On Wed 2015-02-11 00:41:18 -0500, Xavier Maillard wrote:
> May I ask how one would sign public keys when a "master key" is
> stored onto an USB stick ?
>
> I followed instructions from [1]. Now I am in the process of
> announcing my key transition to all old signers *but*, as a last
> test, I just tested public signature with my "master key" and this is
> where troubles occur:
>
> LANG=C gpg --home /Volumes/FSF/.gnupg --recv-keys <A KEYID>
> gpg: WARNING: unsafe permissions on homedir `/Volumes/FSF/.gnupg'
> gpg: external program calls are disabled due to unsafe options file
> permissions
> gpg: keyserver communications error: General error
> gpg: keyserver receive failed: General error
>
> So what ? My USB stick is formated using extFat so permissions are
> something unknown.
The fact that you're using a FAT volume is the root cause here; FAT
filesystems do not have ownership or permissions, so when a modern OS
mounts them, it has to fake permissions for these files.
If you mount the filesystem manually, you can usually specify tighter
permissions. I don't know the exact syntax for OS X, but on GNU/Linux
systems, that would be:
mount -t vfat -ouid=$USERNAME,umask=077 /dev/sdx1 /Volumes/FSF
umask is the relevant option here to set the default permissions.
Alternately, if your umask is set properly before mounting the
filesystem, i think mount(8) will just default to it.
hth,
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
