gpg --keyserver hkp://pgp.mit.edu:11371 --search-keys m...@e-mail.com
gpg --keyserver=hkp://pgp.mit.edu:11371 --search-keys m...@e-mail.com
gpg: no keyserver known (use option --keyserver)
gpg: keyserver search failed: No keyserver available
What am I doing wrong?
gpg-bash-lib is a gpg file verification bash library, addresses
comprehensive threat model, that covers file name tampering, indefinite
freeze, rollback, endless data attacks, etc.
https://github.com/Whonix/gpg-bash-lib
Why?
Writing bash scripts that do file verification using gpg that really
Werner Koch:
On Thu, 19 Mar 2015 18:39, patrick-mailingli...@whonix.org said:
when using --verify combined with --status-fd [or --status-file], how
can one notice in scripts, that processing the one signature is done and
that further status-fd messages belong to the next message?
That is
Doug Barton:
On 3/19/15 10:39 AM, Patrick Schleizer wrote:
Hi,
when using --verify combined with --status-fd [or --status-file], how
can one notice in scripts, that processing the one signature is done and
that further status-fd messages belong to the next message?
You are using
Hi,
when using --verify combined with --status-fd [or --status-file], how
can one notice in scripts, that processing the one signature is done and
that further status-fd messages belong to the next message?
I mean, sometimes it shows SIG_ID, but not in case of ERRSIG.
So is there some line /
Patrick Schleizer:
apparently something like gpg-bash-lib didn't exist.
Created one:
https://github.com/Whonix/gpg-bash-lib
Could you leave some feedback please?
Main code file:
https://github.com/Whonix/gpg-bash-lib/blob/master/usr/lib/gpg-bash-lib/modules.d/50_common
No usage
Hi,
apparently something like gpg-bash-lib didn't exist.
Created one:
https://github.com/Whonix/gpg-bash-lib
Could you leave some feedback please?
Main code file:
https://github.com/Whonix/gpg-bash-lib/blob/master/usr/lib/gpg-bash-lib/modules.d/50_common
No usage instructions yet, see unit
Werner Koch:
On Wed, 14 Jan 2015 14:40, d...@fifthhorseman.net said:
gpg does use the return code to indicate failure of signature
verification.
But recall that success does not mean that the signature is good.
Check the status output or use gpgv.
Do you mean, for example, the signature
Hi!
Is there a shell script or bash library for parsing gpg's --status-fd
output?
I mean, I could code it myself. But why duplicate effort and risk
messing up. Maybe there is some existing or even recommended or even
official library to do this?
(What I mean by parsing is: to get from lines
Werner Koch:
On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said:
However, what works for me is this:
gpg --output ./out --verify ./sha512sums.asc
We are both wrong. --verify does only a verify and nothing else.
Running without --verify writes the actual signed data to the
Patrick Schleizer:
Werner Koch:
On Mon, 12 Jan 2015 19:52, patrick-mailingli...@whonix.org said:
However, what works for me is this:
gpg --output ./out --verify ./sha512sums.asc
We are both wrong. --verify does only a verify and nothing else.
Running without --verify writes the actual
In another thread...
Werner Koch
On Mon, 12 Jan 2015 19:52, patrick-
When it exits 0, then this approach is sound, sane and fine?
You better check the status lines; in particular watch out for
[GNUPG:] VALIDSIG E4B868C8F90C.
or use gpgv.
Are there cases where gpg --verify will
Added Hauke, because he seems interested in OpenPGP notations [1] that I
will talk about below.
Robert J. Hansen:
Is there a way to make gnupg sign the name of the file as well? So
verification would fail if file names were renamed?
Drop version 1.7 of your 'foo' program into a directory
Hi!
When using gpg --armor --detach-sign some-file-version-c a file:
some-file-version-c.asc will be created.
But an adversary position to arbitrarily change file names on a mirror
or so could rename it to some-file-version-d and some-file-version-d.asc.
That could trick the verifier into
Werner Koch:
On Mon, 12 Jan 2015 03:19, patrick-mailingli...@whonix.org said:
Suppose a file has been `--clearsign`ed. Then an adversary pretended or
appended extraneous content.
That is what the signature is all about ;-). Use
gpg --verify --output OUT SIGNEDDATA
to write the
Hi,
is it possible to update an existing (RSA) gpg key to ECC?
Or would a usual transition process be required?
Cheers,
Patrick
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi,
anyone interested to meet up for key signing in Leipzig, Germany?
Please contact me off list.
Cheers,
Patrick
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
17 matches
Mail list logo