> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 05/09/18 10:45, Fiedler Roman wrote:
> > * Decrypt and verify with gpg1 on receiver side:
> >
> > /usr/bin/gpg1 --no-options --homedir Receiver --no-default-keyring --
> keyring Sender/SenderKey.pub --l
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
> Gesendet: Mittwoch, 5. September 2018 15:21
> An: Fiedler Roman ; gnupg-users@gnupg.org
> Betreff: Both correct and surprising non-interactive gen-key (was: How to fix
> "ERROR key_generate 3355453" / "GEN
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 05/09/18 11:27, Fiedler Roman wrote:
> > Sorry, but you are completely off here.
>
> If there are six people I am actually interested in, and I know all
> their public keys,
How will you know them? I will no
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Wed, 5 Sep 2018 10:45, roman.fied...@ait.ac.at said:
>
> > No, this is a signed AND encrypted message. Can gpgv only be
> > used to verify signatures on signed-only but not signed AND
> > encrypted messages, maybe due to encrypt AFTER sign scheme
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Tue, 4 Sep 2018 18:31, roman.fied...@ait.ac.at said:
>
> > At which byte offset should I find the signer key fingerprint?
>
> That is an encrypted message and thus can you seen the the signature.
That is good, one more issue not having to care
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
> ...
> $ gpgv --keyring ./key.gpg data.gpg
>
> > Splitting up the message gives me
> >
> > 01-001.pk_enc
> > 02-018.encrypted_mdc
>
> This is an encrypted message. gpgv can't do anything with it.
No, this is a signed AND encrypted me
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 18:31, Fiedler Roman wrote:
> > /usr/bin/gpgv --status-fd 2 --homedir /proc/self/fd/nonexistent --keyring
> sign.pub /proc/self/fd/0
>
> You missed my point. You are not including a slash in the keyrin
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Tue, 4 Sep 2018 10:08, roman.fied...@ait.ac.at said:
>
> > [GNUPG:] UNEXPECTED 0
>
> The signature is corrupted in that it has a packet which is expected
> only in a key. Or the provided key has a data signature packet etc.
I hope not :-) If any
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 15:22, Peter Lebbing wrote:
> > I don't understand, could you give commands, expected behaviour and
> > actual output?
>
> To clarify, I thought you were giving an example of "starting gpgv
> without any keyring at all", becaus
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 04/09/18 09:52, Fiedler Roman wrote:
> > Maybe the current hammer documentation should be updated, to remove
> > the "--use-as-hammer" options? Or at least declare, that they shall not
> >
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Mon, 3 Sep 2018 19:25, pe...@digitalbrains.com said:
>
> > It could be that recently an option was added to check a signature by a
> > certificate in a file, but in general you need to import a certificate
>
> No, that is nlot the case. We only ad
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 03/09/18 18:56, Fiedler Roman wrote:
> > With gpg1 a similar command should have verified, that the signature
> > is exactly from the single public key stored in "key.pub".
>
> This has never been a s
Hello List,
Just for the records: a gnupg2 "ERROR key_generate 33554531" is fixed by
sending " %no-protection" via the command-fd. It seems that a password-less key
was generated with gpg1 just by not setting a password. With gnupg2 this
command is needed.
@Devs: It would be really nice to iss
Hello list,
I am attempting to upgrade software to use gpg2 instead of gpg. After fixing
the usual "Inappropriate ioctl for device" and "Sorry, we are in batchmode -
can't get input" messages and applying all the gpg_agent security workarounds,
I am now stuck at this sequence:
The key generati
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
> Ralph Seichter
>
> This thread really has me pulling my hair--what's left of it. Some core
> aspects from where I am standing:
>
> 1. GPG is maintained by volunteers. If you have any complaint about how
> this maintenance
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> Lessee...
> https://en.wikipedia.org/wiki/GNU_Privacy_Guard
> already give an end-of-life date for 2.0, but none for 1.4.
> And since Ubuntu 16.04 includes 1.4, there are likely
> to still be a few vocal 1.4 users out ther
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> On 22/05/18 10:44, Fiedler Roman wrote:
> > Such a tool might then e.g. be used on a MitM message reencryption
> > gateway: the old machines still send messages with old
> > (deprecate
Hello list,
I failed to decide, which message would be the best to reply to, so I took one
with a title, rational humanists could be proud of. Ignoring the title, many of
the messages had valid arguments for both sides. From my point of view the main
difference seems to be, what is believed to
> Von: Daniel Kahn Gillmor [mailto:d...@fifthhorseman.net]
>
> On Thu 2018-05-17 15:37:55 +, Fiedler Roman wrote:
> > Von: Daniel Kahn Gillmor [mailto:d...@fifthhorseman.net]
> >
> >> See sources.list(5) and
> >> https://wiki.debian.org/DebianRe
> Von: Daniel Kahn Gillmor [mailto:d...@fifthhorseman.net]
>
> On Thu 2018-05-17 08:45:18 +, Fiedler Roman wrote:
> > As gnupg starts getting more and more problematic regarding some
> > functions (see the discussions on command line/unattended use), Ubuntu
> &g
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
> > On 17 May 2018, at 11:50, Patrick Brunschwig
> wrote:
> >
> >> On 17.05.18 10:07, Werner Koch wrote:
> >> On Thu, 17 May 2018 08:59, patr...@enigmail.net said:
> >>
> >>> Within 12 hours after the release I got 5 bug repo
Just a foreword: sorry for not acknowledging all the good proposals you make -
many of them I can fully second - and all the good changes you apply, I really
appreciate them. I just do not reply to all of them ...
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Thu, 17 May 2018 10:45, roman.f
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> Am Donnerstag 17 Mai 2018 10:45:18 schrieb Fiedler Roman:
> > As gnupg starts getting more and more problematic regarding some
> functions
> > (see the discussions on command line/unattended u
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Wed, 16 May 2018 16:24, roman.fied...@ait.ac.at said:
>
> > In my opinion it is hard to find such a "one size fits all"
> > solution. Like Werner's example: disabling decryption streaming
>
> The goal of the MDC is to assure that the message has bee
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> Am Mittwoch 16 Mai 2018 15:46:05 schrieb Martin:
> > I think a fundamental discussion is necessary with the question: Who
> > should / will use GnuPG in the future?
>
> Note that during one contract in 2016 we came up with
> Von: Andrew Gallagher [mailto:andr...@andrewg.com]
>
> > On 16 May 2018, at 13:44, Fiedler Roman
> wrote:
> >
> > I am not sure, if gpg could support
> > implementation/testing/life-cycle-efforts
> to establish all those parameters and different process
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Tue, 15 May 2018 11:44, roman.fied...@ait.ac.at said:
>
> > The status line format should be designed to support those variants to
> > allow a "logical consistency check" of the communication with GnuPG
>
> There is a
>
> DECRYPTION_FAILED
>
> and t
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> > On 14 May 2018, at 18:32, Werner Koch wrote:
> >
> > On Mon, 14 May 2018 15:44, andr...@andrewg.com said:
> >
> >> This all exposes one of the difficulties with trying to manage security
> >> software in a decentralised
> Von: MFPA [mailto:2017-r3sgs86x8e-lists-gro...@riseup.net]
>
> Hi
>
> On Monday 14 May 2018 at 1:33:03 PM, in
> local>,
> Fiedler Roman wrote:-
>
> > This would also prevent many other programming
> > errors: e.g. if gpg
> > claims to have processed
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> On 14/05/18 12:25, Robert J. Hansen wrote:
> > The problem is that gpg doesn't say anything. I would expect a
> > DECRYPTION_FAILED message here:
>
> So perhaps the solution is to throw a big warning and prompt when an
>
0550-2950
roman.fied...@ait.ac.at | https://www.ait.ac.at
View my researcher profile: https://www.ait.ac.at/profile/detail/Fiedler-Roman/
FN: 115980 i HG Wien | UID: ATU14703506
www.ait.ac.at/Email-Disclaimer
smime.p7s
Description: S/MIME cryptographic signa
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> On Tue 2018-01-30 21:35:57 -0500, FuzzyDrawrings via Gnupg-users wrote:
> > Wouldn't it make more sense to hash only the public-key's MPI
> > value(s)? That way if an implementation's code fails to generate a
> > unique ke
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Mon, 28 Aug 2017 12:00, pe...@digitalbrains.com said:
>
> > The gpg process communicates its TTY to the agent so the pinentry
> knows
> > where to pop up. This is a feature, not a bug. But when you
> deliberately
> > want to pop it up elsewhere...
>
> Von: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 25/08/17 18:40, Fiedler Roman wrote:
> > Idea:
> > 1) Extract all GPG preambles of files to be decrypted to a single file
> > (working)
> > 2) Batch decrypt all preambles from the input file on the truste
> From: Peter Lebbing [mailto:pe...@digitalbrains.com]
>
> On 25/08/17 16:08, Fiedler Roman wrote:
> > I tried to use the agent support that way. One reason for low adoption
> > might
> > be, that using the provided documentation, it is just not possible to get
>
Addendum: agent-use
> From: Werner Koch [mailto:w...@gnupg.org]
>
> On Fri, 4 Aug 2017 14:36, roman.fied...@ait.ac.at said:
> > Ah, that's great - and actually the first nice gpg-agent feature apart
> > from
> > gpg-agent being little annoying when running it on RAM-disks in early
> > boot.
>
>
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> On 04/08/17 14:39, Matthias Apitz wrote:
> > But this implies that everyone with priv access on the remote host
> could
> > abuse your secret key on your localhost, especially when a GnuPG-card
> is
> > used and you entere
> Von: Matthias Apitz [mailto:g...@unixarea.de]
>
> El día viernes, agosto 04, 2017 a las 01:59:57p. m. +0200, Werner Koch
> escribió:
>
> > On Wed, 2 Aug 2017 15:52, roman.fied...@ait.ac.at said:
> >
> > > How to decrypt large files, e.g. gpg-encrypted backups, without
> copying them to the mac
> Von: Werner Koch [mailto:w...@gnupg.org]
>
> On Wed, 2 Aug 2017 15:52, roman.fied...@ait.ac.at said:
>
> > How to decrypt large files, e.g. gpg-encrypted backups, without
> copying them to the machine with the GPG private key?
>
> With GnuPG 2.1 this is easy: You use ssh's socket forwarding fea
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> Hi,
>
> This is a simple question really. I've been working on some automation
> in which many GPG secrets are decrypted in parallel and rendered in
> templates. Routinely, when our system attempts to decrypt hundreds of
>
rmation Management
Center for Digital Safety & Security
AIT Austrian Institute of Technology GmbH
Reininghausstraße 13/1 | 8020 Graz | Austria
T +43 50550-2957 | M +43 664 8561599 | F +43 50550-2950
roman.fied...@ait.ac.at | https://www.ait.ac.at
View my researcher profile: https://www.ait.ac.at/
Hello List,
I'm trying to use gnupg to solve a usecase similar to the one depicted in
[1], but the workaround from [1] is not suitable, because:
* Each file I have is larger than the machine holding the keys
* The keys cannot be moved
* The streams will take hours/days to decrypt so no interrupti
42 matches
Mail list logo
