Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On Mon, Feb 19, 2018 at 7:45 PM, Daniel Kahn Gillmor wrote: > On Sat 2018-02-17 17:06:54 -0600, helices wrote: > > I will probably never understand why wanting to run the most current > > version of gnupg on a plethora of servers is controversial. > > Here's one last try

Re: GPG encryption and decryption takes excessive time.

On Mon, Feb 19, 2018 at 2:30 PM, Green, Ian wrote: > > Can anyone suggest anything to help reduce the time to something more > viable? > Try symmetric encryption / decryption. ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: How to avoid Passphrase prompt

On Fri, Feb 2, 2018 at 12:42 AM, Smith, Cathy wrote: > My experience is that gpg 2.2 seems to be more suited for the desktop > environment than for a server environment or a remotely administered site. > We've been using gpg 1.4 (yes I know it is old) in batch mode for many

Lightning Talk at FOSDEM about EasyGnuPG

Hi, I am going to have a lightning talk at FOSDEM about EasyGnuPG: - https://fosdem.org/2018/schedule/event/easy_gnupg/ - https://slides.com/dashohoxha/easy-gnupg In case somebody will be at FOSDEM, I invite you to participate. Regards, Dashamir ___

Re: Please, fix batch mode for gpg --edit-key-trust

On Wed, Jul 27, 2016 at 3:46 PM, John Buehrer wrote: > > $ printf "5\n" | gpg2 --batch --edit-key 67A92459607354C7 trust quit > I think that it should work with the option `--command-fd=0`, which tells gpg2 to get the commands from stdin. See this example:

Re: Disambiguating GnuPG Modern, Stable, and Classic

On Wed, Jul 27, 2016 at 1:40 PM, Marcos Alano wrote: > IMHO, I don't think so. A dev branch is very unstable and modern branch is > considerably stable but receive a lot of new features. Stable is very > stable for people who wants a long term stable version. > IMHO, a

Re: How to encrypt and sign with different keys

On Tue, Jul 19, 2016 at 2:16 PM, d...@mielko.com wrote: > > is there a way to force GPG to produce output with PGP extension? > Try the option: `--output filename.pgp` ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: How to encrypt and sign with different keys

On Mon, Jul 18, 2016 at 9:40 PM, d...@mielko.com wrote: > I am struggling with GPG command line that will encrypt file with key A > and sign it with key B. > Usually it does it automatically, if you have subkeys for signing and encryption. > Also, is there a way to provide

Re: Migrating key to smartcard

On Wed, Jul 6, 2016 at 7:41 PM, Dashamir Hoxha <dashoho...@gmail.com> wrote: > > I would suggest the script key2dongle which is part of egpg: > - https://github.com/dashohoxha/egpg/wiki/gnupg-2.1-key2dongle > - > https://github.com/dashohoxha/egpg/blob/gnupg-2.1/src/

Re: Migrating key to smartcard

On Wed, Jul 6, 2016 at 10:25 AM, Damien Goutte-Gattat < dgouttegat...@incenp.org> wrote: > > Storing the master key offline and having to import it whenever I want >> to sign other keys might actually decrease security, since it offers >> enough of a possiblity to mess things up >> > > True

Re: How to sign a PDF using a DNIe

On Tue, Jun 28, 2016 at 4:16 AM, NIIBE Yutaka wrote: > > Or let a governor certify our own > public key, where the private key is in our own smartcard/token. > This is really a good idea. If authorized government officials certify our public keys, then our signatures can have

Re: keytyping never end when gen-key, and importing key warning

On Thu, Jun 16, 2016 at 12:17 PM, wrote: > > Problem 1. > When I run "gpg --gen-key", everything done well, except the last step, > type on the keyboard to gain enough entropy for the random number > generator, the process seemingly will never end. > Ref. to the attatchment,

Re: How to install GnuPG-2.1.12 in Ubuntu?

On Tue, Jun 7, 2016 at 7:54 PM, Brad Rogers wrote: > > That may well work, but it's possibly ill-advised. I suggest reading > https://wiki.debian.org/DebianExperimental, which has all the info you > need. > Thanks a lot. This page indeed has the answers I was looking for.

Re: How to install GnuPG-2.1.12 in Ubuntu?

On Tue, Jun 7, 2016 at 7:22 PM, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote: > On Tue 2016-06-07 06:03:55 -0400, Dashamir Hoxha wrote: > > > Does anybody know how to temporarily install GnuPG-2.1.12 in Ubuntu or > > Debian, for testing? > > In debian testi

How to install GnuPG-2.1.12 in Ubuntu?

Hi, Does anybody know how to temporarily install GnuPG-2.1.12 in Ubuntu or Debian, for testing? I also need help with testing egpg in CentOS: - https://github.com/dashohoxha/egpg/blob/gnupg-2.0/tests/dockerfile/centos-7 In Ubuntu and Debian testing works well: -

Re: Older gpg version does not ask for passphrase

On Mon, Jun 6, 2016 at 8:09 PM, Matthias Nick wrote: > > Am I doing anything wrong or maybe misunderstanding something? My > understanding is that passphrases are meant for a situation where > someone gets their hands on my private key and this behaviour seems to > defy the

Re: [Announcement] EasyGnuPG 2.1-0.9

On Thu, Jun 2, 2016 at 10:54 AM, Robert J. Hansen wrote: > > There is a new version of egpg, based on GnuPG-2.1.11 > > ... which apparently has not fixed the "it will nuke your hard drive if > you have a certain environment variable set" problem I pointed out a > month ago.

Stable release of branch 2.1

Hi, How far is the branch 2.1 from a stable release? Is there any roadmap or timeschedule about making a stable release for 2.1? I aksed ubuntu about when they are going to upgrade from 2.1.11 to 2.1.12 and the answer is that they don't upgrade packages on LTS, unless there is a strong reason

[Announcement] EasyGnuPG 2.1-0.9

Hi, There is a new version of egpg, based on GnuPG-2.1.11 - https://github.com/dashohoxha/egpg - http://dashohoxha.github.io/egpg/gnupg-2.1/man/ Why not based on GnuPG-2.1.12? Because this is not ready yet for Ubuntu (16.04). Maybe I could try to compile it, but I cannot expect the users to

Re: Automating the generation of master keys

On Thu, Jun 2, 2016 at 7:50 AM, Werner Koch wrote: > On Wed, 1 Jun 2016 21:48, dashoho...@gmail.com said: > > > I don't remember exactly why they didn't work, but I think that in > gnupg-2.1 > > Because gpg inserts other prompts depending on version and options. > I tried to

Re: Automating the generation of master keys

On Wed, Jun 1, 2016 at 7:46 PM, Werner Koch wrote: > > --8<---cut here---start->8--- > local commands="addkey|4|4096|1m|addkey|6|4096|1m|save" > commands=$(echo "$commands" | tr '|' "\n") > script -c "gpg --batch --command-fd=0 --edit-key

Re: Automating the generation of master keys

On Wed, Jun 1, 2016 at 9:40 PM, Peter Lebbing wrote: > > Is it an option to upgrade your GnuPG to 2.1? I think it provides for a > less bumpy ride with the pinentry loopback. > I couldn't make "pinentry loopback" work in 2.1.11, so, to be sure, try to upgrade to 2.1.12

Re: Automating the generation of master keys

On Wed, Jun 1, 2016 at 10:56 AM, Aurélien Vallée wrote: > > So "cert" is a default for primary-keys. If I do not provide any > "Key-Usage", all usages will be set. If I do provide a "Key-Usage", then my > master key is not "certify only" anymore. > I think that certify

Re: gpg2 --fetch-keys

On Sat, May 28, 2016 at 5:23 PM, Kristian Fiskerstrand < kristian.fiskerstr...@sumptuouscapital.com> wrote: > On 05/28/2016 03:32 PM, Dashamir Hoxha wrote: > > Hi, > > > > I get this general error and I have no idea what is wrong: > > you can increase the dirmng

gpg2 --fetch-keys

Hi, I get this general error and I have no idea what is wrong: $ gpg2 --fetch-keys https://github.com/dashohoxha/egpg/raw/gnupg-2.1/tests/gnupg/DA94668A.gpg.asc gpg: requesting key from ' https://github.com/dashohoxha/egpg/raw/gnupg-2.1/tests/gnupg/DA94668A.gpg.asc ' gpg: WARNING: unable to

Do we need more than one subkey?

> The best solution in my opinion would be to allow batch mode [1] to create > more than one subkey. The manual says "Currently only one subkey can be > handled". > I don't know, is it difficult to implement, or it is considered bad practice (and thus > the restriction). On a second thinking, I

Re: Create subkey with same passphrase

On Fri, May 13, 2016 at 1:59 AM, MFPA < 2014-667rhzu3dc-lists-gro...@riseup.net> wrote: > > > I wanted to know if there is a way to create a new > > subkey without giving > > it a new passphrase but using the same one as the > > primary key and the first subkey. > > Just enter the same passphrase

Re: 'No pinentry' error (--pinentry-mode loopback with --delete-secret-and-public-key)

On Wed, May 11, 2016 at 1:20 AM, Carola Grunwald wrote: > > When an application creates a key it also has to get it deleted. > > With the 1.4 branch I interacted with the GnuPG process completely > unattended through standard-I/O pipes, which now are replaced by the >

Re: 'No pinentry' error (--pinentry-mode loopback with --delete-secret-and-public-key)

On Tue, May 10, 2016 at 9:47 AM, Carola Grunwald wrote: > > Meanwhile I'm sure it's a bug similar to > https://bugs.gnupg.org/gnupg/issue2324. > Some other people may claim that it is a feature. I am not able to judge on these issues, so I have no opinion. > >But I

Re: 'No pinentry' error (--pinentry-mode loopback with --delete-secret-and-public-key)

On Sat, May 7, 2016 at 5:32 PM, Carola Grunwald wrote: > > You're right, there's no passphrase request with > > | d:\gpg>gpg.exe --batch --homedir "d:\gpgdat" --no-auto-key-locate > --no-default-keyring --keyring "d:\gpgdat\pubring.kbx" > --delete-secret-and-public-key

Re: OT egpg evaluation

On Sun, May 8, 2016 at 2:09 PM, flapflap wrote: > > I really don't think that bash is the right language here... But if you want to automate some tasks on the command line, bash seems to be the perfect choice. ___ Gnupg-users

Re: OT egpg evaluation

> > Do you think that renaming "WORKDIR" to "EGPG_TMP_WORKDIR" would fix it? > I think that this is a better fix: https://github.com/dashohoxha/egpg/commit/ff331e1db8f28a9521c2603f84fde1c9412702bd ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: OT egpg evaluation

On Sun, May 8, 2016 at 10:48 AM, Robert J. Hansen wrote: > > Do you think that renaming "WORKDIR" to "EGPG_TMP_WORKDIR" would fix it? > > I have tried very hard to be polite in my criticisms, but you seem to be > under the unreasonable belief that politeness means I am

Re: OT egpg evaluation

On Sun, May 8, 2016 at 9:56 AM, Robert J. Hansen wrote: > > I found a potentially *system-destroying bug* in literally the *very > first function I inspected*. I've been very circumspect in my > criticisms until now, Dashamir, because I really want to encourage > people to

How to silence gpg

> >* gpg: checking the trustdb *> >* gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model*> > It comes from gpg. I just pushed a fix for 2.1 toseilence it with --quiet. I still get that output even when using --quiet But maybe it is because I still have 2.1.11 (ubuntu 16.04)

OT egpg evaluation

Starting an other topic. On Sun, May 8, 2016 at 6:11 AM, Doug Barton wrote: > On 04/26/2016 06:37 AM, Robert J. Hansen wrote: > >> I've looked over your egpg code. My bloodless technical evaluation is >> simple: "it is nowhere near ready for production environments."

Re: 'No pinentry' error (--pinentry-mode loopback with --delete-secret-and-public-key)

On Sat, May 7, 2016 at 12:59 PM, Carola Grunwald wrote: > Hello, > > on Wed, 4 May 2016 22:55:34 + (UTC), I wrote: > > >I need help with GnuPG 2.1.12 migrating an encryption tool from 1.4.20. > > > >I'm trying to run the --delete-secret-and-public-key command with

Speading up key generation

Hi, We all know that generating new keys currently takes a lot of time, especially on headless environments. There are several suggestions on the internet about how to improve this, but most of them are criticized for making the security weaker (by lowering the quality of randomness that they

Re: managing OpenPGP cards in batch mode?

On Thu, May 5, 2016 at 1:17 AM, Pete Stephenson wrote: > On Thu, May 5, 2016 at 12:14 AM, Robert J. Hansen > wrote: > > Dashamir, this list has very few rules. I'm grateful for that, really. > > One of the few rules that must be obeyed, though, is "we

Re: managing OpenPGP cards in batch mode?

On Wed, May 4, 2016 at 3:38 PM, Werner Koch wrote: > On Wed, 4 May 2016 12:16, dashoho...@gmail.com said: > > > Git is great, GitHub is greater. > > I would appreciate if you do not advertise proprietary services here. > I do not advertise, I expess my opinion. Do you think

Re: managing OpenPGP cards in batch mode?

On Wed, May 4, 2016 at 9:12 PM, Dashamir Hoxha <dashoho...@gmail.com> wrote: > On Wed, May 4, 2016 at 3:38 PM, Werner Koch <w...@gnupg.org> wrote: > >> On Wed, 4 May 2016 12:16, dashoho...@gmail.com said: >> >> > Git is great, GitHub is greater. >>

Re: managing OpenPGP cards in batch mode?

On Wed, May 4, 2016 at 11:37 AM, Peter Lebbing <pe...@digitalbrains.com> wrote: > On 03/05/16 22:31, Dashamir Hoxha wrote: > > Is it on GitHub (so that I can watch you)? > > From [1]: the project is in Git, but not on GitHub. GitHub provides issue/project management f

Re: managing OpenPGP cards in batch mode?

On Tue, May 3, 2016 at 8:20 PM, Daniel Pocock <dan...@pocock.pro> wrote: > > > On 03/05/16 15:55, Dashamir Hoxha wrote: > > On Tue, May 3, 2016 at 3:04 PM, Daniel Pocock <dan...@pocock.pro > > <mailto:dan...@pocock.pro>> wrote: > > >

Re: managing OpenPGP cards in batch mode?

On Tue, May 3, 2016 at 3:04 PM, Daniel Pocock wrote: > > I tried this with GnuPG 2.0.26 on Debian: > > $ gpg2 --card-edit --batch > gpg: can't do this in batch mode > You can try something like this: - https://github.com/nyarly/simplekey/blob/master/commands/trust#L46-L50 or

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Fri, Apr 29, 2016 at 7:38 AM, Paul R. Ramer <free10...@gmail.com> wrote: > On 04/26/2016 05:24 AM, Dashamir Hoxha wrote: > > It doesn't seem reasonable to me. > > Honestly, what is with this, "It doesn't seem reasonable to me," line? > This is the second post

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 5:31 PM, Daniel Pocock wrote: > > > I don't want to do that. It doesn't seem reasonable to me. > > Can you please tell me what you mean when you say "It doesn't seem > reasonable to me"? > > Alternatively, what would be reasonable? > Somebody else

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 4:57 PM, Daniel Pocock <dan...@pocock.pro> wrote: > > > On 26/04/16 15:40, Dashamir Hoxha wrote: > > On Tue, Apr 26, 2016 at 3:11 PM, Robert J. Hansen <r...@sixdemonbag.org > > <mailto:r...@sixdemonbag.org>> wrote: > > > >

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 3:11 PM, Robert J. Hansen wrote: > > When asking other people to do things for you, it pays to keep in mind > how valuable the community has deemed your contributions. If you > haven't earned much reputation, you might want to do that before you go >

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 2:52 PM, Peter Lebbing wrote: > > And I do it without bashing your messages, even though you > seem to take it personal. > Please keep the discussion technical. If you don't agree with me this is fine. But when you express your opinion about my

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 1:16 PM, Daniel Pocock wrote: > > Could you add a section to the wiki about this, with an itemized list of > the tasks that need to be done, e.g. > > * packaging egpg and uploading to Debian > * anybody can upload it to https://mentors.debian.net for

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 2:20 PM, Daniel Pocock wrote: > > > I manage the tasks of the project on GitHub: > > https://github.com/dashohoxha/egpg/issues > > > > You can use the wiki to link to the Github tasks that are relevant to > using epgp in the Live CD, you don't have to

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 1:32 PM, Peter Lebbing wrote: > > I think you are taking the "plugging my project" approach too far. While > generating exposure is definitely a good component of making your > project succesful, I think a bit more modesty is in order. If I had a

Re: making a Debian Live CD for managing GnuPG master key and smartcards

On Tue, Apr 26, 2016 at 9:53 AM, Daniel Pocock wrote: > > There has been some discussion on debian-devel[1] about making a > bootable Debian Live CD specifically for GnuPG > > The benefit is that everything on the CD is self-contained, it can't be > tampered with, it can run

Re: Paper backup

On Mon, Apr 25, 2016 at 4:01 PM, Robert J. Hansen wrote: > > This PDF file can be printed and used as a paper backup. It can be > restored > > with the help of a webcam and a barcode reader program (like zbar). > > Why not use Paperkey and QR-encode that instead? > The

Re: Paper backup

On Mon, Apr 25, 2016 at 3:53 PM, Werner Koch wrote: > > See misc/vcards/vcard-template.tex in the gnupg-doc repo on how we print > the GnuPG cards. It might be useful to add "-i" to the qrencode call, > This looks promising, I will have a look at it. Thanks.

Paper backup

Hi, I have added a feature to egpg to export the key and convert it to 3D barcode images, included in a PDF file: https://github.com/dashohoxha/egpg/blob/master/src/fn/qrencode.sh This PDF file can be printed and used as a paper backup. It can be restored with the help of a webcam and a barcode

Re: Help needed

On Sun, Apr 24, 2016 at 6:51 PM, Daniel H. Werner wrote: > > 4) My existing keys were created (in 2009 in PGP) at 2048 length. Should > I change them to 4096? If so, how? > I think that 2048 is still OK. But if you decide to upgrade, you can find some good advice

EasyGnuPG v0.9

Hi, I have made another release of EasyGnuPG. Things that have changed since the last time that I posted here are: - Small fixes and improvements (some of which were suggested here). - Finished automated testing scripts [1]. - Bash autocompletion [2]. - Making the egpg key-ring the default

Re: Using a passphrase FD from variable and piped data for encryption

On Wed, Apr 20, 2016 at 11:54 AM, Peter Lebbing wrote: > PS: Quick note: that the security depends on GnuPG does not mean that it > inherits the security of GnuPG. You are right. After decrypting the archive, it is the responsibility of the script to handle it safely,

Re: Using a passphrase FD from variable and piped data for encryption

On Wed, Apr 20, 2016 at 11:21 AM, Peter Lebbing <pe...@digitalbrains.com> wrote: > On 20/04/16 09:10, Dashamir Hoxha wrote: > > And I also believe that it is not less secure than the other solutions. > > You mean like Phil Zimmerman believed BassOmatic was secure? >

Re: Using a passphrase FD from variable and piped data for encryption

On Wed, Apr 20, 2016 at 8:09 AM, Robert J. Hansen wrote: > > I thought you could point out what is wrong with it, hopefully > > something that can be fixed. But that's OK. > > You're asking people to sign on for a literally never-ending process. > (Peer review never ends,

Re: Using a passphrase FD from variable and piped data for encryption

On Wed, Apr 20, 2016 at 3:27 AM, Doug Barton <dougb@dougbarton.email> wrote: > On 04/19/2016 12:34 PM, Dashamir Hoxha wrote: > >> On Tue, Apr 19, 2016 at 9:18 PM, Doug Barton <dougb@dougbarton.email >> <mailto:dougb@dougbarton.email>> wrote: >> >>

Re: Using a passphrase FD from variable and piped data for encryption

On Tue, Apr 19, 2016 at 9:18 PM, Doug Barton <dougb@dougbarton.email> wrote: > On 04/19/2016 05:12 AM, Dashamir Hoxha wrote: > >> I have written a small password utility, where passwords are stored on >> an encrypted archive. >> > > This is a bad idea. Yo

Re: Using a passphrase FD from variable and piped data for encryption

I have written a small password utility, where passwords are stored on an encrypted archive. I use something like this: - https://github.com/dashohoxha/pw/blob/master/src/pw.sh#L26-L27 I think that all these three ways are the same (security-wise), isn't it? The second way (described by Peter) is

Re: Translate to dutch

On Tue, Apr 5, 2016 at 12:06 PM, Peter Lebbing wrote: > Dashamir, note I wasn't attacking your project. > I wasn't attacking yours either. I simply expressed my opinion, and maybe I am wrong. ___ Gnupg-users mailing list

Re: Translate to dutch

On Tue, Apr 5, 2016 at 11:06 AM, Peter Lebbing wrote: > On 02/04/16 09:55, Eva Bouwman wrote: > > I will start where Dashamir suggested , [...] > > > Personally I tend to agree with Julian. My idea was not to write a OS > > dependent document, in my opinion the target

Award for the Advancement of Free Software

http://www.fsf.org/news/library-freedom-project-and-werner-koch-are-2015-free-software-awards-winners Congratulations! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Procedure of deriving a pruivate key from the password

On Mon, Apr 4, 2016 at 1:07 PM, Christine Kremsmayr wrote: > I only have a vague and incomplete understandig of the procedure in which > GnuPG derives a private key from a password. To my understanding, the key is not derived from the passphrase, it is generated

Re: How to interprete the output of --export-ownertrust?

On Sun, Apr 3, 2016 at 11:22 AM, Christine Kremsmayr wrote: > Hi everyone, > > with the command gpg2 --export-ownertrust I can cause GnuPG to display the > owner trust values of the public keys in my keyring. > The problem: I don't know how to interprete the numbers to the

Re: Translate to dutch

Hi Eva, Would you consider using this easy tool: https://github.com/dashohoxha/egpg ? I am not sure how much easy it is, but the intention is for beginers. I would love some feedback from some Dutch parent average-pc-users (if you can write a suitable doc for them). This is not a direct answer

Re: where is gnupg configure file

On Fri, Apr 1, 2016 at 4:05 AM, mick crane wrote: > > First what I would like to do is find a configure file for gnupg ? > Did you check ~/.gnupg/gpg.conf ? If it does not exist just create it. ___ Gnupg-users mailing list

Re: Which key is used to sign key?

On Mon, Mar 28, 2016 at 5:03 PM, Muri Nicanor wrote: > Hello again gnupg-users, > > when i have multiple secret keys, how can i specify which one to use to > sign a key? (i.e. when using --quick-sign-key) > According to the docs, you use `--default-key=` or

Re: EasyGnuPG

On Sat, Mar 26, 2016 at 7:51 AM, listo factor <listofac...@mail.ru> wrote: > On 03/26/2016 03:55 AM, Dashamir Hoxha wrote: > >> On Fri, Mar 25, 2016 at 9:50 PM, listo factor <listofac...@mail.ru> >> wrote: >> > >> ... The efforts which concentrate

Re: EasyGnuPG

On Fri, Mar 25, 2016 at 9:50 PM, listo factor wrote: > > To perform tasks that GPG is designed to accomplish in a safe manner > is *very, very hard*, and even the best documentation could not change > that fact. The efforts which concentrate on making it easy might > indeed

Re: EasyGnuPG

On Fri, Mar 25, 2016 at 10:21 AM, Ben McGinnes wrote: > > Primary keys MUST be C-usage and MAY be SCA usage, by default they're > SC, but simply creating an S-usage subkey moves the S function to the > subkey (by default GPG will select the newest subkey with a given >

Re: Force textual pinpad

On Thu, Mar 24, 2016 at 11:21 AM, Paolo Bolzoni < paolo.bolzoni.br...@gmail.com> wrote: > Dear list, > > It is possible to simply use the terminal to input my password when > using gpg from the command line? > I often use the computer with two screens, one that the students see > and the one in

Re: EasyGnuPG

On Wed, Mar 23, 2016 at 6:48 PM, Daniel Kahn Gillmor wrote: > > > In this case, "gpgme-tool" should be packaged on its own, not inside the > > package "*libgpgme11-dev*". > > I am refering to this message: > >

Re: EasyGnuPG

On Wed, Mar 23, 2016 at 6:04 AM, Viktor Dick wrote: > > Then there is the problem that the user might not notice that his key is > expired. I remember vagely spending a day trying to find the error until > I noticed that my subkeys were expired. But this might have been a

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 11:56 PM, Andrew Gallagher <andr...@andrewg.com> wrote: > On 22 Mar 2016, at 22:10, Dashamir Hoxha <dashoho...@gmail.com> wrote: > > On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing <pe...@digitalbrains.com> > wrote: >> >> And why

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 11:25 PM, Peter Lebbing wrote: > > > What is wrong with that? As long as there is a subkey for encryption, > > gpg will use the subkey for encryption, even if the primary key is > > capable of encryption. > > That is not up to you! It's up to your

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing wrote: > > Your one month expiry thing is not well thought through. Not only will the > owner > need to re-sign and redistribute every damn month, but all his contacts > will > pretty much always need tor refresh the key

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 3:41 PM, Ben McGinnes wrote: > > You might try experimenting with gpgme-tool then, it's one of the > undocumented/self-documented extras which comes with GPGME. It > provides a socket interface with which you can interact with portions > of the GPGME

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 10:54 AM, Paolo Bolzoni < paolo.bolzoni.br...@gmail.com> wrote: > I totally agree, Dashamir I really think you should focus on what you > think is hard in gnupg? And why? > Are you sure a new program (and not a simple patch) is the best answer? > > At the moment you are

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 2:28 PM, Werner Koch wrote: > > There are two simple things you need to remember when using gpg in a > script: > > 1. --batch to avoid all interaction. > > 2. --with-colons to get a well defined output format. That format is > not good for

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 4:29 PM, Werner Koch wrote: > On Tue, 22 Mar 2016 15:41, b...@adversary.org said: > > > provides a socket interface with which you can interact with portions > > of the GPGME functions, including most of the most common functions. > > FWIW: We even

Re: A better interface to the GnuPG-Framework (Re: EasyGnuPG)

On Tue, Mar 22, 2016 at 3:53 PM, Paolo Bolzoni < paolo.bolzoni.br...@gmail.com> wrote: > I guess we should start from the desired use case. > We want a GUI for what? Encrypting? Signing? Managing the web of > trust? SSH login? Everything? I think that deciding the desired use case(s) is

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 11:40 AM, Paolo Bolzoni < paolo.bolzoni.br...@gmail.com> wrote: > And besides, it's much easier to build a GUI app in front of a C API > than a command line application. By no means I want to prevent anybody from starting to build a GUI app...

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 10:46 AM, Robert J. Hansen wrote: > > I don't think the EasyGnuPG authors have thought through their target > market. It targets users who are comfortable enough to say "oh, I > should use the terminal for this!", but not comfortable enough to read a

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 9:56 AM, Bernhard Reiter wrote: > > Any cross plattform approach would work. Python has the advantage > that the source code can be changed by an editor an immedeately run > and that it works fairly well cross-plattform. > > What is even more

Re: EasyGnuPG

better, this is fine, just give it a try, I have nothing against it. If you think that gpg is great and it needs no improvements, this is still fine. Peace, Dashamir On Mon, Mar 21, 2016 at 6:38 PM, Peter Lebbing <pe...@digitalbrains.com> wrote: > On 21/03/16 16:49, Dashamir Hoxha wrote

Re: EasyGnuPG

Hi Bernhard, thanks for having a look at it. On Mon, Mar 21, 2016 at 3:05 PM, Bernhard Reiter <bernh...@intevation.de> wrote: > Hi Dashamir, > > On Friday 18 March 2016 at 09:49:16, Dashamir Hoxha wrote: > > I am writting some shell scripts for making GnuPG more accessible

Re: Should always add myself as recipient when ecrypting?

On Mon, Mar 21, 2016 at 10:44 AM, Paolo Bolzoni < paolo.bolzoni.br...@gmail.com> wrote: > Dear list, > > The subject pretty much says it all already, I am using GnuPG 2.1.11 > (with libgcrypt 1.6.5) and I was wondering if I should always add > myself as recipient when encrypting a file, of

Re: using master key from usb

Solutions explained by Damien are better than mine. I was not aware of them. I would recommend one of them. On Sun, Mar 20, 2016 at 9:51 PM, Me Self wrote: > Hi Damian and Dashamir > > Those are all great solutions, tnx :) > > > On Sat, Mar 19, 2016 at 7:26 PM, Damien

EasyGnuPG

Hi, I am writting some shell scripts for making GnuPG more accessible and easier to use: - https://github.com/dashohoxha/egpg - http://dashohoxha.github.io/egpg/man/ - https://github.com/dashohoxha/egpg/wiki It is not finished yet (regarding the features that I have planned to implement), but

Re: using master key from usb

On Sat, Mar 19, 2016 at 1:24 PM, Me Self wrote: > Hi All > > What is the best way to use a master key from a backup usb? > > The whole ~/gnupg folder is backed up to the usb, and the master key has > been removed from the keyring on the harddrive. > > I can use the master key

Re: How to silence gpg-agent?

On Wed, Mar 16, 2016 at 9:19 AM, Jochen Saalfeld wrote: > > Hi Dahsamir, > > I digged the code a bit and found, the piece of code. As you already > assumed > correctly, the trust-db is checked periodically, if > the --no-auto-check-trustdb option is not set, and a log

Re: How to silence gpg-agent?

On Wed, Mar 16, 2016 at 7:30 AM, Dashamir Hoxha <dashoho...@gmail.com> wrote: > On Wed, Mar 16, 2016 at 4:58 AM, NIIBE Yutaka <gni...@fsij.org> wrote: > >> On 03/16/2016 06:06 AM, Dashamir Hoxha wrote: >> > I have a problem that time after time I get output

Re: How to silence gpg-agent?

On Wed, Mar 16, 2016 at 4:58 AM, NIIBE Yutaka <gni...@fsij.org> wrote: > On 03/16/2016 06:06 AM, Dashamir Hoxha wrote: > > I have a problem that time after time I get output like this, which is > > somewhat unrelated to the operation performed and a bit confusing: >

How to silence gpg-agent?

Hi, I am writting some wrapper shell scripts around gpg, trying to make it a bit more user-friendly for beginners: https://github.com/dashohoxha/egpg I have a problem that time after time I get output like this, which is somewhat unrelated to the operation performed and a bit confusing: