> On 30 Dec 2021, at 16:27, Alex Nadtoka wrote:
>
> Even if I remove root certificate from the server it will be added again on
> renewal.
It is the client that needs the ca certificate to be removed, not the server.
The root cause is that there is more than one verification path possible an
On 12/30/21 17:44, Ingo Klöcker wrote:
On Donnerstag, 30. Dezember 2021 15:38:47 CET Lars Noodén via Gnupg-users
wrote:
What else is needed to get pinentry invoked so that the SSH client can
connect using the GnuPG RSA key?
At this point the public key is visible in the SSH agent:
$ ssh-add
Actually I just now realized that the things are automated on the server.
Certbot+nginx renews SSL certificates every 3 months. And currently
keyserver uses the latest SSL certificate with automatically set up CA Root
certificates. Even if I remove root certificate from the server it will be
added
On Donnerstag, 30. Dezember 2021 15:38:47 CET Lars Noodén via Gnupg-users
wrote:
> What else is needed to get pinentry invoked so that the SSH client can
> connect using the GnuPG RSA key?
>
> At this point the public key is visible in the SSH agent:
>
> $ ssh-add -l
> 3072 SHA256:j0V4cVzC..
Hello,
I have used GNUpg2 v 2.2.19 [1] to create an authentication RSA subkey
for use with SSH. At one point, I got past pinentry's blocking of the
use of the private key and successfully logged in via SSH to the server
from the one session. In order to test my notes (as I usually do) I
erased
> I have attached logs of the wrong and correct behavior I observed
> (debug-level guru, debug-all).
Yes, this is an obvious bug. We have not yet seen it because on Unix we
prefer to use the CCID driver using a different code path and further
with 2.3 there is not much need to specify a port.
He
Cool thanks. going to test it today
Yesterday tested also with GPG Suite on MacOS - works fine, so only windows
issue I think.
чт, 30 груд. 2021 р. о 16:31 Werner Koch via Gnupg-users <
gnupg-users@gnupg.org> пише:
> On Wed, 29 Dec 2021 21:33, Andrew Gallagher said:
>
> > OK, so you definitely ne
On Wed, 29 Dec 2021 14:55, Anze Jensterle said:
> I just updated my Windows PC to 2.3. I used the "reader-port" option in
Do you mean gnupg 2.3.4 for Windows or the gpg4win 4.0 ?
> I have attached logs of the wrong and correct behavior I observed
> (debug-level guru, debug-all).
Thanks. We wil
On Wed, 29 Dec 2021 21:33, Andrew Gallagher said:
> OK, so you definitely need to solve the root certificate issue.
This has been fixed with gnupg 2.2.32 - please get an update. The
workaround is to delete the old LE certificate from your Root CA store.
Salam-Shalom,
Werner
--
Die Gedan
