On Tue, May 22, 2018 at 10:24 PM, Fiedler Roman wrote:
>> https://en.wikipedia.org/wiki/GNU_Privacy_Guard
>> already give an end-of-life date for 2.0, but none for 1.4.
>> And since Ubuntu 16.04 includes 1.4, there are likely
>> to still be a few vocal 1.4 users out there.
>>
>> How about announci
Lessee...
https://en.wikipedia.org/wiki/GNU_Privacy_Guard
already give an end-of-life date for 2.0, but none for 1.4.
And since Ubuntu 16.04 includes 1.4, there are likely
to still be a few vocal 1.4 users out there.
How about announcing an end-of-life date for 1.4 that
is in the future (say, by 3
Thanks for the heads up!
(The eff alert only suggests disabling tools that *automatically*
decrypt messages,
Stumbling around a bit on the net, this sounds like a rehash of
https://sourceforge.net/p/enigmail/bugs/226/
Anyway, if you have a checkbox for 'automatically decrypt', you might
consider u
On Wed, Feb 21, 2018 at 10:22 PM, Ben McGinnes wrote:
>> And when you're on those certified, curated systems, you have
>> access to tools like
>> https://www.open-scap.org/resources/documentation/make-a-rhel7-server-compliant-with-pci-dss/
>> to help make sure you're in compliance, I think.
>
> op
On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes wrote:
> On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote:
>> I will probably never understand why wanting to run the most current
>> version of gnupg on a plethora of servers is controversial.
>>
>> Nevertheless, the two (2) greatest reasons a
On Sat, Jan 20, 2018 at 4:08 PM, Todd Zullinger wrote:
> I think that's https://dev.gnupg.org/T2290
Thanks.
Say, anyone know how to get bug tracker problems resolved?
Somehow my email address there lacks a dot before .com,
so I can't get confirmation emails.
- Dan
__
On Thu, Jan 18, 2018 at 7:58 PM, Dan Kegel wrote:
>> The keys referred to via signed-by are the only acceptable keys for the
>> associated apt repo.
>>
>> does that make sense?
>
> That'd be great if it worked. Since it's hard to explain what's bro
On Thu, Jan 18, 2018 at 7:52 PM, Daniel Kahn Gillmor
wrote:
> if this is the only thing happening, apt will indeed fail, because it
> has never heard of the "new key" that was just created -- why should it
> accept signatures from that new key?
>
> how are you configuring the target system to poin
On Wed, Jan 17, 2018 at 8:58 PM, Dan Kegel wrote:
> Here's the bit where it explodes,
>
> + sudo GNUPGHOME=/tmp/obs_localbuild_gpghome_dank.tmp
> APT_CONFIG=/home/dank/src/obs/foo.tmp/etc/apt.conf apt-get -q -q
> update
> inside VerifyGetSigners
> Preparing to exec:
On Wed, Jan 17, 2018 at 5:20 PM, Daniel Kahn Gillmor
wrote:
> > - The package depends on debian-archive-keyring (to leverage
> > the web of trust as suggested in 'man secure-apt')
>
> (itym 'man apt-secure', right?)
right.
> if you're expecting ubuntu (or any other non-debian) users to install
>
On Tue, Jan 16, 2018 at 8:31 PM, Daniel Kahn Gillmor
wrote:
> On Tue 2018-01-16 20:10:38 -0800, Dan Kegel wrote:
> > When I try to use gpg to manipulate secure apt repositories in the
> > real world, my head explodes.
>
> hi there! what kind of manipulation are yo
On Tue, Jan 16, 2018 at 7:37 PM, Robert J. Hansen wrote:
> * it's not going away in the near future
> * we know people like to use it for servers
> * it's a lot of work to keep two codebases going
> * new crypto, like ECC, will not be backported to 1.4
> * new features will probably not be backpor
Hey all,
I'm starting to suspect that using version 2.x of gnupg is simply not
a good idea when writing shell scripts that have to run unattended
and not touch system keychains or agents.
I worked hard to jump through hoops to use version 2 in such
an environment, but then I ran into the fact that
On Tue, Nov 7, 2017 at 5:45 AM, Sander Smeenk via Gnupg-users
wrote:
> Could you elaborate on the 'why' part of this enforced pinentry usage
> with GnuPG? It wasn't mandatory in 1.x, now it's forced on us.
>
> Where did that come from?
> What problem did it solve?
I'm curious, too.
It sure makes
On Mon, Sep 18, 2017 at 11:45 AM, Grzegorz Kulewski wrote:
> I am working on a project (in Python and bash) that requires me to use GPG in
> "headless mode" to generate keys and edit OpenPGP smartcard (to set some
> properties and transfer some of the generated keys). This includes
> transferin
On Mon, Sep 18, 2017 at 2:45 PM, Daniel Kahn Gillmor
wrote:
> GnuPG upstream developers tend to recommend the use of GPGME for system
> integration projects that require a stable interface.
dpkg does that, but it doesn't help people trying to automate dpkg :-)
- Dan
On Tue, May 16, 2017 at 12:31 AM, Peter Lebbing wrote:
> You should also ask yourself what the purpose of the passphrase is other
> than to make your life difficult
> You should probably just remove the passphrase from the key. That way
> any decryption or signature will just succeed without j
Did you see my walkthrough of all the problems I ran into while
getting gpg to not prompt?
https://lists.gnupg.org/pipermail/gnupg-users/2017-April/058158.html
https://lists.gnupg.org/pipermail/gnupg-users/2017-April/058162.html
That's for Linux, but it might still have a trick you're missing.
_
chmod +x test-script.sh
rm -rf /tmp/gpgtest-*
export GNUPGHOME=$(mktemp -d /tmp/gpgtest-XXX.tmp)
echo "allow-loopback-pinentry" > $GNUPGHOME/gpg-agent.conf
gpg-agent --daemon ./test-script.sh
rm -rf $GNUPGHOME
-- snip --
On Sat, Apr 29, 2017 at 9:14 PM, Dan Kegel wrote:
> tl;
tl;dr: anyone know what's up with --debug-quick-random? Also, handy
script for unattended key generation across many versions of gpg.
Hi all. This topic has been beaten to death on many forums and in many
bug reports, but here's a user report from the field that sums up what
works. It's mostly
20 matches
Mail list logo
