Re: protecting pub-keys from unwanted signatures
reflum, On Sun, 2015-08-16 at 10:10 +0200, Stefan Claas wrote: Hello Werner and all, after seeing Facebook's public key a couple of days ago, i was wondering if it's possible to enhance GnuPG in a future version, so that it no longer allows someone to sign a public key without approval of the owner. Maybe you can explain your use case a bit. Think about this: You can easily create a little document with the fingerprint of the key you want to sign, timestamp, maybe other notions and sign that. Then you can publish this document. In fact the signature on a key is very similar to such a document. Just that it has a machine readable structure. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Several master keys vs. master key and subkeys
reflum, On Tue, 2013-07-16 at 07:16 +0800, Martin wrote: * I find them Confusing. So what's the point here? If he doesn't yet the concept it doesn't mean it is bad. It's just a statement about him, not the standard. e.g. I haven't got the concept of armoured concrete, yet I life in a house build this way and it works great for me. * There are disturbingly many (i.e., any at all) bug reports on the web about gpg software handling subkeys incorrectly. I have never seen any. There may be. But there may be also bugs for all other parts of all other software. * It is possible to export a subkey and attach it to a different primary key, creating a potential security hole. To use really use the subkey you need to be abled to use it anyway. If you are already be abled to use it (having a copy of the secret key material, knowing the passphrasse...) there is no longer need to attach it to a diffrent key. You can already use it. To me this sounds like half-thought thingy: I don't understand the concept fully so I consider it to have security problems. * No ability (without a lot of hassle, anyway) to use different passphrases on primary and subkeys. For the few setups I used this before it worked for me. I would like to know if David Soergel's approach has any flaws. As I understand it, it works the same as using real subkeys, I would create two normal keys, declare one to be my master key and one to be my first subkey. Biggest problem to me with this (some used do it so it *is* a real world problem to me): this breaks the Web of Trust. The normal calculation doesn't work anymore as expected. Validity is calaculated wrong (as those are leaf nodes in the WoT and have only one other node connected). Also signing those keys isn't a better option: they are replaced yearly or something. So as soon as the key is expired or revoked I would need to re-sign the replacing key. Also if I trust both keys in some way the person counts twice if he signs some other keys. If he does that for some years he may have a sum of keys I have signed and trust. If he un-expires them so they become valid again he can sign some other key and that one becomes valid and trusted to me with just that person as trust path. So the person can 'inject' a valid key as of the view of my gpg. So for me that often leads to alterning the trustdb manully that adds extra work and has some risks of it's own. See above. Then I would sign the subkey with the master key which would enable me to create a revocation cert for this subkey later, if needed? You can always revoke any primary or subkey. You just need to be abled to use the corressponding certification key (your primary key) or create a revocation certificate (signature) after creating the key and use that late. (there are more ways to invalidate a key but I don't want to confuse you more than needed :). Hope my post is of any help. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Decryption problems using php
reflum, On Tue, 2012-06-05 at 10:20 +0530, Amol Patil wrote: Currenlty I am having problem with the decryption of the file my code is like this echo shell_exec(echo $passphrase | $gpg --passphrase-fd 0 -o $unencrypted_file -d $encrypted_file); If you do this the passphrase can be shown by any user on the system (for example using the ps(1) command). The window for this is small yet this adds an attack vector. This attack becomes more easy as you may trigger it via your web application (don't know what kind of webapplication this is so just gussing here). Also if you store the passphrase in your scripts it is plain on your FS. Anyone with FS access can read it. This also includes explits in your and other software running on your webserver. Even worse: of your webserver's config is broken at some point it may handle your files as plain text or something and allowing remote users to just read your passphrase with a web browser. I suggest you to drop the passphrase from the key as it does not add any security in this case but makes stuff like this more complex. You can actually improve the security by only storing the needed subkey(s) on your server and have the primary key protected off-side (for example on your work/devel system). If you need only decrypting on-side this will perfectly protect you from attacks doing signatures or certificates (sigs on other keys) or changing the key's crypto material or options. So if there was a successfull attack somewhere in the future you can just revoke this subkey and add a new one so your clients can update using normal keyservers/... without needing to pass fingerprints around again. Hope I was of at least some help :) PS: another attack which is fully off-topic to this list is injecting something in $unencrypted_file or $encrypted_file. You need to fully trust the content of those vars. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Convert a .sig file to .asc file (is it possible)?
reflum, On Sat, 2011-11-12 at 10:17 +0100, Csabi wrote: Hi all! It is possible to convert an already created .sig file to .asc file? (ASCII armored output)? I would like to convert some .sig (detached signature) files to .asc files. Can anybody write a method how can i do it? Best regards, Csabi gpg --enarmor bla.sig -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 10GB /var/log/messages.log
reflum, On Sun, 2010-11-21 at 13:55 +0100, Alphazo wrote: Yesterday, after signing one message using my CryptoStick (OpenPGP card V2 + USB reader) I filled up my /var/log/messages.log with 10GB (that's a lot) of the same exact message: Nov 20 21:15:00 localhost pcscd: ccid_usb.c:613:WriteUSB() write failed (2/3): -9 Success I don't know much about pcscd, but maybe there is a loop which should get a error counter. did restarting the process help? In fact it was only 10GB because I didn't have any more space left on this partition. I also had /var/log/everything.log and /var/log/user.log with the same content. The line just before was: Nov 20 21:13:12 localhost kernel: usb 2-1.2: new full speed USB device using ehci_hcd and address 3 The only thing I remember is that I probably have removed the drive at some point. Do you use rsyslogd? -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Transferring GnuPG accounts
reflum, On Sun, 2009-08-09 at 17:15 +1200, Adam Bogacki wrote: On Fri, Aug 07, 2009 at 11:45:07PM -0400, David Shaw wrote: On Aug 7, 2009, at 6:43 PM, Adam Bogacki wrote: Hi, Having recently set up lenny on a new box, I copied the contents of ~/.gnupg from the old etch box to a USB stick and then to the lenny box - but find that mutt does not do digital signatures as it did on the old one. What am I missing here ? T2: ~/.gnupg# ls gpg.conf pubring.gpg pubring.gpg~ random_seed secring.gpg trustdb.gpg To properly answer your question, you'd have to say what does not do digital signature as it did means. Does it not work at all? Does it work, but in an unexpected way? What does it do? There just isn't any information to go on here. Thanks. Following another msg from is list, I removed 'random_seed' and tried sending a signed mutt mail. All seemed well until the final stage when I received the following error message... gpg: no default secret key: secret key not available gpg: signing failed: secret key not available Press any key to continue... let me guess: your USB stick is FAT formated? maybe the access permittions of the files aren't as they should. rename your .gnupg/ to something else, let's say .gnupg-old, then try: gpg --import ~/.gnupg-old/pubring.gpg ~/.gnupg-old/secring.gpg if you have a gpg.conf: cp ~/.gnupg-old/gpg.conf ~/.gnupg/ -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Exposing email addresses on key servers
reflum, On Sun, 2009-06-28 at 13:20 +0800, Jesse Cheung wrote: You can also use a freeform UID, which contains name and comment, but leave the email field empty. Yeah I found it a good idea! BTW it seems the file format doesn't really stop us from putting invalid email address in the UID, so is there a switch in gpg/gpg2 command line that skips email address format checking altogether? My intension is to put obscured email addresses, like rot13(xxx) or reversed(at-dot(email)) kind of stuff in that field. Seahorse can do that, but only when generating keys, not adding new UIDs I often use mail addresses containing a '=' or use UUCP style addresses (host!user). They are perfectly valid just not commonly used and spambots don't find them. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: questions: no input file, and pascal programming
reflum, On Sun, 2009-05-03 at 10:22 +0100, Philip wrote: So far I have figured out that on windows if I enter the command gpg -eat -r [recipient key] I get a prompt on the console If I then type a message, followed by enter control-Z enter then gpg will encrypt the message and dump the pgp text to the screen, or to a file if I used the -o [filename] option. However on linux control-Z just terminates the program (no pgp text) Does anyone know the official, correct console way to get pgp to terminate and output the encrypted text from console? I'm amazed that it just doesn't seem to be documented anywhere. Take a look at the ASCII table (man ascii :). There is ^D (EOT - end of transmission) for this. This is used by all systems I'm aware of but window$. Don't know why they use something diffrent, maybe just to be diffrent and break the standard. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Secure Key Generation Tutorial by TJL73 question and Linux
reflum, On Tue, 2009-04-28 at 09:26 -0600, Allen Schultz wrote: I was following TJL73's tutorial on secure key generation with the below link and was having problems with updating a subkey from the primary-secret key in another directory. http://tjl73.altervista.org/secure_keygen/en/index.html $ gpg --homedir backup1 --keyring pubring.gpg --secret-keyring secring.gpg -trustdb-name trustdb.gpg --list-secret-keys gpg: WARNING: unsafe permissions on homedir `backup1' I did a ls -al and found backup to have 744 access. I set it to 644 access and got the following. gpg: WARNING: unsafe permissions on homedir `backup1' [...] Apparently I dont have the permissions right on the directory. Now with 644 I cannot access the directory. For the ring files in the directory and the directory itself, what is gpg looking for in permissions? Should I ask this in my LUG? Normaly GnuPG requires 700 (owner can do everything, nobody else can do anything) on the .gnupg directory. -- Philipp. (Rah of PH2) signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
