using --keyserver but still getting gpg: no keyserver known (use option --keyserver)

gpg --keyserver hkp://pgp.mit.edu:11371 --search-keys m...@e-mail.com gpg --keyserver=hkp://pgp.mit.edu:11371 --search-keys m...@e-mail.com gpg: no keyserver known (use option --keyserver) gpg: keyserver search failed: No keyserver available What am I doing wrong?

gpg-bash-lib - gpg file verification bash library - first public release announcement - 0.5-1

gpg-bash-lib is a gpg file verification bash library, addresses comprehensive threat model, that covers file name tampering, indefinite freeze, rollback, endless data attacks, etc. https://github.com/Whonix/gpg-bash-lib Why? Writing bash scripts that do file verification using gpg that really

Re: --verify --status-fd separator for multiple signatures?

Werner Koch: On Thu, 19 Mar 2015 18:39, patrick-mailingli...@whonix.org said: when using --verify combined with --status-fd [or --status-file], how can one notice in scripts, that processing the one signature is done and that further status-fd messages belong to the next message? That is

Re: --verify --status-fd separator for multiple signatures?

Doug Barton: On 3/19/15 10:39 AM, Patrick Schleizer wrote: Hi, when using --verify combined with --status-fd [or --status-file], how can one notice in scripts, that processing the one signature is done and that further status-fd messages belong to the next message? You are using

--verify --status-fd separator for multiple signatures?

Hi, when using --verify combined with --status-fd [or --status-file], how can one notice in scripts, that processing the one signature is done and that further status-fd messages belong to the next message? I mean, sometimes it shows SIG_ID, but not in case of ERRSIG. So is there some line /

Re: gpg-bash-lib - parsing gpg's --status-fd - feedback desired - was: Is there a shell script or bash library for parsing gpg's --status-fd output?

Patrick Schleizer: apparently something like gpg-bash-lib didn't exist. Created one: https://github.com/Whonix/gpg-bash-lib Could you leave some feedback please? Main code file: https://github.com/Whonix/gpg-bash-lib/blob/master/usr/lib/gpg-bash-lib/modules.d/50_common No usage

gpg-bash-lib - parsing gpg's --status-fd - feedback desired - was: Is there a shell script or bash library for parsing gpg's --status-fd output?

Hi, apparently something like gpg-bash-lib didn't exist. Created one: https://github.com/Whonix/gpg-bash-lib Could you leave some feedback please? Main code file: https://github.com/Whonix/gpg-bash-lib/blob/master/usr/lib/gpg-bash-lib/modules.d/50_common No usage instructions yet, see unit

Re: Are there cases where gpg --verify will exit 0, even if verification failed?

Werner Koch: On Wed, 14 Jan 2015 14:40, d...@fifthhorseman.net said: gpg does use the return code to indicate failure of signature verification. But recall that success does not mean that the signature is good. Check the status output or use gpgv. Do you mean, for example, the signature

Is there a shell script or bash library for parsing gpg's --status-fd output?

Hi! Is there a shell script or bash library for parsing gpg's --status-fd output? I mean, I could code it myself. But why duplicate effort and risk messing up. Maybe there is some existing or even recommended or even official library to do this? (What I mean by parsing is: to get from lines

Re: How to detect extraneous content in clearsigned (--clearsign) files?

Werner Koch: On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said: However, what works for me is this: gpg --output ./out --verify ./sha512sums.asc We are both wrong. --verify does only a verify and nothing else. Running without --verify writes the actual signed data to the

Re: How to detect extraneous content in clearsigned (--clearsign) files?

Patrick Schleizer: Werner Koch: On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said: However, what works for me is this: gpg --output ./out --verify ./sha512sums.asc We are both wrong. --verify does only a verify and nothing else. Running without --verify writes the actual

Are there cases where gpg --verify will exit 0, even if verification failed?

In another thread... Werner Koch On Mon, 12 Jan 2015 19:52, patrick- When it exits 0, then this approach is sound, sane and fine? You better check the status lines; in particular watch out for [GNUPG:] VALIDSIG E4B868C8F90C. or use gpgv. Are there cases where gpg --verify will

Re: How to sign the name of the name as well, not just the file?

Added Hauke, because he seems interested in OpenPGP notations [1] that I will talk about below. Robert J. Hansen: Is there a way to make gnupg sign the name of the file as well? So verification would fail if file names were renamed? Drop version 1.7 of your 'foo' program into a directory

How to sign the name of the name as well, not just the file?

Hi! When using gpg --armor --detach-sign some-file-version-c a file: some-file-version-c.asc will be created. But an adversary position to arbitrarily change file names on a mirror or so could rename it to some-file-version-d and some-file-version-d.asc. That could trick the verifier into

Re: How to detect extraneous content in clearsigned (--clearsign) files?

Werner Koch: On Mon, 12 Jan 2015 03:19, patrick-mailingli...@whonix.org said: Suppose a file has been `--clearsign`ed. Then an adversary pretended or appended extraneous content. That is what the signature is all about ;-). Use gpg --verify --output OUT SIGNEDDATA to write the

Update existing key to ECC?

Hi, is it possible to update an existing (RSA) gpg key to ECC? Or would a usual transition process be required? Cheers, Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

key signing in Leipzig, Germany

Hi, anyone interested to meet up for key signing in Leipzig, Germany? Please contact me off list. Cheers, Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users