Re: Have gpg-preset-passphrase always required a keygrip? (was: Newbie question.)

Dmitry Alexandrov wrote: > Peter Lebbing wrote: > > You can actually unlock keys the way GnuPG intends to do that with: > > > > $ my-unlocker | /usr/lib/gnupg/gpg-preset-passphrase --preset > > > > You can find the keygrip for your keys with: > > >

Have gpg-preset-passphrase always required a keygrip? (was: Newbie question.)

Peter Lebbing wrote: > You can actually unlock keys the way GnuPG intends to do that with: > > $ my-unlocker | /usr/lib/gnupg/gpg-preset-passphrase --preset > > You can find the keygrip for your keys with: > > $ gpg --with-keygrip --list-secret-keys > > You do need i

Re: Wrong Keygrip (gpg2 --card-status --with-keygrip)

Hello, Thanks for your report. Dirk Gottschalk via Gnupg-users wrote: > gpg outputs the wrhon keygrip with --card-edit --with-keygrip. The > output is: [...] > As you see, it returns the same grip for enc. and auth. key. This is > wrong and "gpg2 -K --with-keygrip" return

Wrong Keygrip (gpg2 --card-status --with-keygrip)

Hi, gpg outputs the wrhon keygrip with --card-edit --with-keygrip. The output is: Signature key : DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838 created : 2018-03-01 13:46:51 keygrip : 5707164106D237EB453D5359F9D319955BAA33A2 Encryption key: 092D 9CEB 9D34 B154

Re: How do you find out the Keygrip of a v3 key?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Friday 5 January 2018 at 2:37:12 PM, in , Kristian Fiskerstrand wrote:- > I'd start with libgcrypt's gcry_pk_get_keygrip() Thanks. Any pointers how I could invoke that from Windows? - -- Best regards MFPA

Re: How do you find out the Keygrip of a v3 key?

On 01/05/2018 02:59 PM, MFPA wrote: > These old keys are not supported in GnuPG 2.1/2.2 and the > - --with-keygrip option is not valid in GnuPG 2.0 or 1.4. > > I have googled, but could not come up with a search term that produced > any relevant hits. I'd st

How do you find out the Keygrip of a v3 key?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Is it possible to find out the Keygrip of a version 3 key? These old keys are not supported in GnuPG 2.1/2.2 and the - --with-keygrip option is not valid in GnuPG 2.0 or 1.4. I have googled, but could not come up with a search term that produced

Re: gpgsm, keygrip

> On 8 Aug 2017, at 13:48, Werner Koch wrote: > > On Sun, 30 Jul 2017 14:52, di...@webweaving.org said: > >> Replying to my own question — the man page of of gpg-preset-passphrase >> should perhaps suggest to use ‘gpg —with-keygrip ..’ or ‘gpg —with-colons >

Re: gpgsm, keygrip

On Sun, 30 Jul 2017 14:52, di...@webweaving.org said: > Replying to my own question — the man page of of gpg-preset-passphrase > should perhaps suggest to use ‘gpg —with-keygrip ..’ or ‘gpg —with-colons ..’. Thanks for the suggestion. However there is a gug in gpgsm which does not pri

Re: gpgsm, keygrip

> On 30 Jul 2017, at 12:39, Dirk-Willem van Gulik wrote: > > Tools such as > > gpg-preset-passphrase > > require the 40 character keygrip. The manpage of gpg-preset-passphrase(1) > suggest that this is best extracted from > > gpgsm > > and

gpgsm, keygrip

Tools such as gpg-preset-passphrase require the 40 character keygrip. The manpage of gpg-preset-passphrase(1) suggest that this is best extracted from gpgsm and that works nicely gpgsm --dump-secret-key | grep keygrip: keygrip

Re: gpg-agent cache keygrip

On Thu, 27 Jul 2017 14:23:44 +0200 Peter Lebbing wrote: > Now let's get on to a passphrase manager and GnuPG specifically. A > different way to look at it is this: would you use GnuPG to protect > your passphrase manager? This is actually a feature request I've seen > multiple times: please provi

Re: gpg-agent cache keygrip

On Thu, 27 Jul 2017 11:46:33 +0200 Peter Lebbing wrote: [...] > shared the passphrase. If you can't remember which is 1 and which is > 2, use something you can recognise. For instance, if the pinentry > asks you "Please unlock key 0x6228A8BC", you could append a C, the > very last digit of the id

Re: gpg-agent cache keygrip

On Thu, 27 Jul 2017 12:27:30 +0100 MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote: > > The single point of failure stops being a passphrase used across > multiple keys; it becomes the password required to open the password > manager that protects the multiple passphrases. I already use a p

Re: gpg-agent cache keygrip

On 27/07/17 13:27, MFPA wrote: > I guess I should have trimmed my quote less severely. Using a password > manager would enable somebody who says they cannot remember multiple > decent-quality unique passwords to not share passwords between > different keys. Ah yes :-). I agree. > The single point

Re: gpg-agent cache keygrip

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thursday 27 July 2017 at 10:46:33 AM, in , Peter Lebbing wrote:- > On 27/07/17 11:24, MFPA wrote: >> Have you considered using a password manager to >> remember them? > What would be the purpose? I guess I should have trimmed my quote less s

Re: gpg-agent cache keygrip

On 27/07/17 11:24, MFPA wrote: > Have you considered using a password manager to remember them? What would be the purpose? I already fail to see the problem of GnuPG filling in a passphrase it already knows... surely an attacker would try the same thing as well, I don't know what GnuPG not trying

Re: gpg-agent cache keygrip

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wednesday 26 July 2017 at 8:08:28 PM, in , Mario Figueiredo wrote:- > The sharing of passwords between different keys > becomes inevitable > after a certain threshold. And I suspect for > everyone, not just old > people. Have you considered

Re: gpg-agent cache keygrip

On 07/26/2017 09:08 PM, Mario Figueiredo wrote: > On Wed, 26 Jul 2017 08:52:12 +0200 > Werner Koch wrote: > >> There is a kludge in gpg and gpg-agent described in this comment: >> [...] > > Hello Werner, > > Thank you for the information and debug method. And hopefully this > problem will be fi

Re: gpg-agent cache keygrip

On Wed, 26 Jul 2017 08:52:12 +0200 Werner Koch wrote: > There is a kludge in gpg and gpg-agent described in this comment: > [...] Hello Werner, Thank you for the information and debug method. And hopefully this problem will be fixed sometime in the near future. My brain is old and tired and it

Re: gpg-agent cache keygrip

On Tue, 25 Jul 2017 22:30, mar...@gmx.com said: > I've been trying to understand gpg-agent cache behavior in the presence > of two distinct keys with the same passphrase. Namely, why is that it > only asks for the passphrase once, regardless of the key being used? There is a kludge in gpg and gpg

gpg-agent cache keygrip

-agent cache to operate on a per-key basis, regardless of passphrase. And this is precisely what the description for the keygrip on the Assuan protocol seems to indicate. However, that is not what happens and gpg-agent seems to ignore the key being used and instead reuse the previously used passphrase f

Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'

On Tue, 22 Mar 2016 10:12:36 +0100 Viktor Dick wrote: Hello Viktor, >Thanks, I found it myself but since the sender of a mail to the list >does not get a copy of it, It's a gmail-ism; Most people get their list messages sent back to them, but not gmail users. It's a 'feature' google seem to b

Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'

Thanks, I found it myself but since the sender of a mail to the list does not get a copy of it, I could not simply reply. If I use '--list-options show-unusable-subkeys', I see the missing keys, they are simply expired. Sorry to disrupt. Regards, Viktor signature.asc Description: OpenPGP digita

Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'

# KEYINFO [--[ssh-]list] [--data] [--ssh-fpr] [--with-ssh] # # Return information about the key specified by the KEYGRIP. If the # key is not available GPG_ERR_NOT_FOUND is returned. If the option # --list is given the keygrip is ignored and information about all # available keys are

more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'

Hi, is there a possibility to list what each of the private keys in ~/.gnupg/private-keys-v1.d is? Some of them I recognize in the listing of 'gpg --with-keygrip -K', but there are six files in the folder while only three keygrips are shown by the command (one of which is the master k

error computing keygrip

Using gnupg 2.1.3 on an old portable with Debian Jessie. gpg -K lists all private keys gpg2 -K lists all private keys and follows this with eight identical lines of "gpg: error computing keygrip" 'gpg2 -K myname' lists all private keys without any error messages gpg2 --wi

Re: Keygrip v fingerprint ?

On 30/11/14 01:32, Kristian Fiskerstrand wrote: > The keygrip is protocol-agnostic whereby the fingerprint would differ > e.g. between OpenPGP and X.509. From [0] (note "[2]"): > > The keygrip is a unique identifier for a key pair, it is > independent of any protocol, so

Re: Keygrip v fingerprint ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/30/2014 12:23 AM, Philip Jackson wrote: > I see on : > > https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index > > references to both --with-keygrip and --with-fingerprint. When I > try

Keygrip v fingerprint ?

I see on : https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index references to both --with-keygrip and --with-fingerprint. When I try --with-keygrip on gnupg2.0.26, it appears not to be a valid option. The only other time I have seen a reference to a keygrip (and I

Re: gpg-agent: What is a keygrip?

On Tue, 30 Jul 2013 21:54, mailinglis...@hauke-laging.de said: > Is the keygrip computed over the passphrase-protected key material (which the > application knows)? I.e. does the keygrip change if the passphrase changes? The keygrip is computed from the public elements of the key. Thus

gpg-agent: What is a keygrip?

Hello, I just had one of these unpleasant moments when you realize that you haven't understood something you believed to have understood for quite a while... :-/ gpg-agent identifies keys by their keygrip. But gpg-agent cares about secret keys only. So by my naive understanding the applic

Re: Keygrip

On Fri, 8 Jul 2011 00:06, li...@meumonus.com said: > I'm trying to use the gpg-preset-passphrase command and it keeps > failing. My thought is I'm not getting the keygrip correct. How do I > discover the keygrip for a public certificate? With the stable 2.0 version of GnuPG

Keygrip

Hi, I'm trying to use the gpg-preset-passphrase command and it keeps failing. My thought is I'm not getting the keygrip correct. How do I discover the keygrip for a public certificate? ___ Gnupg-users mailing list Gnupg-users@gnup

Re: how to find the keygrip of a key

On Tue, 5 Jan 2010 01:18:11 -0500, silly wrote: > I have a gpg key that I would like to add to gpg-agent using the > gpg-preset-passphrase. I understand that gpg-preset-passphrase expects > me to provide the keygrip the key but I cannot see how to find it. The > key is an ordi

how to find the keygrip of a key

Hi all, I have a gpg key that I would like to add to gpg-agent using the gpg-preset-passphrase. I understand that gpg-preset-passphrase expects me to provide the keygrip the key but I cannot see how to find it. The key is an ordinary gpg key, nothing to do with gpgsm. Any help would be