Dustin Rogers wrote:
> In fact the native support for smart cards does not seem to support
> network attached HSM "virtual tokens" devices at all. It could be
> possible that I need to specify the local port the installed HSM agent
> is running on, but I dont think I will be that lucky.
No, scdae
On Mon 2017-05-15 19:10:35 -0400, Joey Morris wrote:
> Daniel Kahn Gillmor wrote on Wed, May 10, 2017 at
> 10:58:21PM -0400:
>> On Wed 2017-05-10 22:17:28 -0400, Joey Morris wrote:
>> > I have systemd version 222-1 installed, which appears to be wildly out of
>> > date.
>> > The first thing I'll
Hi, folks.
I've found strange `gpg-agent` behavior. When I import `~/.ssh/id_ed25519`
with `ssh-add` it takes comment from its public counterpart. But when I do
the same with `id_rsa` it just use `.ssh/id_rsa` instead of actual comment.
Is there any way to change that comment via `gpg-connect-age
On May 16, 2017, at 9:47 AM, Janne Inkilä wrote:
>
> I made a key search with my name and found something suspicious.
>
> The search:
>
> https://pgp.mit.edu/pks/lookup?search=janne+inkila&op=index&fingerprint=on
>
> I have used my old key since 2007. Fingerprint F4DB 40F8 BF22 8B9D 9B8F F679
There was a proof of concept attack on the fingerprints a couple of
years ago. The keys were revoked afterwards.
TL;DR short key fingerprints are not secure at all. Also the web of
trust is your friend here.
Cheers,
Felix
On 16/05/17 15:47, Janne Inkilä wrote:
I made a key search with my
Hi Mr. Yutaka:
Thank you for your input and all the dev work you have done.
This is a cloud environment so I dont have the luxury of physical access to a
usb port. I do not leverage libusb because this is using network attached
Safenet Luna SA HSM (gemalto brand) PKCS11 smart card provider.
On 2017/05/16 14:47, Janne Inkilä wrote:
> Did someone really generated same looking key? And why? Any ideas?
Yes, they did. Most of the strong set was duplicated by the Evil32
project in order to demonstrate the danger of relying on short key IDs
(because on modern hardware it takes mere seconds
I made a key search with my name and found something suspicious.
The search:
https://pgp.mit.edu/pks/lookup?search=janne+inkila&op=index&fingerprint=on
I have used my old key since 2007. Fingerprint F4DB 40F8 BF22 8B9D 9B8F
F679 A482 4C9A 033E 22A2. I know this is quite old key and maybe I
s
On 16/05/17 13:31, Dan Kegel wrote:
> That wasn't my experience. I used keys with no passphrase,
> and *still* had to use loopback (and jump through other hoops) to get
> gpg to work unattended.
I was talking about the things one usually does on a headless server,
which is decryption and data sig
On Tue, May 16, 2017 at 12:31 AM, Peter Lebbing wrote:
> You should also ask yourself what the purpose of the passphrase is other
> than to make your life difficult
> You should probably just remove the passphrase from the key. That way
> any decryption or signature will just succeed without j
On 05/16/2017 07:55 AM, Matthias Apitz wrote:
The question remains: Why I do have to move the files below .gnupg/ to
the other workstation?
The card only contains the private keys. GnuPG also needs some
informations that are only contained in the public parts, such as the
User IDs associated
El día martes, mayo 16, 2017 a las 11:12:18a. m. +0200, Peter Lebbing escribió:
> On 16/05/17 07:55, Matthias Apitz wrote:
> > The question remains: Why I do have to move the files below .gnupg/ to
> > the other workstation?
>
> The card only holds the basic cryptographic material. But a certific
Hi!
I'm currently doing a high school project by studying RSA keys for
better understanding them theoretically and practically. A part of the
project consist of an experiment, and I choose to test and see how big
the workload will be for the CPU when generating RSA keys of different
length. I woul
On 16/05/17 07:55, Matthias Apitz wrote:
> The question remains: Why I do have to move the files below .gnupg/ to
> the other workstation?
The card only holds the basic cryptographic material. But a certificate
("public key") holds much more information: your name, the relations
between the crypto
On 12/05/17 16:15, Ryk McDorman wrote:
> In the program I'm passing the output and input filenames as parameters to a
> one-line batch file consisting of this command:
> echo | "C:\Program Files (x86)\gnuPG\bin\gpg.exe" --batch
> --output %1 --passphrase-fd 0 --decrypt %2
You should also ask y
"Rogers, Dustin" wrote:
> I have recently installed gnupg 2.1.20 from source on a centos6.8 box.
What's the configure option? Did you enable smart card support with
libusb?
> [root@system1 ~]# gpg --card-edit
>
> gpg-agent[5158]: DBG: chan_8 -> OK Pleased to meet you, process 5159
[...]
> gpg-a
16 matches
Mail list logo
