfD+I6eUDkAASQ u9ThpE7AGMObhcv9cXUGncK4UtD99Lk+oAVFmAUP2J6e1AMvdYiCgMcdN0dYKxXZ rvmAR4/aE2vL9/PHldWFmijWFqhYnUn5AJ4Axwt4hdV4n/do7W19ygmfcDnvlmcG 294vboQwTyv4yM5AuYyb1ghQQZCtCyG9eDfTB6GEV6rEZEiU5kBFXkfe+JI9zWQF R7XKrHTYYVHwfV5S1h7r0CBr1kJMbQSNjnt6CGTARM7KA9/W/Xy3j6TNam6bUA== =uK+d -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: failed to build a binary for version 2.0.19 please advise
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > On 04/07/2012 11:28 PM, ? wrote: >> Execuse me where can I find the binaries of this new version on >> a windows platform > http://files.gpg4win.org/gpg4win-2.1.0.exe > Enjoy. I gather that a new build is expected soon, but last time I checked gpg4win-2.1.0 included GnuPG 2.0.18 not 2.0.19. Regards. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJPhwWhAAoJEEy6/YZf1YOeTjAP/jKG/Vsfspz35SkCevUEITjn 2udvRivX/vOprZKOwiD83yykwlws8qDNDCCIdRL/d8ihPe1Y0F4oJU2Tn7/e/+m1 pu+zYXPjiBG7zfvhsXXH3xlPFfQkeOOXazB+A23Tuw1pCYAWcq6Qd/ouTevK7Yy8 0FIkQYa+cPsJa0xnVHmsTDmyWkq9QOLMShi8jMO4rayMpXFQTppp0sC+ndsIonX9 kzqJmJASsSUc4vcEbvFQuMUcJgcvuxl48LTpKoVblLE9ZiQ86Y6NoUnxiNunughT PSjM77fgySDDSkFq0i6dhU3swrFxSTkHRB4Pt95okDoZdtLHqfYCWBBKLgjM0yVv KXg3fo90/8thLvc39KvaeCPGJUpVqX1RUjCVtb/XrQ3SmlDAiVfChdIuwf3Oi8k3 u9GDxAjUFQf4VXQpEogvIiy9GZxNxNbJaAwtPaAoXUw0wCrBOjAMNlLhBJv+OBt3 Rj3TiGOO60A+fUKvsPvPhjv43nNg7uDv0NEh6AjmjH3r6/g5eoGLt7bDM1NVcaVZ 7ipef/8NC9wtfCjqgNqyVNvrhvQZwnbP44VZhVNIlRSaw+i+gq1YHDIb2NEKKN1P MZXM+SnczUYSRv4+1mq1p3HYUMxiYuzzcMrAJyYWmRqlQ2PpkS9v8UG4BzWfJ3D0 OWr/ONilAIavWvtIsAJs =xGgY -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using Smartcards without it's public key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 04/03/2012 00:20, Todd A. Jacobs a écrit : > I *think* this is either because the key lookup is happening on the public key first, before checking for the matching secret key, or because the stubs aren't being created right in the keyrings. I am having a similar problem with signing, even though I've explicitly imported my public key into the public keyring (using --import, rather than --edit-card), and have the secret key on a cryptostick. To be able to use the private keys from a card, you have to get the "stub" on your key ring. First import the public keys (all of them if you use many subkey) Then use --card-status to get the private stubs, I don't know if --card-edit 'll do the trick. Always worked form my cryptostick. Regards -BEGIN PGP SIGNATURE- iQIcBAEBAgAGBQJPUrDjAAoJEEy6/YZf1YOeMwsP/1yBCD3pwnMHbTNSPnasQFSk vUiXTFRYPps2EEi8FThF0WrAEERqj+hDCeO5rKsezqMbKzlOatjApBFwbfAPV1nY +pv32Ft+Gzlmbw0MO/XCGJFrn3jgZ8tNZJTCverhRvl2q70UWpnZOB4tlaEqXReT 8mfISbiXIJhZ47ceH2VykBeFGZXGRG1bGhrZinQPdMQr7DbomkUJE0N93SqFsY7y fCqhmAAP8a9nnYStRUsnaZFuXHBe5YLs7bqEMzL+YzIRHWWLlOfKLtI5eaIYRI/b O/tZEJH3sELiUgLH47o7ZQ8k1oa1SAfB+hi8DBJu3vhjOvxpl87tQsIaHG/MgCQZ E8AJlqEIYhMloUoQ3Ggjt8/uyEfeBt0hKisZN/ZmO5aatzR6hY/8wSDy/SEHe3lz 1EUrLNzBES/iHB2wGwYorRW80CsHKbDiwlWzRfVwpytWoTYl9Z3Nr66Q2aROiw/P ODcYiPVLXZUNi/UlxBjZbjr02uue00bWBFR+pQ39fDoGvQB4AZ/Xhg0reEjQCJaa jX6P6aTFyqtJPUhyHex8qYhjJIDn0mpxPC9lyEfPezojgTZnhNP4QmE4kyE+6gta XeXXOCTxB5oy56TcSSvv1yTVSgDAkYqOvnn3X6e0jYx8MchQYOeC4GAJCjxR5rX1 oFzAR5bVB5QNBygLdex4 =e43s -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using Smartcards without it's public key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 03/03/2012 22:14, Werner Koch a écrit : > No. Public OpenPGP keys are often pretty lare and would not fit on the card. Thus we decided not to do it at all. My usually advise is to put an URL to the public key into the URL field and then use the fetch sub command of the --card-edit menu to retrieve the key. Shalom-Salam, Werner Can't we recreate/guess the public part from the private part, at least from off-card keys ? I noticed that importing a private key from en export also create the public one. (Unless the public key is always embeded in the secret export) Regards -BEGIN PGP SIGNATURE- iQIcBAEBAgAGBQJPUq8jAAoJEEy6/YZf1YOeUgYP/jbMwA2gOE106Ty4dd/dgIwB wzT7k7bZN00GS+4akrBWxUsbnVqpSwr8Iv4faDIR++1uaj+daa1hH4yoI11Uv7gH Ue/LV8ZeB2+UrLbMeXgdrNLF2B5UVDFsSdf5plpml8apzR0riouvhVcno/S0tmSA WjgPzYiDIUhqLFsdLuBWFoDcTUkiu9UOwW0goJy47HhaxVaktnKqCFZqerxbo3Lb tO207hSsUB1Hkm0krLf6+tlDeOJCb1BmhBWxG9X7vMBF2ungUA2JnHbtmNW0QSI7 fFmjyJwD0VFBPtv6fpLEANl0OEjkf79V0WqJK91ffsvByx6RwJ+ghluBk2Q6n6Wj lKq9kjn6QVS2Jhb4ZHTCTvfS7KpWmzsAyF09MqFaO+ifzUi9aPmK2il1gkkuOEGP QYLY8j4T9ntgku/fjnyZ5VtofC0n4UzVpZbBC4KW7FSjsbasLyHz4VcWXWmWz6+A XHsDe/uOiKJU7IEbnKycnZrdPgFJ2QFufZqQ6XoQRHJt/UJjC1L2rDkbG5q72QWA myFaASZkhTQSYnr9o5Ex7NiQKq1mLG6WOrwgn82c2SegOh1j71sxHwrd3OhhCQZm dyR1H7+y5p0kYruZAqAC4uV/elXies0KMuo3o5x5YUGRpjkGdu0fRg/GR6OtH+U4 wTKjNNULopXqrybhBaL5 =4ORW -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Using Smartcards without it's public key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Can I use my openPGP smartcard to decrypt a file with a empty keyring ? Assuming the card's public keys are lost or unreachable at the time. Regards. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQIVAwUBT1CXn0y6/YZf1YOeAQpSDg//UuBx2Ydaj19wmGgkoQ9P0kYmqqFXG1pk fylKDeQ6Wy51/iNkepMc4ypXKoidSvpl/0xW6lzw9yMlr3VwJ2MLJzIyqwEmxeXN UzAgk+QML3PF4mYmgN9wLhjJIXIjfKiKrakaD/Cl0nW1pEjp3QKqXEeJa8KeGHVr oNzCiwgFWkhQ+LW6t/strTTTWQuTfWAFuRFJ0u4JQVpQJ6M8QQ2KElZbsJVGLf0K W3zaIvo0zVMOy5T+JoccQre7LmURzTfmxDdfcF5QsW3thNUEAiDe9B3lW+h4BUPn PskmkXFlu/iKZJ1FkxvdNcuSA2Bfrgwn0JS6Gv12OsEimL+Nf8/nGXMGTRosoPoa MFiA12D3Dn7zhfPXSCFtluiR3LG3/qd3nOoYPc8VEflD0GrvNN/JpY704Tj6bu3Q /RwiBTWirbAIyQJB1M0MLmnEdPU5/UUjI1NpnXO2Z+IRNtDuF3cvVqI9ofcZ+rQL ht5EcEBQf8AYP+qVkmWFXKeuk+9N5e5/mirJhc0TJ7NDemzKn71Fs9tmimXWfnA8 W4Ay1a541oy/siGRVA9nDFI98/NEUO45dSq75UkbNGmjLwu2BUgjBdb8H2+7sWpG TeYNuD+rvfapUH9a3zrJf4yJctr6M7vKf6q/nHlye4DPmzeTObo/IGV0fF8TrbSl 4MaLnt498wc= =wwMR -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
