That's a good article and I think it makes a lot of sense in the
context. I still think PGP is valid for sending encrypted emails if you
exchange public keys beforehand (as he also states he still uses it in
that manner). The web of trust also never did anything for me sadly.
On 12/08/2020 20:29,
Hey there fellow gpg-users,
I've been using gpg-agent for a while with my Yubikey and its working
fine. Asking me the pin once on each plugin and then silently working in
the background.
For various reasons I also have on-disk ssh-keys with passphrases that I
added with ssh-add to the gpg-ag
There was a proof of concept attack on the fingerprints a couple of
years ago. The keys were revoked afterwards.
TL;DR short key fingerprints are not secure at all. Also the web of
trust is your friend here.
Cheers,
Felix
On 16/05/17 15:47, Janne Inkilä wrote:
I made a key search with my
So I am currently trying to get gpg-agent to play nice with ssh on
Windows. I'm running gpg version 2.1.15.
Using Linux I was able to get everything to run the way I want by adding
enable-ssh-support to the agent config
and setting the environment variable
SSH_AUTH_SOCK to the gpg agents ssh soc
So I've recently started experimenting with a Yubikey.
I started off by creating an encryption subkey from my master key and
moving that to the Yubikey.
This worked fine until I moved to a different computer and tried using
it there.
It didn't automatically recognize the key on the card until
