Am Di 19.06.2012, 01:03:26 schrieb Michael Hannemann:
> pub:f:1024:17:xx--TpTpTpTp:1999-04-08:::-:[my collaborator]::scaESCA:
> sub:f:2048:16:xx--TsTsTsTs:1999-04-08::e:
This seems not to leave any room for ambiguity: One key only which can be
encrypted to. Does the long ID (field 5)
On Jun 18, 2012, at 6:38 PM, Hauke Laging wrote:
> Am Mo 18.06.2012, 15:37:27 schrieb Michael Hannemann:
>
>> I'm having trouble sending an encrypted file to a collaborator -- even
>> though they've sent me files that I've been able to decrypt.
>
> That means nothing. I can send you an encrypted
So, do you think the private key and the certificate in the same p12
file don't match?
The private key I expect to see was imported (in companion with
certificate) earlier from a p12 file.
I checked with OpenSSL and make sure that the p12 file contain both
private key and certificate.
On 06/18/201
So, the gpgsm won't work with PEM file which contain only private key?
(Maybe you forgot that I asked 2 questions in the first email
1: About PEM file which contains only private key.
2: About P12 file which contains both private key and certificate).
On Mon 18 Jun 2012 08:49:52 PM ICT, Werner Ko
On 06/18/2012 11:21 PM, Hauke Laging wrote:
> You mean except for putting cipher-algo in your config file...?
Please don't advocate this. cipher-algo and digest-algo can potentially
wreck interoperability with other OpenPGP clients. For this reason most
users will be best-served by leaving those
Am Mo 18.06.2012, 19:30:44 schrieb Sam Smith:
> Does anybody know a way to learn what cipher & hash was used to create the
> secret key?
May it be you mix up things? The key is just a random number. It can be used
with ciphers but you don't use ciphers to generate a key. Neither a symmetric
nor
Does anybody know a way to learn what cipher & hash was used to create the
secret key?
Also, does anyone know a way to make AES256 & SHA256 the default cipher/hash
combo for --symmetric encryption? I can create these using --cipher-algo etc
but is there a way to make them default for if I use
Am Mo 18.06.2012, 15:37:27 schrieb Michael Hannemann:
> I'm having trouble sending an encrypted file to a collaborator -- even
> though they've sent me files that I've been able to decrypt.
That means nothing. I can send you an encrypted file without even having a key
myself.
Have they signed t
Hi all,
I've searched the FAQ and the mailing list archives, and I don't see an answer
to this question, so I will ask it here...
I'm having trouble sending an encrypted file to a collaborator -- even though
they've sent me files that I've been able to decrypt.
Here's what they see, with their
On Mon, 18 Jun 2012 17:37, pe...@digitalbrains.com said:
> Just as a datapoint: I have a VIA Nano L2200 @ 1.6 GHz, which is a slow
> processor (competition for the Intel Atom), but which has a hardware RNG
> hooked
> up to /dev/random through rngd. I'm fairly sure that it's configured correctly
On Sun, Jun 17, 2012 at 07:26:27PM +0200, Hauke Laging wrote:
> This are the result (with a caches passphrase, of course). It's the same for
> a
> zeros file and a urandom file. And this is on a power efficient CPU...
> (E-450,
> which I guess doesn't have AES acceleration) probably without par
On 18/06/12 10:49, Werner Koch wrote:
> On Mon, 18 Jun 2012 05:31, r...@sixdemonbag.org said:
>
>> results can check for themselves. Warning: if you ever write Python
>> code like this in the real world your programming team will beat you to
>> death.
>
> To me this awk script is more readable,
Hello,
This short post is almost an advertisement ... but please try to read it anyway
:)
Werner has kindly accepted to come to give a talk [1] on STEED during the
Security track of 2012 RMLL in Geneva, next July 10th. Come to see him : the
entrance is free as in freedom and ... as in beer :)
I
On Sat, Jun 16, 2012 at 03:44:04PM -0400 Also sprach Robert J. Hansen:
> ... unless he's running on an Ivy Bridge or later, in which case it
> already has a hardware RNG built in.
If he's currently running on hardware later than Ivy Bridge, then he's
either an Intel engineer or a time traveler, an
On Mon, 18 Jun 2012 12:16, quanngu...@mbm.vn said:
> $gpgsm -v --import quan-key.pem
> gpgsm: no issuer found in certificate
> gpgsm: basic certificate checks failed - not imported
You may want to create correct certificates first so to bypass this
test.
Salam-Shalom,
Werner
p.s.
Maybe ht
On Mon, 18 Jun 2012 12:09, quanngu...@mbm.vn said:
> I don't need new entry, I just need 'existing' entry. But none is shown.
> hongquan@Pangolin ~ $ gpgsm --list-secret-keys
You need to have a matching certificate. The way --list-secret-keys
works is to iterate over all certificates (as shown w
On Mon, 18 Jun 2012 12:42, r...@sixdemonbag.org said:
>> sense to have conditional entries in the gpg config file (like e.g.
>> SSH for different destinations)?
>
> Not to my knowledge.
My response would be: You should write a wrapper for this feature. This
is the way tools should be used under
On 06/18/2012 01:07 AM, Hauke Laging wrote:
> has there already been a discussion about it whether it would make
> sense to have conditional entries in the gpg config file (like e.g.
> SSH for different destinations)?
Not to my knowledge.
> Depending on the key to which is encrypted, the key by w
On 06/18/2012 04:49 AM, Werner Koch wrote:
> To me this awk script is more readable, although most other will
> disagree:
My secret shame is that I know neither sed nor awk, which is why I do so
many of these tasks in Python. :)
___
Gnupg-users mailing
Hi,
On 06/18/2012 04:31 PM, Werner Koch wrote:
>> How about importing from PEM file? Is there a command to do that?
> gpgsm detects armor or binary itself. If you want to tell it
> explicitly, use one of --assume-{armor,binary,base64}. It is all in the
> manual.
>
I meant I want to import the PE
Hi,
On Mon 18 Jun 2012 04:31:22 PM ICT, Werner Koch wrote:
>
> Why do you think you will see a new entry in the secret key listing, if
> nothing changed?
>
I don't need new entry, I just need 'existing' entry. But none is shown.
hongquan@Pangolin ~ $ gpgsm --list-secret-keys
/home/hongquan/.gnupg/
On Mon, 18 Jun 2012 02:43, papill...@gmail.com said:
> Let me ask this: are there any major security implications (aside from
> sacrificing the security of pinentry) to hacking gpg2 to not use agent?
You simply can't use gpg2 without gpg-agent. It is a part of GnuPG and
required. Yes, these cha
On Mon, 18 Jun 2012 11:16, quanngu...@mbm.vn said:
> gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default
Fix this! See the manual or the man page.
> `/home/hongquan/.gnupg/private-keys-v1.d/89E5CF0B2581EE779B2CF2D849EE991DEE0E1A17.key'
>
> already exists
Well, you already impo
Hi,
I tried again but "gpgsm --list-secrret-keys" still return nothing:
hongquan@Pangolin ~/Works/Certificates/StartCom $ gpgsm -v --import
quanngu...@mbm.vn.p12
gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default
gpgsm: gpg-protect-tool: 1224 bytes of 3DES encrypted text
gpgsm: gp
On Mon, 18 Jun 2012 10:49, w...@gnupg.org said:
> I actually found a bug in GPG: If a key has been disabled, it is not
> flagged as disabled in the --with-colons key listing. I need to
Ooops, the API provided to be pretty complicated. I forgot the
condition term "$12!~/D/". Thus using
$ gpg
On Mon, 18 Jun 2012 10:08, quanngu...@mbm.vn said:
> Is it possible to import pairs of certificate/private key from p12 file
> using gpgsm?
Sure, you may import pkcs#12 files. The pinentry will ask you for the
transport passphrases and for the new passphrase under which gpg-agent
will store the
On Mon, 18 Jun 2012 05:31, r...@sixdemonbag.org said:
> results can check for themselves. Warning: if you ever write Python
> code like this in the real world your programming team will beat you to
> death.
To me this awk script is more readable, although most other will
disagree:
$ gpg2 --ge
Hi all,
Is it possible to import private key from PEM file (which I exported
from p12 file using OpenSSL:
openssl pkcs12 -in secret-gpg-key.p12 -nocerts -out gpg-key.pem)?
Is it possible to import pairs of certificate/private key from p12 file
using gpgsm?
I tried doing this, but then the command
28 matches
Mail list logo
