On Mon, Feb 19, 2018 at 7:45 PM, Daniel Kahn Gillmor
wrote:
> On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> > I will probably never understand why wanting to run the most current
> > version of gnupg on a plethora of servers is controversial.
>
> Here's one last try to explain the situation.
On Mon, Feb 19, 2018 at 2:30 PM, Green, Ian wrote:
>
> Can anyone suggest anything to help reduce the time to something more
> viable?
>
Try symmetric encryption / decryption.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/ma
On Fri, Feb 2, 2018 at 12:42 AM, Smith, Cathy wrote:
> My experience is that gpg 2.2 seems to be more suited for the desktop
> environment than for a server environment or a remotely administered site.
> We've been using gpg 1.4 (yes I know it is old) in batch mode for many
> years in a Red Hat e
Hi,
I am going to have a lightning talk at FOSDEM about EasyGnuPG:
- https://fosdem.org/2018/schedule/event/easy_gnupg/
- https://slides.com/dashohoxha/easy-gnupg
In case somebody will be at FOSDEM, I invite you to participate.
Regards,
Dashamir
___
On Wed, Jul 27, 2016 at 3:46 PM, John Buehrer wrote:
>
> $ printf "5\n" | gpg2 --batch --edit-key 67A92459607354C7 trust quit
>
I think that it should work with the option `--command-fd=0`, which tells
gpg2
to get the commands from stdin. See this example:
https://github.com/dashohoxha/egpg/
On Wed, Jul 27, 2016 at 1:40 PM, Marcos Alano
wrote:
> IMHO, I don't think so. A dev branch is very unstable and modern branch is
> considerably stable but receive a lot of new features. Stable is very
> stable for people who wants a long term stable version.
>
IMHO, a branch that gets new featur
On Tue, Jul 19, 2016 at 2:16 PM, d...@mielko.com wrote:
>
> is there a way to force GPG to produce output with PGP extension?
>
Try the option: `--output filename.pgp`
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/lis
On Mon, Jul 18, 2016 at 9:40 PM, d...@mielko.com wrote:
> I am struggling with GPG command line that will encrypt file with key A
> and sign it with key B.
>
Usually it does it automatically, if you have subkeys for signing and
encryption.
> Also, is there a way to provide the password for the
On Wed, Jul 6, 2016 at 7:41 PM, Dashamir Hoxha wrote:
>
> I would suggest the script key2dongle which is part of egpg:
> - https://github.com/dashohoxha/egpg/wiki/gnupg-2.1-key2dongle
> -
> https://github.com/dashohoxha/egpg/blob/gnupg-2.1/src/ext/cmd_key2dongle.sh
>
By the
On Wed, Jul 6, 2016 at 10:25 AM, Damien Goutte-Gattat <
dgouttegat...@incenp.org> wrote:
>
> Storing the master key offline and having to import it whenever I want
>> to sign other keys might actually decrease security, since it offers
>> enough of a possiblity to mess things up
>>
>
> True enough.
On Tue, Jun 28, 2016 at 4:16 AM, NIIBE Yutaka wrote:
>
> Or let a governor certify our own
> public key, where the private key is in our own smartcard/token.
>
This is really a good idea. If authorized government officials certify
our public keys, then our signatures can have full legal values,
On Thu, Jun 16, 2016 at 12:17 PM, wrote:
>
> Problem 1.
> When I run "gpg --gen-key", everything done well, except the last step,
> type on the keyboard to gain enough entropy for the random number
> generator, the process seemingly will never end.
> Ref. to the attatchment, pls. download and chec
On Tue, Jun 7, 2016 at 7:54 PM, Brad Rogers wrote:
>
> That may well work, but it's possibly ill-advised. I suggest reading
> https://wiki.debian.org/DebianExperimental, which has all the info you
> need.
>
Thanks a lot. This page indeed has the answers I was looking for.
Dashamir
_
On Tue, Jun 7, 2016 at 7:22 PM, Daniel Kahn Gillmor
wrote:
> On Tue 2016-06-07 06:03:55 -0400, Dashamir Hoxha wrote:
>
> > Does anybody know how to temporarily install GnuPG-2.1.12 in Ubuntu or
> > Debian, for testing?
>
> In debian testing or unstable, you should use th
Hi,
Does anybody know how to temporarily install GnuPG-2.1.12 in Ubuntu or
Debian, for testing?
I also need help with testing egpg in CentOS:
-
https://github.com/dashohoxha/egpg/blob/gnupg-2.0/tests/dockerfile/centos-7
In Ubuntu and Debian testing works well:
-
https://github.com/dashohoxha/eg
On Mon, Jun 6, 2016 at 8:09 PM, Matthias Nick wrote:
>
> Am I doing anything wrong or maybe misunderstanding something? My
> understanding is that passphrases are meant for a situation where
> someone gets their hands on my private key and this behaviour seems to
> defy the purpose.
>
If your env
On Thu, Jun 2, 2016 at 10:54 AM, Robert J. Hansen
wrote:
> > There is a new version of egpg, based on GnuPG-2.1.11
>
> ... which apparently has not fixed the "it will nuke your hard drive if
> you have a certain environment variable set" problem I pointed out a
> month ago.
>
Apparently? I remem
Hi,
How far is the branch 2.1 from a stable release?
Is there any roadmap or timeschedule about making a stable release for 2.1?
I aksed ubuntu about when they are going to upgrade from 2.1.11 to 2.1.12
and the answer is that they don't upgrade packages on LTS, unless there is
a strong reason (wh
Hi,
There is a new version of egpg, based on GnuPG-2.1.11
- https://github.com/dashohoxha/egpg
- http://dashohoxha.github.io/egpg/gnupg-2.1/man/
Why not based on GnuPG-2.1.12? Because this is not ready yet
for Ubuntu (16.04). Maybe I could try to compile it, but I cannot
expect the users to com
On Thu, Jun 2, 2016 at 7:50 AM, Werner Koch wrote:
> On Wed, 1 Jun 2016 21:48, dashoho...@gmail.com said:
>
> > I don't remember exactly why they didn't work, but I think that in
> gnupg-2.1
>
> Because gpg inserts other prompts depending on version and options.
>
I tried to change the script t
On Wed, Jun 1, 2016 at 7:46 PM, Werner Koch wrote:
>
> --8<---cut here---start->8---
> local commands="addkey|4|4096|1m|addkey|6|4096|1m|save"
> commands=$(echo "$commands" | tr '|' "\n")
> script -c "gpg --batch --command-fd=0 --edit-key $GPG_KEY <<<
> \"
On Wed, Jun 1, 2016 at 9:40 PM, Peter Lebbing
wrote:
>
> Is it an option to upgrade your GnuPG to 2.1? I think it provides for a
> less bumpy ride with the pinentry loopback.
>
I couldn't make "pinentry loopback" work in 2.1.11, so, to be sure, try to
upgrade
to 2.1.12 where it may work better.
_
On Wed, Jun 1, 2016 at 10:56 AM, Aurélien Vallée
wrote:
>
> So "cert" is a default for primary-keys. If I do not provide any
> "Key-Usage", all usages will be set. If I do provide a "Key-Usage", then my
> master key is not "certify only" anymore.
>
I think that certify and sign are very similar,
On Sat, May 28, 2016 at 5:23 PM, Kristian Fiskerstrand <
kristian.fiskerstr...@sumptuouscapital.com> wrote:
> On 05/28/2016 03:32 PM, Dashamir Hoxha wrote:
> > Hi,
> >
> > I get this general error and I have no idea what is wrong:
>
> you can increase the dirmng
Hi,
I get this general error and I have no idea what is wrong:
$ gpg2 --fetch-keys
https://github.com/dashohoxha/egpg/raw/gnupg-2.1/tests/gnupg/DA94668A.gpg.asc
gpg: requesting key from '
https://github.com/dashohoxha/egpg/raw/gnupg-2.1/tests/gnupg/DA94668A.gpg.asc
'
gpg: WARNING: unable to fetch
> The best solution in my opinion would be to allow batch mode [1] to create
> more than one subkey. The manual says "Currently only one subkey can be >
handled".
> I don't know, is it difficult to implement, or it is considered bad
practice (and thus
> the restriction).
On a second thinking, I be
On Fri, May 13, 2016 at 1:59 AM, MFPA <
2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
>
> > I wanted to know if there is a way to create a new
> > subkey without giving
> > it a new passphrase but using the same one as the
> > primary key and the first subkey.
>
> Just enter the same passphrase a
On Wed, May 11, 2016 at 1:20 AM, Carola Grunwald
wrote:
>
> When an application creates a key it also has to get it deleted.
>
> With the 1.4 branch I interacted with the GnuPG process completely
> unattended through standard-I/O pipes, which now are replaced by the
> pinentry mechanism, where red
On Tue, May 10, 2016 at 9:47 AM, Carola Grunwald
wrote:
>
> Meanwhile I'm sure it's a bug similar to
> https://bugs.gnupg.org/gnupg/issue2324.
>
Some other people may claim that it is a feature.
I am not able to judge on these issues, so I have no opinion.
> >But I just realized that you can de
On Sat, May 7, 2016 at 5:32 PM, Carola Grunwald
wrote:
>
> You're right, there's no passphrase request with
>
> | d:\gpg>gpg.exe --batch --homedir "d:\gpgdat" --no-auto-key-locate
> --no-default-keyring --keyring "d:\gpgdat\pubring.kbx"
> --delete-secret-and-public-key "66C040ADBE2C5728022F81DCCE
On Sun, May 8, 2016 at 2:09 PM, flapflap wrote:
>
> I really don't think that bash is the right language here...
But if you want to automate some tasks on the command line, bash seems to
be the perfect choice.
___
Gnupg-users mailing list
Gnupg-users@g
> > Do you think that renaming "WORKDIR" to "EGPG_TMP_WORKDIR" would fix it?
>
I think that this is a better fix:
https://github.com/dashohoxha/egpg/commit/ff331e1db8f28a9521c2603f84fde1c9412702bd
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http:/
On Sun, May 8, 2016 at 10:48 AM, Robert J. Hansen
wrote:
> > Do you think that renaming "WORKDIR" to "EGPG_TMP_WORKDIR" would fix it?
>
> I have tried very hard to be polite in my criticisms, but you seem to be
> under the unreasonable belief that politeness means I am amenable to
> working with
On Sun, May 8, 2016 at 9:56 AM, Robert J. Hansen
wrote:
>
> I found a potentially *system-destroying bug* in literally the *very
> first function I inspected*. I've been very circumspect in my
> criticisms until now, Dashamir, because I really want to encourage
> people to hack on things. But it
> >* gpg: checking the trustdb
*> >* gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model*>
> It comes from gpg. I just pushed a fix for 2.1 toseilence it with --quiet.
I still get that output even when using --quiet
But maybe it is because I still have 2.1.11 (ubuntu 16.04)
Dashamir
Starting an other topic.
On Sun, May 8, 2016 at 6:11 AM, Doug Barton wrote:
> On 04/26/2016 06:37 AM, Robert J. Hansen wrote:
>
>> I've looked over your egpg code. My bloodless technical evaluation is
>> simple: "it is nowhere near ready for production environments." And I
>> think if you read
On Sat, May 7, 2016 at 12:59 PM, Carola Grunwald
wrote:
> Hello,
>
> on Wed, 4 May 2016 22:55:34 + (UTC), I wrote:
>
> >I need help with GnuPG 2.1.12 migrating an encryption tool from 1.4.20.
> >
> >I'm trying to run the --delete-secret-and-public-key command with the
> >passphrase entered t
Hi,
We all know that generating new keys currently takes a lot of time,
especially on headless environments. There are several suggestions
on the internet about how to improve this, but most of them are criticized
for making the security weaker (by lowering the quality of randomness
that they gene
On Thu, May 5, 2016 at 1:17 AM, Pete Stephenson wrote:
> On Thu, May 5, 2016 at 12:14 AM, Robert J. Hansen
> wrote:
> > Dashamir, this list has very few rules. I'm grateful for that, really.
> > One of the few rules that must be obeyed, though, is "we will not
> > advocate non-libre software or
On Wed, May 4, 2016 at 3:38 PM, Werner Koch wrote:
> On Wed, 4 May 2016 12:16, dashoho...@gmail.com said:
>
> > Git is great, GitHub is greater.
>
> I would appreciate if you do not advertise proprietary services here.
>
I do not advertise, I expess my opinion.
Do you think that I am affiliated
On Wed, May 4, 2016 at 9:12 PM, Dashamir Hoxha wrote:
> On Wed, May 4, 2016 at 3:38 PM, Werner Koch wrote:
>
>> On Wed, 4 May 2016 12:16, dashoho...@gmail.com said:
>>
>> > Git is great, GitHub is greater.
>>
>> I would appreciate if you do not advertise
On Wed, May 4, 2016 at 11:37 AM, Peter Lebbing
wrote:
> On 03/05/16 22:31, Dashamir Hoxha wrote:
> > Is it on GitHub (so that I can watch you)?
>
> From [1]: the project is in Git, but not on GitHub.
GitHub provides issue/project management features on top of Git.
For example it
On Tue, May 3, 2016 at 8:20 PM, Daniel Pocock wrote:
>
>
> On 03/05/16 15:55, Dashamir Hoxha wrote:
> > On Tue, May 3, 2016 at 3:04 PM, Daniel Pocock > <mailto:dan...@pocock.pro>> wrote:
> >
> > I tried this with GnuPG 2.0.26 on Debian:
> >
&
On Tue, May 3, 2016 at 3:04 PM, Daniel Pocock wrote:
>
> I tried this with GnuPG 2.0.26 on Debian:
>
> $ gpg2 --card-edit --batch
> gpg: can't do this in batch mode
>
You can try something like this:
- https://github.com/nyarly/simplekey/blob/master/commands/trust#L46-L50
or like this:
-
https:
On Fri, Apr 29, 2016 at 7:38 AM, Paul R. Ramer wrote:
> On 04/26/2016 05:24 AM, Dashamir Hoxha wrote:
> > It doesn't seem reasonable to me.
>
> Honestly, what is with this, "It doesn't seem reasonable to me," line?
> This is the second post in the thread wh
On Tue, Apr 26, 2016 at 5:31 PM, Daniel Pocock wrote:
>
> > I don't want to do that. It doesn't seem reasonable to me.
>
> Can you please tell me what you mean when you say "It doesn't seem
> reasonable to me"?
>
> Alternatively, what would be reasonable?
>
Somebody else reviews it and finds it
On Tue, Apr 26, 2016 at 4:57 PM, Daniel Pocock wrote:
>
>
> On 26/04/16 15:40, Dashamir Hoxha wrote:
> > On Tue, Apr 26, 2016 at 3:11 PM, Robert J. Hansen > <mailto:r...@sixdemonbag.org>> wrote:
> >
> > When asking other people to do things for you
On Tue, Apr 26, 2016 at 3:11 PM, Robert J. Hansen
wrote:
>
> When asking other people to do things for you, it pays to keep in mind
> how valuable the community has deemed your contributions. If you
> haven't earned much reputation, you might want to do that before you go
> about asking people to
On Tue, Apr 26, 2016 at 2:52 PM, Peter Lebbing
wrote:
>
> And I do it without bashing your messages, even though you
> seem to take it personal.
>
Please keep the discussion technical. If you don't agree with me this is
fine.
But when you express your opinion about my lack of modesty, this is get
On Tue, Apr 26, 2016 at 1:16 PM, Daniel Pocock wrote:
>
> Could you add a section to the wiki about this, with an itemized list of
> the tasks that need to be done, e.g.
>
> * packaging egpg and uploading to Debian
> * anybody can upload it to https://mentors.debian.net for a DD to
> sponsor
>
On Tue, Apr 26, 2016 at 2:20 PM, Daniel Pocock wrote:
>
> > I manage the tasks of the project on GitHub:
> > https://github.com/dashohoxha/egpg/issues
> >
>
> You can use the wiki to link to the Github tasks that are relevant to
> using epgp in the Live CD, you don't have to copy the details of ea
On Tue, Apr 26, 2016 at 1:32 PM, Peter Lebbing
wrote:
>
> I think you are taking the "plugging my project" approach too far. While
> generating exposure is definitely a good component of making your
> project succesful, I think a bit more modesty is in order. If I had a
>
Peter, I already know y
On Tue, Apr 26, 2016 at 9:53 AM, Daniel Pocock wrote:
>
> There has been some discussion on debian-devel[1] about making a
> bootable Debian Live CD specifically for GnuPG
>
> The benefit is that everything on the CD is self-contained, it can't be
> tampered with, it can run without network suppo
On Mon, Apr 25, 2016 at 4:01 PM, Robert J. Hansen
wrote:
> > This PDF file can be printed and used as a paper backup. It can be
> restored
> > with the help of a webcam and a barcode reader program (like zbar).
>
> Why not use Paperkey and QR-encode that instead?
>
The idea of Paperkey is to red
On Mon, Apr 25, 2016 at 3:53 PM, Werner Koch wrote:
>
> See misc/vcards/vcard-template.tex in the gnupg-doc repo on how we print
> the GnuPG cards. It might be useful to add "-i" to the qrencode call,
>
This looks promising, I will have a look at it.
Thanks.
_
Hi,
I have added a feature to egpg to export the key and convert it to 3D
barcode
images, included in a PDF file:
https://github.com/dashohoxha/egpg/blob/master/src/fn/qrencode.sh
This PDF file can be printed and used as a paper backup. It can be restored
with the help of a webcam and a barcode re
On Sun, Apr 24, 2016 at 6:51 PM, Daniel H. Werner
wrote:
>
> 4) My existing keys were created (in 2009 in PGP) at 2048 length. Should
> I change them to 4096? If so, how?
>
I think that 2048 is still OK.
But if you decide to upgrade, you can find some good advice here:
https://johnlane.ie/i-hav
Hi,
I have made another release of EasyGnuPG.
Things that have changed since the last time that I posted here are:
- Small fixes and improvements (some of which were suggested here).
- Finished automated testing scripts [1].
- Bash autocompletion [2].
- Making the egpg key-ring the default one
On Wed, Apr 20, 2016 at 11:54 AM, Peter Lebbing
wrote:
> PS: Quick note: that the security depends on GnuPG does not mean that it
> inherits the security of GnuPG.
You are right. After decrypting the archive, it is the responsibility of
the script to handle it safely, before encrypting it again
On Wed, Apr 20, 2016 at 11:21 AM, Peter Lebbing
wrote:
> On 20/04/16 09:10, Dashamir Hoxha wrote:
> > And I also believe that it is not less secure than the other solutions.
>
> You mean like Phil Zimmerman believed BassOmatic was secure?
>
Thanks for comparing me to Ph
On Wed, Apr 20, 2016 at 8:09 AM, Robert J. Hansen
wrote:
> > I thought you could point out what is wrong with it, hopefully
> > something that can be fixed. But that's OK.
>
> You're asking people to sign on for a literally never-ending process.
> (Peer review never ends, after all. Ask the Open
On Wed, Apr 20, 2016 at 3:27 AM, Doug Barton wrote:
> On 04/19/2016 12:34 PM, Dashamir Hoxha wrote:
>
>> On Tue, Apr 19, 2016 at 9:18 PM, Doug Barton > <mailto:dougb@dougbarton.email>> wrote:
>>
>> On 04/19/2016 05:12 AM, Dashamir Hoxha wrote:
>>
On Tue, Apr 19, 2016 at 9:18 PM, Doug Barton wrote:
> On 04/19/2016 05:12 AM, Dashamir Hoxha wrote:
>
>> I have written a small password utility, where passwords are stored on
>> an encrypted archive.
>>
>
> This is a bad idea. You should instead use one of th
I have written a small password utility, where passwords are stored on an
encrypted archive.
I use something like this:
- https://github.com/dashohoxha/pw/blob/master/src/pw.sh#L26-L27
I think that all these three ways are the same (security-wise), isn't it?
The second way (described by Peter) is
On Tue, Apr 5, 2016 at 12:06 PM, Peter Lebbing
wrote:
> Dashamir, note I wasn't attacking your project.
>
I wasn't attacking yours either.
I simply expressed my opinion, and maybe I am wrong.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://li
On Tue, Apr 5, 2016 at 11:06 AM, Peter Lebbing
wrote:
> On 02/04/16 09:55, Eva Bouwman wrote:
> > I will start where Dashamir suggested , [...]
>
> > Personally I tend to agree with Julian. My idea was not to write a OS
> > dependent document, in my opinion the target audience will be narrowed
>
http://www.fsf.org/news/library-freedom-project-and-werner-koch-are-2015-free-software-awards-winners
Congratulations!
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Mon, Apr 4, 2016 at 1:07 PM, Christine Kremsmayr
wrote:
> I only have a vague and incomplete understandig of the procedure in which
> GnuPG derives a private key from a password.
To my understanding, the key is not derived from the passphrase, it is
generated independently of it. The passphr
On Sun, Apr 3, 2016 at 11:22 AM, Christine Kremsmayr
wrote:
> Hi everyone,
>
> with the command gpg2 --export-ownertrust I can cause GnuPG to display the
> owner trust values of the public keys in my keyring.
> The problem: I don't know how to interprete the numbers to the right of
> the fingerpr
Hi Eva,
Would you consider using this easy tool: https://github.com/dashohoxha/egpg
?
I am not sure how much easy it is, but the intention is for beginers.
I would love some feedback from some Dutch parent average-pc-users
(if you can write a suitable doc for them).
This is not a direct answer to
On Fri, Apr 1, 2016 at 4:05 AM, mick crane wrote:
>
> First what I would like to do is find a configure file for gnupg ?
>
Did you check ~/.gnupg/gpg.conf ?
If it does not exist just create it.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://l
On Mon, Mar 28, 2016 at 5:03 PM, Muri Nicanor
wrote:
> Hello again gnupg-users,
>
> when i have multiple secret keys, how can i specify which one to use to
> sign a key? (i.e. when using --quick-sign-key)
>
According to the docs, you use `--default-key=` or
`--local-user=`
You can find the key i
On Sat, Mar 26, 2016 at 7:51 AM, listo factor wrote:
> On 03/26/2016 03:55 AM, Dashamir Hoxha wrote:
>
>> On Fri, Mar 25, 2016 at 9:50 PM, listo factor
>> wrote:
>>
> >> ... The efforts which concentrate on making it easy might
> >> indeed increase th
On Fri, Mar 25, 2016 at 9:50 PM, listo factor wrote:
>
> To perform tasks that GPG is designed to accomplish in a safe manner
> is *very, very hard*, and even the best documentation could not change
> that fact. The efforts which concentrate on making it easy might
> indeed increase the number of
On Fri, Mar 25, 2016 at 10:21 AM, Ben McGinnes wrote:
>
> Primary keys MUST be C-usage and MAY be SCA usage, by default they're
> SC, but simply creating an S-usage subkey moves the S function to the
> subkey (by default GPG will select the newest subkey with a given
> capability to perform that f
On Thu, Mar 24, 2016 at 11:21 AM, Paolo Bolzoni <
paolo.bolzoni.br...@gmail.com> wrote:
> Dear list,
>
> It is possible to simply use the terminal to input my password when
> using gpg from the command line?
> I often use the computer with two screens, one that the students see
> and the one in fr
On Wed, Mar 23, 2016 at 6:48 PM, Daniel Kahn Gillmor
wrote:
>
> > In this case, "gpgme-tool" should be packaged on its own, not inside the
> > package "*libgpgme11-dev*".
> > I am refering to this message:
> > https://lists.gnupg.org/pipermail/gnupg-devel/2014-December/029206.html
>
> I'm entirely
On Wed, Mar 23, 2016 at 6:04 AM, Viktor Dick wrote:
>
> Then there is the problem that the user might not notice that his key is
> expired. I remember vagely spending a day trying to find the error until
> I noticed that my subkeys were expired. But this might have been a
> problem with Enigmail,
On Tue, Mar 22, 2016 at 11:56 PM, Andrew Gallagher
wrote:
> On 22 Mar 2016, at 22:10, Dashamir Hoxha wrote:
>
> On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing
> wrote:
>>
>> And why is your primary key capable of encryption? One of the reasons for
>> subkeys i
On Tue, Mar 22, 2016 at 11:25 PM, Peter Lebbing
wrote:
>
> > What is wrong with that? As long as there is a subkey for encryption,
> > gpg will use the subkey for encryption, even if the primary key is
> > capable of encryption.
>
> That is not up to you! It's up to your peers, or your attackers.
On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing
wrote:
>
> Your one month expiry thing is not well thought through. Not only will the
> owner
> need to re-sign and redistribute every damn month, but all his contacts
> will
> pretty much always need tor refresh the key before they can use it, /eve
On Tue, Mar 22, 2016 at 3:41 PM, Ben McGinnes wrote:
>
> You might try experimenting with gpgme-tool then, it's one of the
> undocumented/self-documented extras which comes with GPGME. It
> provides a socket interface with which you can interact with portions
> of the GPGME functions, including m
On Tue, Mar 22, 2016 at 10:54 AM, Paolo Bolzoni <
paolo.bolzoni.br...@gmail.com> wrote:
> I totally agree, Dashamir I really think you should focus on what you
> think is hard in gnupg? And why?
> Are you sure a new program (and not a simple patch) is the best answer?
>
> At the moment you are sho
On Tue, Mar 22, 2016 at 2:28 PM, Werner Koch wrote:
>
> There are two simple things you need to remember when using gpg in a
> script:
>
> 1. --batch to avoid all interaction.
>
> 2. --with-colons to get a well defined output format. That format is
> not good for humans, though.
>
> Wel
On Tue, Mar 22, 2016 at 2:55 PM, Andrew Gallagher
wrote:
>
> For that we need to be encouraging hackers and tinkerers to experiment
> with novel interfaces; and this is best done by giving them the software
> equivalent of Lego rather than Meccano.
>
I find the Lego analogy very suitable. This is
On Tue, Mar 22, 2016 at 4:29 PM, Werner Koch wrote:
> On Tue, 22 Mar 2016 15:41, b...@adversary.org said:
>
> > provides a socket interface with which you can interact with portions
> > of the GPGME functions, including most of the most common functions.
>
> FWIW: We even consider to extend gpgme
On Tue, Mar 22, 2016 at 3:53 PM, Paolo Bolzoni <
paolo.bolzoni.br...@gmail.com> wrote:
> I guess we should start from the desired use case.
> We want a GUI for what? Encrypting? Signing? Managing the web of
> trust? SSH login? Everything?
I think that deciding the desired use case(s) is importan
On Tue, Mar 22, 2016 at 11:40 AM, Paolo Bolzoni <
paolo.bolzoni.br...@gmail.com> wrote:
> And besides, it's much easier to build a GUI app in front of a C API
> than a command line application.
By no means I want to prevent anybody from starting to build a GUI app...
On Tue, Mar 22, 2016 at 10:46 AM, Robert J. Hansen
wrote:
>
> I don't think the EasyGnuPG authors have thought through their target
> market. It targets users who are comfortable enough to say "oh, I
> should use the terminal for this!", but not comfortable enough to read a
> manpage. It's targe
On Tue, Mar 22, 2016 at 9:56 AM, Bernhard Reiter
wrote:
>
> Any cross plattform approach would work. Python has the advantage
> that the source code can be changed by an editor an immedeately run
> and that it works fairly well cross-plattform.
>
> What is even more important is that you should us
something better,
this is fine, just give it a try, I have nothing against it. If you think
that gpg is great and it needs no improvements, this is still fine.
Peace,
Dashamir
On Mon, Mar 21, 2016 at 6:38 PM, Peter Lebbing
wrote:
> On 21/03/16 16:49, Dashamir Hoxha wrote:
> > Yes, but th
Hi Bernhard, thanks for having a look at it.
On Mon, Mar 21, 2016 at 3:05 PM, Bernhard Reiter
wrote:
> Hi Dashamir,
>
> On Friday 18 March 2016 at 09:49:16, Dashamir Hoxha wrote:
> > I am writting some shell scripts for making GnuPG more accessible and
> > easier
On Mon, Mar 21, 2016 at 10:44 AM, Paolo Bolzoni <
paolo.bolzoni.br...@gmail.com> wrote:
> Dear list,
>
> The subject pretty much says it all already, I am using GnuPG 2.1.11
> (with libgcrypt 1.6.5) and I was wondering if I should always add
> myself as recipient when encrypting a file, of course,
Solutions explained by Damien are better than mine. I was not aware of
them. I would recommend one of them.
On Sun, Mar 20, 2016 at 9:51 PM, Me Self wrote:
> Hi Damian and Dashamir
>
> Those are all great solutions, tnx :)
>
>
> On Sat, Mar 19, 2016 at 7:26 PM, Damien Goutte-Gattat <
> dgouttega
Hi,
I am writting some shell scripts for making GnuPG more accessible and
easier to use:
- https://github.com/dashohoxha/egpg
- http://dashohoxha.github.io/egpg/man/
- https://github.com/dashohoxha/egpg/wiki
It is not finished yet (regarding the features that I have planned to
implement), but
On Sat, Mar 19, 2016 at 1:24 PM, Me Self wrote:
> Hi All
>
> What is the best way to use a master key from a backup usb?
>
> The whole ~/gnupg folder is backed up to the usb, and the master key has
> been removed from the keyring on the harddrive.
>
> I can use the master key with:
> gpg --homedi
On Wed, Mar 16, 2016 at 9:19 AM, Jochen Saalfeld
wrote:
>
> Hi Dahsamir,
>
> I digged the code a bit and found, the piece of code. As you already
> assumed
> correctly, the trust-db is checked periodically, if
> the --no-auto-check-trustdb option is not set, and a log output is made,
> when
> the
On Wed, Mar 16, 2016 at 7:30 AM, Dashamir Hoxha
wrote:
> On Wed, Mar 16, 2016 at 4:58 AM, NIIBE Yutaka wrote:
>
>> On 03/16/2016 06:06 AM, Dashamir Hoxha wrote:
>> > I have a problem that time after time I get output like this, which is
>> > somewhat unrelated to
On Wed, Mar 16, 2016 at 4:58 AM, NIIBE Yutaka wrote:
> On 03/16/2016 06:06 AM, Dashamir Hoxha wrote:
> > I have a problem that time after time I get output like this, which is
> > somewhat unrelated to the operation performed and a bit confusing:
> >
> > --
&g
Hi,
I am writting some wrapper shell scripts around gpg, trying to make it a
bit more user-friendly for beginners: https://github.com/dashohoxha/egpg
I have a problem that time after time I get output like this, which is
somewhat unrelated to the operation performed and a bit confusing:
-
100 matches
Mail list logo
