On Fri 2024-03-01 17:06:09 +0100, Ingo Klöcker wrote:
> On Donnerstag, 29. Februar 2024 21:21:42 CET Daniel Kahn Gillmor wrote:
>> human-readable names for certificates. But i don't see how to use that
>> safely while dealing with GnuPG's risky implementation choices here.
>
>
On Wed 2021-07-07 19:57:14 +0200, Werner Koch wrote:
> You need to check for the canonical form anway and thus it is easier to
> directly sort it. In case of signature subpackets (if that is one of
> your concerns), this if of course not possible and thus this would
> require that the specs
On Tue 2021-07-06 23:20:23 +0100, Andrew Gallagher wrote:
> That's an interesting idea, and it has merit in itself, but from a
> keyserver point of view I think a more general solution is to explode
> TPKs into atomic components, sync them separately, and reconstruct the
> TPK on demand at
On Mon 2021-06-28 18:42:02 +0100, Andrew Gallagher via Gnupg-users wrote:
> It’s not clear, but it may be due to a lack of canonical ordering of
> packets.
There are no published specifications for how to canonically order
OpenPGP packets, but i sketched a proposal here:
On Thu 2021-06-03 09:43:02 +0900, NIIBE Yutaka wrote:
> ಚಿರಾಗ್ ನಟರಾಜ್ wrote:
>> I'm getting this error/warning even when I just decrypt an encrypted
>> file using plain gpg.
>
> If you keep using ~/.gnupg/pubring.gpg, I think this is the cause of
> your problem.
>
> In this case, see this comment
On Fri 2021-03-19 15:30:51 -0700, Mark via Gnupg-users wrote:
> It also has issues with signed messages and lists. For example you
> signed this message but it says "uncertain digital signature". I don't
> remember this being an issue in the older TB/Enigmail.
Signed messages on mailing lists
On Fri 2021-03-19 08:29:12 +0100, Werner Koch via Gnupg-users wrote:
> You may also skip the menu thing and use
>
> gpg --quick-gen-key b...@example.com future-default
I agree with Werner's recommendation of using --quick-gen-key and
future-default.
If you're going to provide an e-mail
On Fri 2021-01-29 01:20:55 +0100, Ángel wrote:
> Oh, nice. I had only located
> https://gitlab.com/openpgp-wg/webkey-directory which stops at -08. This
> one has been further updated.
yep, see the thread starting at
https://lists.gnupg.org/pipermail/gnupg-users/2019-October/062844.html
and
On Wed 2021-01-27 22:49:13 +0100, André Colomb wrote:
> By the way, is there something like a repository to send and discuss
> pull requests against the WKD draft document? Or is it just
> hand-crafted text edited by the submitter based on suggestions?
I think you can find a git repo that
On Fri 2021-01-22 22:59:36 +, Andrew Gallagher via Gnupg-users wrote:
> On 22/01/2021 17:29, Daniel Kahn Gillmor via Gnupg-users wrote:
>> this is a non-backward-compatible change to the format, so i think
>> that's probably not a great outcome.
>
> I can't help
On Tue 2021-01-19 13:08:19 +0100, Werner Koch via Gnupg-users wrote:
> On Tue, 19 Jan 2021 09:28, Neal H. Walfield said:
>
>> When you look up the openpgpkey.example.org domain, you are revealing
>> to anyone snooping DNS traffic that you are using OpenPGP and are
>> looking for a key related to
On Thu 2021-01-21 18:49:19 +0100, Neal H. Walfield wrote:
> Please don't do this. This is the format of a TPK:
>
> https://tools.ietf.org/html/rfc4880#section-11.1
>
> It doesn't allow arbitrary packets to follow it, as far as I can see.
fair enough. It also doesn't allow arbitrary trailing
(my messages might not be arriving at @gnupg.org addresses right now
because their mailserver appears to be rejecting my mailserver claiming
(incorrectly, afaict) that the reverse DNS is not configured --
hopefully it will be resolved soon; feel free to re-forward this message
to the list if it
On Mon 2021-01-11 22:59:10 +0100, Ángel wrote:
> The "make a CNAME of your openpgpkeys subdomain to
> wkd.keys.openpgp.org" couldn't work with https certificate validation,
> thouth (or are they requesting a certificate on-the-fly?)
In fact, i believe that keys.openpgp.org *is* requesting and
On Sun 2020-10-11 09:59:12 +0200, Stefan Claas wrote:
> Helmut Waitzmann Anti-Spam-Ticket.b.qc3c wrote:
>> Yes, but why should she want to be able to do that? She could
>> decrypt the message and, if it turns out that the message is not
>> signed, discard the message.
>
> It would allow Alice
On Wed 2020-05-27 20:42:45 +, halfdog wrote:
> I just noticed that gpgv2 packaged for Debian does not include
> the "gpgsplit" and "pgpdump" tools any more.
pgpdump was never part of GnuPG, it ships in its own package.
The gnupg-utils package contains /usr/bin/gpgsplit.
For more detailed
On Mon 2019-12-16 13:39:10 +0100, Andreas Ronnquist wrote:
> Changing to pinentry-gtk3 also removes the problem, and that is an
> acceptable solution for me, so I have no hurry in getting fixes to the
> gtk-2 version.
just to clarify, i think you're talking about pinentry-gnome3, not
gtk3.
On Tue 2019-10-22 21:28:53 -0400, Daniel Kahn Gillmor via Gnupg-users wrote:
> On Thu 2019-10-17 11:08:46 +, Bjarni Runar Einarsson wrote:
>> Daniel Kahn Gillmor wrote:
>>> I'd be happy to set up such a tracker at (say)
>>> https://gitlab.com/openpgp-wg/web-ke
actually correctly published via
WKD, so i tested with d...@fifthhorseman.net):
130 dkg@alice:/tmp/cdtemp.pipIPp$ gpg -e -r '' foo.txt
gpg: : skipped: No public key
gpg: foo.txt: encryption failed: No public key
2 dkg@alice:/tmp/cdtemp.pipIPp$ gpg -e -r 'd...@fifthhorseman.net' foo.txt
gp
On Thu 2019-10-17 11:08:46 +, Bjarni Runar Einarsson wrote:
> Daniel Kahn Gillmor wrote:
>> I'd be happy to set up such a tracker at (say)
>> https://gitlab.com/openpgp-wg/web-key-directory/issues if folks
>> are OK with it.
>>
>> Werner, does that sound OK t
On Tue 2019-10-15 23:01:33 +0200, Werner Koch via Gnupg-users wrote:
> On Tue, 15 Oct 2019 09:06, Bjarni Runar Einarsson said:
>
>> Would the GnuPG issue tracker be a good place to file "bug
>> reports" against the spec, to work towards clarifications?
>
> That is okay for bug reports, but often
On Tue 2019-10-15 22:57:16 +0200, Werner Koch via Gnupg-users wrote:
> If your system has a method to run a script
> on suspend or lid closing it may already do just that. I consider this
> a good idea but we can't do that by default in GnuPG because systems
> differ to much on how to detect a
Hi Tomasz--
On Sat 2019-08-17 18:45:24 +0200, Tomasz Buchert wrote:
> what would be the most "canonical" way to store arbitrary, signed data
> along the gpg key? And then: what is the programmatic way of extracting
> said data?
>
> My specific usecase is putting a signify [1] public key inside
On Thu 2019-08-01 13:37:26 +0200, Werner Koch wrote:
> The user ID is important because the accompanying self-signature conveys
> important information about the keyblock. For example expiration date
> and preferences. It is true that this can also be conveyed with
> direct-key-signatures (a
Hi MFPA--
On Sun 2019-07-28 14:12:45 +0100, MFPA via Gnupg-users wrote:
> I have the option "allow-non-selfsigned-uid" in my gpg.conf.
A bit of background first, since the documentation around
allow-non-selfsigned-uid appears to be confusing/mistaken.
the manual says:
On Thu 2019-07-25 14:00:08 -0400, Kynn Jones via Gnupg-users wrote:
> The GnuPG documentation refers to an "INTEROPERABILITY WITH
> OTHER OPENPGP PROGRAMS section", but when I search for this
> title, I find only references to it, not the actual section.
>
> Does any one know where that section
On Tue 2019-07-02 12:24:42 +0200, Werner Koch via Gnupg-users wrote:
> On Tue, 2 Jul 2019 10:23, gnupg-users@gnupg.org said:
>
>> Why not make "import-clean" and "import-minimal" strip key signatures
>> before importing a key? That would make "import-minimal" behave like
>
> Because that
On Sun 2019-06-30 00:33:22 +0100, Andrew Gallagher wrote:
> Indeed, c) was exactly the killer use case I had in mind.
so, how do we get there?
> On the other hand, b) is also quite useful in the short to medium
> term, until all mail providers decide to support WKD etc.
WKD is mighty nice, but
On Fri 2019-06-28 11:09:36 +0200, Michael Kesper wrote:
> On 28.06.19 10:23, Daniel Kahn Gillmor wrote:
>> On Fri 2019-06-28 10:04:44 +0200, Michael Kesper wrote:
>>> On 23.06.19 12:21, Matthias Apitz wrote:
>>>> I'm used to use 'startx' and ~/.xinitrc to bring up Xor
On Fri 2019-06-28 10:04:44 +0200, Michael Kesper wrote:
> On 23.06.19 12:21, Matthias Apitz wrote:
>> I'm used to use 'startx' and ~/.xinitrc to bring up Xorg+KDE:
>
> This makes your setup depend on a suid binary.
Can you give more details? I know that some older systems did rely on X
or startx
On Wed 2019-06-26 07:47:11 +0200, Matthias Apitz wrote:
> Thanks for all the helping hands and hints about systemd(8), but FreeBSD
> normally does not run/use this. AFAIK, there is not even an official
> port of it in the FreeBSD's ports collection.
That's correct, systemd depends on the Linux
On Tue 2019-06-25 23:03:18 -0400, Phil Pennock wrote:
> With GnuPG 2.2.16 :
>
> % ls -ldh ~/.gnupg/pubring.kbx
> -rw-r--r-- 1 pdp pdp 241M Jun 22 22:16 /home/pdp/.gnupg/pubring.kbx
> % time gpg --list-keys >/dev/null
> [...]
> gpg --list-keys > /dev/null 1473.99s user 1965.72s system 99% cpu
On Tue 2019-06-25 12:02:13 -0700, James Moe via Gnupg-users wrote:
> On 25/06/2019 8.30 AM, Daniel Kahn Gillmor wrote:
>
>> Is it possible that your pubring.gpg is corrupt?
>
> As it happens, yes.
> The size of pubring.gpg was 20MB; the backup copy was 1.3MB. After
&g
On Tue 2019-06-25 17:41:12 +0200, Dirk Gottschalk via Gnupg-users wrote:
> Am Dienstag, den 25.06.2019, 16:30 +0200 schrieb Vincent Breitmoser:
>> Have you considered the option to have keys cross-sign third party
>> signatures for publication? It's a very slight switch in tooling if
>> we assume
On Sun 2019-06-23 15:00:40 -0700, James Moe via Gnupg-users wrote:
> On 23/06/2019 11.53 AM, James Moe via Gnupg-users wrote:
>
>> gnupg does appear in the update log
>>
> Sigh. Typo.
> gnupg does NOT appear in the update log. Nor does libscrypt.
Without having access to your pubring.gpg,
On Sun 2019-06-09 19:17:10 +0200, Wiktor Kwapisiewicz via Gnupg-users wrote:
> Hi Markus,
>
> On 09.06.2019 14:16, Markus Reichelt wrote:
>>> in a similar fashion to what --quick-* commands already do for other actions
>>> (e.g. --quick-add-uid).
>>
>> --set-notation maybe?
>
> Yes, but as far
On Sat 2019-06-01 12:14:00 +0200, Uwe Brauer wrote:
> In any case I finally solveed the issue by just importing all available
> cer into gpgsm and it worked, by mistake was to assume that gpgsm uses
> the ones which are installed system wide.
I agree that gpgsm integration with the system keyring
On Tue 2019-06-18 04:03:45 -0400, vijai kumar via Gnupg-users wrote:
> I am using gpg inside a docker container. By default, there is no
> /run/user/ in the container so gpg defaults to ~/.gnupg as socket
> directory. Is there a provision to change the socket directory later?
> Now, I would like
On Tue 2019-06-25 13:07:03 +0200, Dirk Gottschalk via Gnupg-users wrote:
> This is my $HOME/.config/systemd/user/gpg-agent.service:
If you're using gpg-agent as a systemd user service, please use the
systemd unit files (.service and .socket definitions) that ship with
GnuPG itself.
There are a
On Sat 2019-06-22 09:41:46 +0200, Wolfgang Traylor via Gnupg-users wrote:
> On Debian: Prepare GnuPG
>
>
> SSH support is not given by GnuPG 1. The `gpg` executable must be version 2.0
> or higher.
> On Debian system, `gpg` is still the old version by default. We change
On Fri 2019-06-21 15:26:17 +0100, Andrew Gallagher wrote:
> On 21/06/2019 14:32, Werner Koch via Gnupg-users wrote:
>> That new thing now is the n-th repetition of the same game: Replacing
>> PGP by a centralized approach, or well many centralized approaches, in
>> an attempt to repeat the story
Hi Gregor, everyone--
On Wed 2019-06-05 19:10:57 +0200, Gregor Zattler wrote:
> I use notmuch-emacs to read my email and sometimes do use GnuPG,
> therefore notmuch-emacs is configured to verify signatures but
> does so also for S/MIME signatures. When displaying such emails
> I'm asked if I
On Wed 2019-04-10 17:28:54 +0200, Peter Lebbing wrote:
> On 10/04/2019 17:24, Peter Lebbing wrote:
>> gpg> delkey
>
> Sorry, my fatigued head was being silly. That's for deleting the public
> part, not the secret part. I don't think I know the way to delete the
> secret part when you just want to
On Fri 2019-03-08 20:05:53 +0100, john doe wrote:
> I'm considering working on a project that has only for now a couple of
> developers.
> As part of that project everything that will be released will need to be
> gpg signed.
>
> What is the best way forward?
> - One signing key accessible on
On Sat 2019-03-02 11:31:44 +0100, Olliver Schinagl wrote:
> Well the actualy firmware image validation will be done via a script
> there, so no worries on that regard. But if an engineer is tasked with
> modifying any of these scripts, they may struggle to know what's going
> on when invoking the
Hi Geoffrey--
On Wed 2019-02-27 17:19:08 +0100, gpir...@manymore.fr wrote:
> I've been unsuccessfully trying for a while now to have gpg working in an
> automated environment. I've been following the point 8.20 int the gnupg faq
> and I get an error at the gpg -homedir command (see screenshot
On Wed 2019-02-27 21:10:36 +0100, Olliver Schinagl wrote:
> During development, engineers also login to the system and may
> need to use the gpgv tool to check things. Having to point to the exact
> file is just common cause of imstakes 'where was that file again' or 'oh
> forgot'. But sure it is
On Mon 2019-02-25 07:54:33 +0100, Olliver Schinagl wrote:
> What I am trying to accomplish, is to generate an OS image, which
> contains a public gpg key. The public is added using gpg --import and
> kets added to the newly created pubkey.gpg.
I think your description here is missing some
On Sun 2019-02-24 19:53:53 +, Farhan Khan via Gnupg-users wrote:
> I was under the impression that best practice was to keep the master
> key offline in cold storage.
"best practice" for some is "unusable complexity" for others :) If it
works for you, it's probably not unreasonable to keep
On Mon 2019-02-25 19:53:17 +0100, Andrei Fokau wrote:
> I have just installed GnuPG on macOS Mojave using Homebrew. When I try to
> generate a new key I can go through almost all steps seeing messages and
> dialogs in English, but when it asks my passphrase, I see
[ image of cyrillic glyphs and
On Mon 2019-02-25 18:01:22 +0100, Marcel Waldvogel wrote:
> this is probably not the right place to post, but I did not find
> anything more appropriate:
>
> The certificate for git.gnupg.org expired yesterday. Could someone with
> the appropriate privileges please fix this?
It's probably a fine
On Mon 2019-01-21 08:29:35 -0900, justina colmena via Gnupg-users wrote:
> How can people be so insufferably rude?
How indeed.
Justina, please keep discussion on-topic and friendly for this mailing
list. Too many of your posts to the list are full of invective,
threating assault, or
On Tue 2019-01-15 12:05:39 -0500, Ineiev wrote:
> On Mon, Jan 14, 2019 at 03:06:22PM -0500, Daniel Kahn Gillmor wrote:
>> fwiw, if you use --batch with --import, there will be no attempt to use
>> pinentry, ever, which should make both commands work without complaint.
>
&
On Sat 2019-01-12 14:25:02 -0500, Ineiev wrote:
> On Sat, Jan 12, 2019 at 02:12:47PM -0500, Ineiev wrote:
>> dti@manas:~$ gpg --home h1 --import
> Sorry, this is what works:
>
> gpg --home h1 --import sec.asc
to be clear, i think the issue that you were having is that both
commands use
On Tue 2019-01-08 15:55:30 +0100, Stefan Claas wrote:
> it seems a bit to much if you look at avatars, profile images
> etc. on social media sites and other places. The images there are always
> reasonably in size when displayed and do not offer such large image size for
> usage, IIRC.
I think
I'm confused by this e-mail, hopefully the notes and questions below can
start to un-confuse it a bit.
On Thu 2018-12-13 13:40:56 -0900, justina colmena via Gnupg-users wrote:
> OpenKeychain on my smartphone is able to verify the attached
> signatures .gpg, but not the detached .sig files.
This
On Fri 2018-11-16 17:00:33 +0100, Stefan Claas wrote:
> I understand your points, but like to point out my view of sig0
> and why i think it is not good and why i wrote a policy that way.
I think you're talking about this:
> With the sig0 approach i have the following problem: I could create
On Thu 2018-11-15 23:41:32 +0100, Stefan Claas wrote:
> or if i sign with sig0 a key on a key signing party, where i also don't
> know that the person who attended is a good or bad person
OpenPGP identity certifications ("keysignings") make no claims one way
or the other about a person's moral
On Wed 2018-11-14 15:45:34 +, MFPA wrote:
> The broken link is at https://gnupg.org/software/swlist.html#sec-1-23.
> The link that returns the 403 error is
> http://sites.inka.de/tesla/gpgrelay.html. A possible working link is
> https://sourceforge.net/projects/gpgrelay/.
thanks, i've
On Wed 2018-11-14 08:43:19 +0100, gnupgpacker wrote:
> Did try it several times, but no response. Development seems to be stopped
> since 2005...
> https://sourceforge.net/projects/gpgrelay/files/
all the more reason to move away from it then. security software that
deals with complex data
Hi MFPA--
On Wed 2018-11-14 09:40:35 +, MFPA wrote:
> Taking the opportunity to point out the software list on gnupg.org's
> GPGrelay link returns a 403 "You don't have permission to access..."
> error. (For me at least, YMMV.)
Can you please point to the specific URL where there is a broken
On Tue 2018-11-13 09:15:46 +0100, gnupgpacker wrote:
> Hello,
>
> importing to R2mail2 is working *without* changing expiration dates, if key
> is exported from GnuPG-2.1.11...
>
> "Converting-way":
> Export GnuPG-1.4.23(GPGkeys/Win7) > Import GnuPG-2.1.11(Win7) > Export
> GnuPG-2.1.11(Win7) >
On Mon 2018-11-12 18:27:59 +0100, gnupgpacker wrote:
>> the "classic" version of GnuPG (the 1.4.x series) not only does not
>> ...
>> If you upgrade to the modern version of GnuPG on your windows machine,
>> and then try to re-import, i think you'll find the merge issue resolved.
>
> GnuPG 1.4.23
Hi there--
On Mon 2018-11-12 11:04:09 +0100, gnupgpac...@on.yourweb.de wrote:
> there occurs an issue while exporting/ importing keypair from
> Windows-7/GPG-1.423 to Android-8.1/R2mail2.
1.423 is not a valid GnuPG version, so i assume you meant GnuPG 1.4.23.
the "classic" version of GnuPG (the
fwiw, i agree with Damien that the existing text in the FAQ about
generating a revocation certificate should be removed.
I think that there should be some text like "where can i find my key's
revocation certificate?" which could be added to the FAQ.
However, situations like these:
On Sat
On Mon 2018-09-24 12:44:38 +0200, Peter Lebbing wrote:
> The always-correct option would be to --export, copy the exported key to
> the initramfs, and simply --import it before use, no meddling with
> prefabricated keyrings. It does waste some processing.
I think you're right that this is an
On Mon 2018-09-24 01:09:25 +0100, Andrew Luke Nesbit wrote:
> This is using the contents of `~/.gnupg/private-keys-v1.d/` as an API.
> If this is *not* part of the API, then what *is* the official
> recommendation for generating subkeys?
The part of those pages about "generating subkeys" does use
On Sun 2018-09-23 18:18:13 +0200, Peter Lebbing wrote:
> The intent of this mail is not to ask whether something works. This can
> be easily verified. It's asking whether it is a supported way of doing
> things. I hope I can get some guidance on this!
I appreciate that you're asking for
On Fri 2018-09-07 14:31:16 +0200, Kristian Fiskerstrand wrote:
> On 9/5/18 4:20 PM, Daniel Kahn Gillmor wrote:
>> I'm unable to replicate this. here's a transcript of my session,
>> testing pinentry-qt 1.1.0-1+b1 and gnupg 2.2.10-1 on debian
>> testing/unstable:
>
> whi
On Wed 2018-09-05 09:39:31 +0200, Kristian Fiskerstrand wrote:
> On 9/4/18 6:10 PM, Daniel Kahn Gillmor wrote:
>> or do you mean something else?
>
> without DISPLAY env var, qt version automatically falls back to curses
> variant despite the argument
>
> kristian
On Mon 2018-09-03 09:58:24 +0200, Kristian Fiskerstrand wrote:
> Just to have it mentioned, turned out this was an issue with missing
> keep-display in gpg-agent.conf, without this the Qt4/5 pinentry fail
> (although I've been told it is not an issue in KDE environment).
to be clear, keep-display
On Thu 2018-08-30 15:46:08 +0200, Werner Koch wrote:
> We are pleased to announce the availability of a new GnuPG release:
> version 2.2.10. This is a maintenance release; see below for a list
> of fixed bugs.
thanks for this work!
I note that https://gnupg.org/ftp/gcrypt/gnupg/ does not list
On Sat 2018-08-25 08:18:48 +0200, sunri...@gmx.com wrote:
> Hi all, since some days I'm having an issue with pinentry, I've set the
> default agent as pinentry-qt4
> from update-alternatives (I've also tried pinentry-qt and pinentry-gnome) but
> when I run gpg --decrypt file
> it's always
On Wed 2018-01-17 08:57:12 +0100, Kristian Fiskerstrand wrote:
> On 01/17/2018 01:20 AM, Daniel Kahn Gillmor wrote:
>> On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
>>> thanks for this post Daniel, my primary question would be what advantage
>>> is
dredging this up from the past:
On Fri 2017-03-03 08:51:57 +0100, Werner Koch wrote:
> As a compatible hack we could add an 'expired' property to the
> export-filter's drop-subkey method. Just did this:
>
> gpg --export-options export-clean \
> --export-filter drop-subkey='expired -t' \
>
On Fri 2018-06-08 14:29:52 -0400, Daniel Kahn Gillmor wrote:
> On Fri 2018-06-08 17:03:07 +0200, Andre Heinecke wrote:
>
>> I have a problem with the test
>> It asks me for a symetric passphrase.
>
> I'm having the same problem. Werner, what is the passphrase for
On Fri 2018-05-18 05:31:36 +, Fiedler Roman wrote:
> I see. If understood correctly, the trusted.gpg.d bypasses key
> management with apt-key completely, so not running into problems with
> apt-key deprecation.
I'm actually advocating avoiding trusted.gpg.d entirely as well, and
moving to
On Fri 2018-05-18 13:50:00 +, Whitey wrote:
> Robert J. Hansen wrote:
>> I don't have concrete numbers here, but my suspicion is that GnuPG is a
>> package verification system that's useful for email... and most of the
>> problems people have with it as a package verification system stem from
On Thu 2018-05-17 15:37:55 +, Fiedler Roman wrote:
> Von: Daniel Kahn Gillmor [mailto:d...@fifthhorseman.net]
>
>> See sources.list(5) and
>> https://wiki.debian.org/DebianRepository/UseThirdParty for more details.
>>
>> See also https://bugs.debian.or
On Thu 2018-05-17 10:01:37 +0200, Werner Koch wrote:
> On Thu, 17 May 2018 01:48, r...@sixdemonbag.org said:
>
>> While y'all are having this discussion, remember that GnuPG's 95% use
>> case is verifying Linux packages, and that number isn't expected to
>> change a whole lot.
>
> I am pretty sure
On Thu 2018-05-17 08:45:18 +, Fiedler Roman wrote:
> As gnupg starts getting more and more problematic regarding some
> functions (see the discussions on command line/unattended use), Ubuntu
> Bionic AND Debian Buster dropped it from their debootstrap
I don't know about Ubuntu Bionic, but for
On Fri 2018-04-13 11:00:59 +0100, Laszlo Papp wrote:
> Yes, I meant to reply yesterday after solving this.
>
> systemd --user import-environment http_proxy
>
> is what I used.
i think you mean:
systemctl --user import-environment http_proxy
Please read the "Environment Commands" section of
Hi Laszlo--
I'm afraid we don't know the details of how your docker instance is set
up; which versions of which packages you have installed inside docker
vs. outside of docker, what's bind-mounted, what the networking
constraints are in place. this makes debugging remotely a bit more
difficult.
On Tue 2018-04-17 23:05:44 +0200, Paul H. Hentze wrote:
> I did. This works fine as I asses that.
I'm glad it's working now.
> Now I'm still stuck with the pinentry problem.
can you explain the pinentry problem you're seeing? I'm afraid the bad
ownership of your files was distracting from any
On Tue 2018-04-17 11:11:22 +0200, Kristian Fiskerstrand wrote:
> On 04/17/2018 10:52 AM, Paul H. Hentze wrote:
>> Actually those commands
>>> find ~/.gnupg -type d -exec chown 0700 '{}' ';'
>>> find ~/.gnupg -type f -exec chown 0600 '{}' ';'
>> didn't work.
>> The terminal responded:
On Tue 2018-04-17 00:04:11 +0200, Paul H. Hentze wrote:
>> gpg: WARNING: unsafe permissions on homedir '/home/giraffenhorde/.gnupg'
>
> So I fixed that with
>
>> chown -R "$USER:$(id -gn)" ~/.gnupg
>> chmod 700 ~/.gnupg
>> chmod 600 ~/.gnupg/*
>
> from here: https://superuser.com/a/954639
this
Hi Jukka--
On Tue 2018-04-03 14:33:18 +0300, Jukka Kakko wrote:
>
> I am trying to upgrade my old GnuPG (version 2.0.14) in order to
> use Enigmail with my current Thunderbird.
what operating system are you using?
> [root@llappari libgcrypt-1.8.2]# ./configure |tee -a mylog.txt
I suspect you
On Wed 2018-03-21 14:48:26 -0700, Evan Klitzke wrote:
> I am using gpg 2.2.5 and stumbled across the --supervised option while
> reading the man page. I was able to get the ssh-agent functionality
> working perfectly, but I'm having problems with the gpg-agent
> functionality.
>
> I created
On Fri 2018-03-16 11:58:45 +1100, gn...@raf.org wrote:
> Daniel Kahn Gillmor wrote:
>> or, if what you really care about is file-level encryption on a
>> GNU/Linux desktop and you *don't* care about files being OpenPGP
>> formatted, you could look into ext4's native enc
On Thu 2018-03-15 17:11:15 +, Andrew Gallagher wrote:
>> If this doesn't exist in the main GnuPG project then I'd be happy to be
>> referred to any 3rd party bits of software (even if commercial or
>> proprietary) that could?
>>
>> I understand if the answer *should* be block-level
On Wed 2018-02-28 16:14:42 +0100, Werner Koch wrote:
> On Wed, 28 Feb 2018 15:53, ed...@pettijohn-web.com said:
>
>> for chroot'd programs that need it on a filesystem mounted nodev. I
>> sent some patches awhile back to add arc4random_buf as the entropy
>> gathering 'device'. Which I've been
On Fri 2018-02-09 16:03:01 +, Anna Kitces and Seth Fishman wrote:
> Correction. it is in libgpg-error this is happening
You can see logs of an example build on the Debian OS for gpg-error
here:
https://buildd.debian.org/status/logs.php?arch==libgpg-error
Your build is likely to differ in
On Tue 2018-02-20 16:08:35 +0100, Werner Koch wrote:
> On Mon, 19 Feb 2018 19:45, d...@fifthhorseman.net said:
>
>> GnuPG is under active development, and it has never had a fully-featured
>> stable API (Application Programming Interface). What i mean is, there
>> are some capabilities that are
On Tue 2018-02-20 13:18:40 +0100, Dashamir Hoxha wrote:
> One solution to this situation may be to install the latest GnuPG
> in a Docker container, where it can have all the required libraries
> and dependencies that it needs, without disturbing the host OS.
I think this misses the point that
On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
Here's one last try to explain the situation.
GnuPG (and the libraries it depends on) are used by (aka "depended
On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:
> I'm looking for best practice tips for offline usage of GnuPG. What Do I
> mean by offline usage? I plan to encrypt backups or files on my machines
> with GnuPG and generate weekly or monthly keys for that purpose so backups
> for
On Wed 2018-02-14 14:20:10 -0600, helices wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
>
> We want to move to v2.2.x, and stay current, but we don't want to download
> source and compile for dozens of systems.
>
> We want all users to be using the same version all of
On Sat 2018-02-03 09:15:30 -0600, Pijus Kar wrote:
> We are using GnuPG 1.2.1 on AIX. We are trying to import a public key
> received from others which is generated on GnuPG v2.
> Will there be any problem importing the public key. While importing we are
> getting below error -
gnupg 1.2.1 is
On Thu 2018-02-01 09:22:15 +1300, Dan Horne wrote:
> I'd love to have gone to 2.2 but getting GnuPG to work on Solaris is
> extremely difficult. We tried compiling from source, but hit several
> roadblocks. Looking online, several others have reported the same issues,
> but have had no resolution.
On Mon 2018-01-29 15:44:56 +1300, Dan Horne wrote:
> Has someone got a workaround? I need to be able to use "su" as we are not
> allowed to log into the user directly. I'm also stuck with Solaris and the
> specified version of GnuPG
the problem you're running into is that pinentry is unable to
1 - 100 of 859 matches
Mail list logo