Re: debugging systemd user services for gpg-agent and dirmngr [was: Re: gpg hangs when asking for passphrase]

On Mon 2017-05-15 19:10:35 -0400, Joey Morris wrote: > Daniel Kahn Gillmor wrote on Wed, May 10, 2017 at > 10:58:21PM -0400: >> On Wed 2017-05-10 22:17:28 -0400, Joey Morris wrote: >> > I have systemd version 222-1 installed, which appears to be wildly out of >> > date.

SSH RSA comment lost when imported to gpg-agent

Hi, folks. I've found strange `gpg-agent` behavior. When I import `~/.ssh/id_ed25519` with `ssh-add` it takes comment from its public counterpart. But when I do the same with `id_rsa` it just use `.ssh/id_rsa` instead of actual comment. Is there any way to change that comment via

Re: suspicious key found

On May 16, 2017, at 9:47 AM, Janne Inkilä wrote: > > I made a key search with my name and found something suspicious. > > The search: > > https://pgp.mit.edu/pks/lookup?search=janne+inkila=index=on > > I have used my old key since 2007. Fingerprint F4DB 40F8 BF22 8B9D

Re: suspicious key found

There was a proof of concept attack on the fingerprints a couple of years ago. The keys were revoked afterwards. TL;DR short key fingerprints are not secure at all. Also the web of trust is your friend here. Cheers, Felix On 16/05/17 15:47, Janne Inkilä wrote: I made a key search with my

Re: command 'LEARN' failed: No inquire callback in IPC

Hi Mr. Yutaka: Thank you for your input and all the dev work you have done. This is a cloud environment so I dont have the luxury of physical access to a usb port. I do not leverage libusb because this is using network attached Safenet Luna SA HSM (gemalto brand) PKCS11 smart card provider.

Re: suspicious key found

On 2017/05/16 14:47, Janne Inkilä wrote: > Did someone really generated same looking key? And why? Any ideas? Yes, they did. Most of the strong set was duplicated by the Evil32 project in order to demonstrate the danger of relying on short key IDs (because on modern hardware it takes mere seconds

suspicious key found

I made a key search with my name and found something suspicious. The search: https://pgp.mit.edu/pks/lookup?search=janne+inkila=index=on I have used my old key since 2007. Fingerprint F4DB 40F8 BF22 8B9D 9B8F F679 A482 4C9A 033E 22A2. I know this is quite old key and maybe I should revoke

Re: Newbie can't get --passphrase option to work

On 16/05/17 13:31, Dan Kegel wrote: > That wasn't my experience. I used keys with no passphrase, > and *still* had to use loopback (and jump through other hoops) to get > gpg to work unattended. I was talking about the things one usually does on a headless server, which is decryption and data

Re: Newbie can't get --passphrase option to work

On Tue, May 16, 2017 at 12:31 AM, Peter Lebbing wrote: > You should also ask yourself what the purpose of the passphrase is other > than to make your life difficult > You should probably just remove the passphrase from the key. That way > any decryption or signature

Re: Using a GnuPG CCID card in another computer (follow-up)

On 05/16/2017 07:55 AM, Matthias Apitz wrote: The question remains: Why I do have to move the files below .gnupg/ to the other workstation? The card only contains the private keys. GnuPG also needs some informations that are only contained in the public parts, such as the User IDs associated

Re: Using a GnuPG CCID card in another computer (follow-up)

El día martes, mayo 16, 2017 a las 11:12:18a. m. +0200, Peter Lebbing escribió: > On 16/05/17 07:55, Matthias Apitz wrote: > > The question remains: Why I do have to move the files below .gnupg/ to > > the other workstation? > > The card only holds the basic cryptographic material. But a

Some questions regarding generating RSA keys

Hi! I'm currently doing a high school project by studying RSA keys for better understanding them theoretically and practically. A part of the project consist of an experiment, and I choose to test and see how big the workload will be for the CPU when generating RSA keys of different length. I

Re: Using a GnuPG CCID card in another computer (follow-up)

On 16/05/17 07:55, Matthias Apitz wrote: > The question remains: Why I do have to move the files below .gnupg/ to > the other workstation? The card only holds the basic cryptographic material. But a certificate ("public key") holds much more information: your name, the relations between the

Re: Newbie can't get --passphrase option to work

On 12/05/17 16:15, Ryk McDorman wrote: > In the program I'm passing the output and input filenames as parameters to a > one-line batch file consisting of this command: > echo | "C:\Program Files (x86)\gnuPG\bin\gpg.exe" --batch > --output %1 --passphrase-fd 0 --decrypt %2 You should also ask

Re: command 'LEARN' failed: No inquire callback in IPC

"Rogers, Dustin" wrote: > I have recently installed gnupg 2.1.20 from source on a centos6.8 box. What's the configure option? Did you enable smart card support with libusb? > [root@system1 ~]# gpg --card-edit > > gpg-agent[5158]: DBG: chan_8 -> OK Pleased to meet