Problem with the agent, gpg2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 14th 2009 for gnupg-users@gnupg.org subject Problem with the agent, gpg2 Hi, I sucefulle compiled and installed GNU PG 2.0.12 but when i do some operation than requires a password i get a message like the following. Someone can tellme how

Re: Problem with the agent, gpg2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 16th 2009 for gnupg-users@gnupg.org, subject Problem with the agent, gpg2 I do not have that pinentry program. GNU PG 1.4.9 (The one than comes with debian) do not give me that message but i need the new version of GNU PG. -BEGIN PGP

Re: Is it possible to decide what is a gpg file?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 17th for David SMITH dave.sm...@st.com Linux do not have a file command, that belogs to the rest of the OS. Linux is only a kernel than is commonly used with the GNU Operating System, but the name for that system is GNU or GNU/Linux. In

Re: Problem with the agent, gpg2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 17th for gnupg-users@gnupg.org I need GNU PG 2 because i want to get out of the 1024 bits limit and SHA forced for DSA, i want my next key (2010-2012) to be more secure and accept some SHA2. Charly Avital: Please note than Linux is a Kernel

Re: Is it possible to decide what is a gpg file?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 17th 2009 for gnupg-users@gnupg.org Hi, I suggest to search for steganography, the cience/art of hidding messages. I never used a program than do steganography but search for one, there must be a lot of free (as in freedom) ones. LSB

Re: Problem with the agent, gpg2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 17th for gnupg-users@gnupg.org Thanks by the --enable-dsa2 tip. Someone can tellme wath line should i put on my gpg.cong?. BTW I also want to remove sha1 from my key preferences. I understand than the standard requires to support sha1 but

Re: Is it possible to decide what is a gpg file?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 November 19th 2009 for gnupg-users@gnupg.org IMO steganography should be mixed with cryptography to be secure. As example: LSB in pictures (Unless you have a professional camera) will be random (High entropy and no predecible). You can replace it

Re: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 November 28th for gnupg-users@gnupg.org thread GnuPG private key resilience against off-line brute-force attacks Entropy is a relative thing AFAIR: For one who knows than a password was generated by using diceware the entropy will be 7776^n +

Re: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 November 28th 2009 for gnupg-users@gnupg.org thread GnuPG private key resilience against off-line brute-force attacks Loop unrolling only gives more performance in very small loops, for not so small ones there can be in fact a performance penality

Re: GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key)

=o+UI -END PGP SIGNATURE- 2009/11/28 Ciprian Dorin, Craciun ciprian.crac...@gmail.com: On Sun, Nov 29, 2009 at 12:29 AM, Mario Castelán Castro mariocastelancas...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 November 28th 2009 for gnupg-users@gnupg.org thread

Re: Can't import valid GPG keys in Ubuntu

:               imported: 1  (RSA: 1) gpg:              unchanged: 1 gpg:       secret keys read: 1 gpg:   secret keys imported: 1 So it looks like I should have a secret key imported, but when I look in any of the three programs that I'm familiar with, it looks like I don't have any keys. Mario Castelán

Re: Encrypting with an message expiration date

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Januarty 3rd 2010 in gnupg-users@gnupg.org thread Encrypting with an message expiration date self-destructing data is a big fallacy, is almost the same issue as computer virus. There is no data/software (Software is data) that act by itself, it

Re: very short plaintexts symmetrically encrypted

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 January 10th 2010 in gnupg-users@gnupg.org thread very short plaintexts symmetrically encrypted then there should be some sort of alert or advisory that the plaintext should be a minimum length (whatever that minimum length or alert/advisory should

Re: Web of Trust itself is the problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 January 12th 2010 in gnupg-users@gnupg.org thread Web of Trust itself is the problem Actually I was quoting Robert Holtzman, not Robert J. Hansen, sorry for not including the full name. I have no time now to read those texts because my holidays

How to give the keywork from command line.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 February 27th 2010 in gnupg-users@gnupg.org thread Hot to give the keyword from the command line. Hi, I'm doing a bash script for pack (Tar), compress (lzip or bzip2) and encrypt (GPG with Rijndael 128) very important files, but is supposed to be

Re: How to give the keywork from command line.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 February 27th 2010 in gnupg-users@gnupg.org thread Hot to give the keyword from the command line Thanks Laurent, it works :). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux)

Re: How to give the keywork from command line.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 February 27th 2010 in gnupg-users@gnupg.org thread Hot to give the keyword from the command line Also, if you encrypt to a key, you shouldn't need to provide a passphrase at all, unless you need to sign the file too. I get nervous about

Re: Continued PKA problems on Windows

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 March 3rd in gnupg-users@gnupg.org, thread Continued PKA problems on Windows Sean: get a real operating system as GNU/Linux, see a list of free as in freedom distribucions in http://www.gnu.org/distros/free-distros.html cryptography on a

Re: Can I pass the password from the command line?

El 15/12/15 a las 17:21, Anthony Papillion escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/15/2015 5:07 PM, Andrew Gallagher wrote: On 15 Dec 2015, at 22:58, Anthony Papillion wrote: I'd like to script encryption and decryption from the command

Is it possible to certify (sign) a key using a subkey?

Suppose I would like to sign another user's key using one of my secp256k1 subkeys, instead of my primary key, because it generates smaller signatures. gpg does not appear to support this. If I try to generate a subkey with certify capability “gpg --expert --edit-key ...” and then “addkey”, the

Re: Is it possible to certify (sign) a key using a subkey?

No, it does not have the certify capability. How can I enable this capability? If I add a subkey with “--expert --edit-key” no option is given to enable certify capability (as mentioned in my previous message), only sign and authenticate in the case of ECC keys and sign, authenticate and encrypt

Re: export secret subkeys

It is my understanding that --export-secret-subkeys outputs a *dummy* (not the actual key) for the private part of the primary key, hence the output of --list-packets. The “gpg” man page says “The second form of the command [i.e.: --export-secret-subkeys] has the special property to render the

Re: Is it possible to certify (sign) a key using a subkey?

On 17/08/17 18:49, Daniel Kahn Gillmor wrote: > aiui, your main goal was because the certifications are smaller, but > you're still requiring people to fetch your larger primary key. if you > want to really minimize the size, just make a new OpenPGP key that is > ECDSA-only. I have chosen RSA as

Re: FAQ and GNU

On 10/10/17 04:45, Peter Lebbing wrote: > That to me means I would support leaving it as is. I don't feel strongly > on writing it one way or another, but I do dislike the pressure some > people exert on others pushing their view. If however you are > consistently writing "Microsoft Windows®"

Re: FAQ and GNU

On 10/10/17 07:13, Ralph Corderoy wrote: > Do not change to using GNU/Linux. It's a purely political term; there > is no case for technical accuracy. Alongside GNU programs I have Clang, > musl C library, X Windows, KDE, Firefox, LibreOffice and many other > non-GNU project, non-GNU licensed,

Re: FAQ and GNU

On 10/10/17 01:46, Robert J. Hansen wrote: > With respect to specific distros, we ought use the name the distro > prefers. The Fedora Project releases Fedora, not Fedora GNU/Linux. The > Debian guys release Debian GNU/Linux, not Debian Linux. The people who > set up these distros have given

Re: FAQ and GNU

On 10/10/17 01:46, Robert J. Hansen wrote: > With respect to specific distros, we ought use the name the distro > prefers. The Fedora Project releases Fedora, not Fedora GNU/Linux. The > Debian guys release Debian GNU/Linux, not Debian Linux. The people who > set up these distros have given

Re: FAQ and GNU

On 10/10/17 11:02, Ralph Corderoy wrote: > Please note, it's "GnuPG". That's the project name. If you wish to > acknowledge that it's a GNU project then it's GNU GnuPG. :-) Well, then blame this project for being undecided about what its own name is. They use both “GNU Privacy Guard” (which I

Re: FAQ and GNU

On 10/10/17 11:04, Ralph Corderoy wrote: > You snipped the bit where I said "Linux" has two meanings in the English > language depending on context. Given your admirable, though misplaced, > zeal, I doubt there's a considered argument to be had here. In the previous message you said “"Linux" can

Re: FAQ and GNU

On 10/10/17 11:05, Leo Gaspard wrote: >> Recall that the most important contribution of the GNU project is not >> the software packages, but starting the free software movement and >> developing the most important licenses. GNU/Linux distributions are only >> possible because of free software

Re: FAQ and GNU

On 12/10/17 17:58, MFPA wrote: >> Would it be >> correct to refer to >> a car as an “engine”, because it includes an engine? > > It is usual in and around London to call a car a "motor". Alright. > Calling it an "engine" seems no more or no less correct. But one can not conclude that it is

Re: OT: FAQ and GNU

On 12/10/17 17:50, Robert J. Hansen wrote: >> The observation that one, some, many, or all people use a linguistic >> construct in an incorrect way do not change the fact that it is >> incorrect. > > It quite definitely does. Unlike, say, French or Icelandic, where > there's an actual

Re: OT: FAQ and GNU

On 13/10/17 09:30, Duane Whitty wrote: >> Your argument is unsound, because the inference is unjustified. >> The possibilities that a language is regulated by an official body >> or defined by majority usage are not exhaustive. > > I'd be interested to know what the other possibilities are. I

Re: Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)

On 28/08/17 22:27, Robert J. Hansen wrote: > secp256k1 is a certain field of numbers in which elliptical curve > operations may be defined. It is not an algorithm. You do not have a > secp256k1 key. You have an ECDSA key which operates in the curve > defined by secp256k1. Although elliptic

Re: Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)

On 29/08/17 02:09, s7r wrote: > I understand that the first one is ECDSA and the second is ECDH, but > can't I use the same secp256k1 key (if I import it) but in different two > representations (ECDSA representation for Sign and Certify and ECDH for > Encrypt)? > The subkey might have a different

E-mail with deniable authentication

Hello. We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the communication. It is my understanding that the other party can publish the signature and the unencrypted message and thus prove that somebody in the possession of the private key wrote (or at least signed) the message. One

Documentation of trust model

Hello. Are the trust models “classical” and “pgp” as implemented in GNU PG documented anywhere? In the manual I can only find this for “pgp”: “This is the Web of Trust combined with trust signatures as used in PGP 5.x and later. This is the default trust model when creating a new trust

Re: E-mail with deniable authentication

Good point. Note: You forgot to reply to list. On 02/09/17 22:11, Lachlan Gunn wrote: > Le 2017-09-03 à 11:48, Mario Castelán Castro a écrit : >> I am well aware of that. Although deniable encryption is not a panacea >> it is an improvement. It gives less power to the corresponde

Re: How to encrypt using public certificate\key

On 05/09/17 23:37, shaarang tyagi wrote: > I have a situation where I need to use GnuPG from command line and encrypt > a file using a public certificate or PEM public key, please note that I > will not have the private key at this point and encryption needs to be done > only using public key. >

Re: Newbie Question: Creating a Key Server using GNUPG tools

On 27/08/17 04:40, arznix via Gnupg-users wrote: > I am developing a closed mesh network application where > I want to encrypt the traffic using PGP. The local network > will have no access the the greater worldwide web so it > will not be able to access existing trusted Key Servers. If it is an

Re: Is it possible to certify (sign) a key using a subkey?

On 2017-08-17 23:25 -0400 Daniel Kahn Gillmor wrote: >I still don't think this is a good justification, fwiw. If you think >you'll be making these certifications for other people to consume, >please do those other people a favor and just use your primary key. >The OpenPGP

Re: please help "No pinentry"

On 31/08/17 07:20, Bereshka wrote: > Hello, Dear Creators :) > > I will very appreciate if you can help me, because I was surfing a lot in the > internet looking for an answer, and read tones of forums, but did not find > solution. > > So I installed gnupg 2 , command gpg didn’t work in

Re: E-mail with deniable authentication

On 01/09/17 08:31, Andrew Gallagher wrote: > On 31/08/17 03:35, Mario Castelán Castro wrote: >> Writer and recipient have a Diffie-Hellman key over the same group and >> know each other's public key. >> >> The writer computers the shared secret per the DH algorithm

Re: key_confusion

Hello. Your message is very bad written and I can barely understand it. I will answer what I have understood. On 30/08/17 10:40, miz...@elude.in wrote: > *** > hi all, > > i do not clearly understand the difference between .asc , .gpg , .sign

Re: E-mail with deniable authentication

On 30/08/17 21:35, Mario Castelán Castro wrote: > (2) can be signed > without deniablity implications, but is not necessary. Apologies. The authentication code should not be signed either to keep full deniability. -- Do not eat animals; respect them as you respect people. https://duckduck

Re: E-mail with deniable authentication

On 30/08/17 00:57, Stefan Claas wrote: > If your communication partners would use the same software, like opmsg. > > https://github.com/stealth/opmsg > > Or if you would use Bitmessage instead of classic email, then > you have authenticated/encrypted messages too and can later > nuke your keys,

Re: please help "No pinentry"

On 31/08/17 09:12, Bereshka Web and Photo wrote: > Hello, Mario > Thank you for your advice and attention. Hello. When replying to a message from a mailing list list, please reply to the mailing list instead of the sender only. Most e-mail clients have a “Reply to list” button to do this

Re: please help "No pinentry"

Well, if the problem is solved then I am glad for you))) -- Do not eat animals; respect them as you respect people. https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing

Re: Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)

On 31/08/17 17:49, s7r wrote: >> You can use hash(private_key_1) to seed a cryptographically secure >> pseudo-random number generator (E.g.: AES in CTR mode with the seed as >> the key), and then use that random stream to generate (private_key_2, >> pubic_key_2. >> >> This is a method applicable

Re: please help "No pinentry"

On 31/08/17 16:36, Bereshka Web and Photo wrote: > it happens all the time, solution is of itself as soon as I ask it on a forum > or like John Robbins said “My cat, as it turns out, is an excellent debugger, > and she has helped me solve a number of nasty bugs when I talked to her about > them”

Re: Documentation of trust model

Hello. It appears that you forgot to reply to the mailing list. On 04/09/17 19:29, Lou Wynn wrote: > The PGP standard has more details in Section 5.2.3.13 Trust Signature: […]> > Do you have specific issues or questions to discuss about the Web of > Trust model? I have read this section of RFC

Re: "Insecure memory" (yes setuid set) and "get_passphrase failed"

On 03/09/17 17:42, Dan Horne wrote: > Warning: using insecure memory! > gpg-agent[10073]: command get_passphrase failed: End of file > gpg: problem with the agent: End of file > gpg: Key generation canceled. There seems to be 2 different problems here: * That gpg (or gpg-agent) fail when calling

Re: E-mail with deniable authentication

Hello. Thanks for your reply. I am aware of the first method as well as a variation of the second (it had not occurred to me that they both can use the same key!; I had thought that each correspondent used one key of his own with a meaningless ID and used only for communication with the other

Re: OT: FAQ and GNU

Despite the bulk of your message, the only attempt at an argument is “English is an evolving language”. The rest is completely irrelevant. That English is a changing language is not a justification to misuse words. The word “Linux” meant a kernel when it was introduced to informatics and it still