* ilf wrote:
> Over the years, I have used quite a number of keypairs. Unfortunately, I
> have forgotten the passphrase for some of them. But I do know potential
> parts of the passphrase.
This is ancient, but may help you https://www.vanheusden.com/nasty/
--
left blank, right bald
_
It's all about where they look for new/updated keys. There's folks
out there who use a WKD setup, as you mentioned, then there's some
who use a standalone (isolated, non-peering) SKS keyserver, etc.
I do not think reverting the patch that causes issues for them is a
smart move in the long run. [.
* Wiktor Kwapisiewicz via Gnupg-users wrote:
> in a similar fashion to what --quick-* commands already do for other actions
> (e.g. --quick-add-uid).
--set-notation maybe?
HTH
--
left blank, right bald
___
Gnupg-users mailing list
Gnupg-users@gnup
* André Ockers wrote:
> Op 06-04-19 om 15:04 schreef Markus Reichelt:
> > gpg -a --output an...@ockers.eu.asc.revoke --gen-revoke 7CD3FBC8F6005ED5
>
> This leads to the following:
>
> gpg: secret key "7CD3FBC8F6005ED5" not found: eof
i'm using on slackware
* André Ockers wrote:
> But when I tried to do the some thing in Bash I ran into the following:
>
> $ gpg -a --output an...@ockers.eu.asc.revoke --gen-revoke an...@ockers.eu
>
> sec 4096R/F5FE3668 2014-07-31 André Ockers
>
> Which is the fingerprint of the old key.
>
> What happened and wha
* Nicolai Josuttis wrote:
> For those who didn't have time to see it yet,
> there was an important talk at 31C3
> about the social and technical status and consequences of
> encryption by Jacob Applebaum and Laura Poitras.
> As a side effect it covers GnuPG significantly.
>
> So, please watch it
* adrelanos wrote:
> How can I establish a pseudonym that no one can easily fake while
> remaining anonymous?
a) you can't
define 'easily' - these days nobody reads/checks anything anymore
(there's some XKCD about this issue)
b) you can try:
Meet with a high-profile person (of your realm/domain
* adrelanos wrote:
> TrueCrypt.org says [1] they are signing "TrueCrypt Setup 7.1a.exe"
> [2] with a X.509 signature. How can I verify such a signature?
For Windows, they explicitly state how to do that.
> (On Debian Wheezy.) I tried:
> gpg2 --verify "TrueCrypt Setup 7.1a.exe"
>
> gpg: no va
Aloha,
Oecher Keysigning Party III
Do 15.12.2011, 18:30 Uhr s.t.
Aachen, Elisenbrunnen (linker Flügel)
http://mareichelt.com/okp3/
pgpblGwdhal7M.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/
Hi folks,
just a quick heads-up for those planning to visit Berlin within the
2nd week of June:
Linuxtag 2010, June 09-12,
http://www.linuxtag.org/2010/
Mini Debian Conference 2010, June 10-11,
http://wiki.debconf.org/wiki/Miniconf-LT-Berlin/2010
25th Chemspec Europe, June 09-10,
http://www.che
* Alex Mauer wrote:
> > Nope. More to the point, think about people having both private UID
> > and business UID on the same key - the way you describe it could mix
> > things up badly.
>
> How so? There's no connection between UIDs and keys
Exactly, and you are not getting my point.
--
* Joke de Buhr wrote:
> I'm not quiet sure but shouldn't gnupg encrypt to both (all
> not-revoked) encryption keys in this case? This way the user could
> decrypt the encrypted message (email) regardless what encryption
> keys secrets are available at the current location.
Nope. More to the poin
* Faramir wrote:
> markus reichelt escribió:
> > * Mohan Radhakrishnan wrote:
> >
> >> What is the experience of this forum with split keys and storage
> >> ?
> >
> > Great success.
>
> By the way, I suppose the idea behind spli
* Mohan Radhakrishnan wrote:
> What is the experience of this forum with split keys and storage ?
Great success.
--
left blank, right bald
pgp8JRUD4AfZK.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.
* Alexander Murauer wrote:
> is there any plan to get ecc in mainstream gnupg? most stuff i
> found about gnupg and ecc is outdated. does somebody know something
> about this?
search the archives of the devel mailinglist. ecdsa. don't expect any
real info, tho.
> i own a OpenPGP Smartcard v2.
Hi,
for those interested in keysigning there are two upcoming events:
PGP/GPG/CA Keysigning events on Sunday Feb 7th at FOSDEM in Brussels
http://fosdem.org/2010/keysigning
Deadline for key submission: Monday, Feb 1st 2010 (hurry up!)
PGP/GPG Keysigning event on Saturday March 13th at Chemnitz L
* "Ciprian Dorin, Craciun" wrote:
> Thank you for the quick reply. (This is the kind of answer I was
> hopping to get. :) ) It seems that `s2k-count` escaped me. :)
>
> Maybe there should be an entry in the FAQ about this topic.
Well, other projects make good use of that option, f.e. lo
* David Shaw wrote:
> If you mean the signature verification level, then it is visible in
> the --list-sigs output - 3 for "positive" verification, 2 for
> "casual" verification, and 1 for "persona" (aka didn't check)
> verification. If none of these numbers appear, it's a "generic"
> verificati
* markus reichelt wrote:
> gpg: key generation failed: Card error
> Key generation failed: Card error
>
> That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12,
> libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5.
Okay, after much cursing omnikey I finally was success
Hi,
I cannot create keys on my shiny new v2 smartcard. Personalizing the
card works just fine, as does changing PINs.
But when I want to generate new keys I always get this error message
(after gpg asked about how long the key shall be valid):
gpg: key generation failed: Card error
* Mario Castelán Castro wrote:
> I need GNU PG 2 because i want to get out of the 1024 bits limit
> and SHA forced for DSA, i want my next key (2010-2012) to be more
> secure and accept some SHA2.
You don't need gpg2 for that.
--
left blank, right bald
pgpdWVrO5XZaK.pgp
Description: PGP sign
* "Robert J. Hansen" wrote:
> >(am not overly worried, still use IDEA when encrypting for diehard
> >pgp2.x e-mailers, and that has 5 of 8 rounds broken ;-) ))
>
> 6.
7 - raise? fold?
--
left blank, right bald
pgpFiYo0Yf06I.pgp
Description: PGP signature
Hi,
for those interested, there's going to be a keysigning party at
FrOSCon 2009 in Sankt Augustin on August 22nd, 12:30h:
http://ksp.froscon.org/
Deadline for key submission is Thursday, August 20th 2009.
More info about the conference is online at http://www.froscon.org/
--
left blank, righ
* Jean-David Beyer wrote:
> Too bad I would lose all the signatures on it, but since it would
> be no good, there would be no sense in transferring the signatures
> to my new key, even if that were possible (and I hope it is not).
For obvious reasons it isn't possible indeed.
--
left blank, ri
* Kevin Hilton wrote:
> Maybe this question is much too premature
It is, in my book.
--
left blank, right bald
pgpfrBedlIQUG.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/g
Hi,
for those interested, there's going to be again a keysigning party at
Linuxtag 2009 in Berlin (June 26th):
http://wiki.linuxtag.org/w/Keysigning_2009
Deadline for key submission is Sunday, June 21st, 23:59
(Sorry for the late announcement, last year's keysigning was
announced 6 weeks befo
* markus reichelt wrote:
> PGP/GPG Keysigning event on Saturday March 14th 18:00h at Chemnitz
> Linux Days in ... Chemnitz.
>
> Deadline for key submission: *Monday March 9th*
This is just a friendly (and last) reminder that you can still
participate, just honour the deadline. M
* don rhummy wrote:
> What does GPG have to recover my data if i forgot my password?
Your last chance is a tool like nasty, check it before you do
anything stupid in a rush @ http://www.vanheusden.com/nasty/
--
left blank, right bald
pgpVu3j3MHs5j.pgp
Description: PGP signature
_
* Sven Radde wrote:
> > Then they would need brute force against key AND password or they
> > know about weaknesses in algorithms which nobody else knows.
>
> Let me clarify this a bit:
>
> Whoever wants to break your key needs to do "only" one of the following:
> 1) Retrieve your public key
* markus reichelt wrote:
> PGP/GPG/CA Keysigning events on Sunday Feb 8th at FOSDEM in
> Brussels The exact time is yet to be announced, more info (in
> English) at http://fosdem.org/2009/keysigning
>
> Deadline for key submission: Thursday Jan 29th, 8:00 PM CEST
This is just
* "Robert J. Hansen" wrote:
> When Freon catches fire it decomposes into phosgene, a nerve gas,
> which makes it kind of hard to fight the fire. In the book, a fire
> ravages the datacenter and yet somehow people in it aren't dead
> from phosgene exposure.
Phosgene is not a nerve gas, it is "ju
Hi,
for those interested in keysigning there are two upcoming events:
PGP/GPG/CA Keysigning events on Sunday Feb 8th at FOSDEM in Brussels
The exact time is yet to be announced, more info (in English) at
http://fosdem.org/2009/keysigning
Deadline for key submission: Thursday Jan 29th, 8:00 PM CE
* Hideki Saito <[EMAIL PROTECTED]> wrote:
> I did look for one, but no...
you could give it your best shot :)
--
left blank, right bald
pgpwNozmNvuP2.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnup
* Faramir <[EMAIL PROTECTED]> wrote:
> Begin of "spoiler blank lines"
> [...]
> End of "spoiler blank lines"
niiice, I bet he didn't catch that one!
--
left blank, right bald
pgptXuX9KPvBR.pgp
Description: PGP signature
___
Gnupg-users mailing list
* Chris Walters <[EMAIL PROTECTED]> wrote:
> I would sooner use 30 M hydrochloric acid than sulfuric acid
30M? I guess not. Industrial grade conc. hydrochloric acid is about
12M max
--
left blank, right bald
pgpSvlVNH7WX4.pgp
Description: PGP signature
__
Hi,
for those interested, there's going to be again a keysigning party at
FROSCON 2008 in Bonn-Rhein-Sieg (August 23rd):
http://ksp.froscon.org/
--
left blank, right bald
pgpvVe1LZ4gS3.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gn
* Faramir <[EMAIL PROTECTED]> wrote:
> >So, here is the question: Can that public key cause problems,
> > if I associate another key with the same email account?
> I have good news (good for me at least): I checked the gpg
> installed in my USB flash memory, and I found the private key (or
Hi,
for those interested, there's going to be again a keysigning party at
Linuxtag 2008 in Berlin (May 30th):
http://wiki.linuxtag.net/w/Keysigning_2008
--
left blank, right bald
pgprFLK2anXpA.pgp
Description: PGP signature
___
Gnupg-users mailing
* Thomas Sowa <[EMAIL PROTECTED]> wrote:
> - i definitely can't find the passphrase
Have a look at http://vanheusden.com/nasty/
HTH
--
left blank, right bald
pgpvNLbhhsNSQ.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnup
Hi,
this is just a reminder that there's a key signing party at FOSDEM
this year again. I am a bit late to post this note (due to carneval
season), submissions are already closed by now, but it's possible to
exchange key fingerprints according to the usual scheme (with me ;-)
FOSDEM takes place i
* Rizwan Khan <[EMAIL PROTECTED]> wrote:
> I need a C/C++ program that should be able to enable password on
> any readable text file, and when user try to open that file it
> should first ask for password and then will open that file. I will
> appreciate, if some one can give me this kind of progr
* markus reichelt <[EMAIL PROTECTED]> wrote:
> Essentially you're saying: no backup of a private key generated
> on/via a smartcard cannot be exported. Because if it could be
> exported, importing the key(s) in question just works.
Sorry, that was heat-induced and shall read
* [EMAIL PROTECTED] wrote:
> If you want to have the same private key on several physical cards,
> your only option is off-card generation, with import of the key
> afterwards.
I'm not a smartcard user (somehow the concept hasn't been able to
convince me ... yet), but what you write really sounds
* Laurent Jumet <[EMAIL PROTECTED]> wrote:
> > Many mail clients will assume that any GPG message is encrypted and
> > prompt for a passphrase prior to invoking GPG.
>
> Are you sure?
> Security wouldn't be compromised if passphrase is given to anything else
> then gpg?
F.e. mutt itself
* Paul Surgeon <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED]: gpg bigfile.pgp
> gpg: fatal: zlib inflate problem: invalid block type
> secmem usage: 1920/3872 bytes
Have you tried redirection?
gpg < bigfile.pgp > bigfile
Using redirection is the correct way of handling large files
regarding b
* [EMAIL PROTECTED] wrote:
> Does anyone know of a perl script or some other utility that could
> bruteforce the rest of it? I'd rather not have to revoke this key.
Have a look at http://www.vanheusden.com/nasty/
--
left blank, right bald
pgp0zxmmzKivj.pgp
Description: PGP signature
* [EMAIL PROTECTED] wrote:
> just thought it would be much quicker and more convenient if the
> same were possible from the command line ...
I agree.
--
left blank, right bald
pgpmx3dkiLv1V.pgp
Description: PGP signature
___
Gnupg-users mailing list
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> David Shaw wrote:
>
> >There should be no special steps to take. Aside from the obvious
> >steps of making a backup and testing that your environment still
> >does what you want it to do, you can just install 1.4.3 on top of
> >1.2.1.
>
> The OP doesn
* [EMAIL PROTECTED] wrote:
> We are beginning the process to upgrade our gnuPG installation from
> 1.2.1 to 1.4.4. I have looked on the website, but have not found
> directions on how to do this upgrade. Can someone please provide
> me that information, or a link to the site containing that
> in
po/de.po:msgstr "%d marignal-needed, %d complete-needed, %s
Trust-Modell\n"
I guess it should be "marginal-needed"
--
left blank, right bald
pgp4VMW60jAhI.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.
* Werner Koch <[EMAIL PROTECTED]> wrote:
> This is just a short note, that I will attend the LinuxTag and be
> available for key signing.
will you attend the key signing party too?
--
left blank, right bald
pgpWSS3IbSfnK.pgp
Description: PGP signature
_
* "John W. Moore III" <[EMAIL PROTECTED]> wrote:
> Also, Post your Revoke Cert to Groups/List so that others may
> Import quickly!
first time that i stumble upon this kind of advice; it depends, i'd
say. if the majority of that list is in fact using digital signatures
and/or only encrypted messag
* Thomas Widhalm <[EMAIL PROTECTED]> wrote:
> We are looking for cross- signatures with other CAs, too. So please
> contact us, if you want to change signatures.
Sorry for hijacking, but I guess the easiest way of obtaining those
soon is to attend the upcoming Linuxtage in Wiesbaden, Germany, sin
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote:
>
> >> What makes you think the NSA doesn't want to decrypt US government
> >> traffic?
>
> > I don't care what the NSA wants.
>
> I meant to say that, as others also poin
* Werner Koch <[EMAIL PROTECTED]> wrote:
> On Fri, 04 Nov 2005 19:32:07 +0100, markus reichelt said:
>
> > I put the speculations aside and stick with the fact that the NSA
> > recommends ECC for government use. That's enough for _me_.
>
> There is a rationale
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote:
>
> >I put the speculations aside and stick with the fact that the NSA
> >recommends ECC for government use. That's enough for _me_.
>
> What makes you think the NSA doesn't want to de
* Jean-David Beyer <[EMAIL PROTECTED]> wrote:
> > I put the speculations aside and stick with the fact that the NSA
> > recommends ECC for government use. That's enough for _me_.
> >
> I guess it depends on how your paranoia works, and about whom you
> choose to be paranoid. Does the NSA recomme
* Jean-David Beyer <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote (in part):
>
> > Mainly, because I think that the guys with the small ... glasses
> > ;-) at NSA can break public key crypto quite easily,
>
> Could you give a basis for this assertion?
Well..
* "John W. Moore III" <[EMAIL PROTECTED]> wrote:
> Perhaps he believes TRANSLTR actually exists.
Perhaps he does not even know what TRANSLTR is, exactly. But he does
know about A.
--
left blank, right bald
pgp6Oio1k78rp.pgp
Description: PGP signature
__
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >>>do you know of an application that uses this lib?
> >>>
> >>No I don't but that shouldn't be a reason to forget about it,...
> >>
> >Now why is that? I didn't imply anythi
* Dirk Traulsen <[EMAIL PROTECTED]> wrote:
> So, fortunately in 1.4.3, there will be a 'clean', which does exactly
> what 'clean total' should have done.
Great news, I'm looking forward to it.
--
left blank, right bald
pgpmUqWFaKtPm.pgp
Description: PGP signature
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >>What about using that uhm,.. libecc
> >>(http://libecc.sourceforge.net/)?
> >>
> >do you know of an application that uses this lib?
> No I don't but that shouldn't be a reason to forget about it,...
Now why is that? I didn't imply anyth
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >No, we will however add some ECC support into Libgcrypt as time
> >permits.
> >
> What about using that uhm,.. libecc
> (http://libecc.sourceforge.net/)?
do you know of an application that uses this lib? it seems to be on
hold. mailinglist
* Dirk Traulsen <[EMAIL PROTECTED]> wrote:
> I obviously think this to be a good thing to have, but I'm a little
> discouraged by the nearly total lack of interest of the list. I
> would really appreciate a discussion of the proposed feature and
> change of the man-page. Please write if you think
* [EMAIL PROTECTED] wrote:
> On Sat, Oct 22, 2005 at 07:31:54PM +0100, Neil Williams wrote:
> >
> > That is exactly my point, NOBODY should rely on ANY of that information to
> > identify a key. The only identifier for a key is the fingerprint. You MUST
> > verify the fingerprint with the perso
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> The use of prng generated data to seed another prng function is
> utilized to compute data that is inherently random from the
> previous generation.
That is not my point, tho this might be the case. :)
If this generated data is used once, it's ok. If n
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> >on a sidenote, using /dev/urandom is a bad idea. f.e. the standard
> >slackware install and other distros as well have the following code
> >(or something similar) in /etc/rc.d/rc.S:
> >
> The above statement, although worthwhile, is not well founded.
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> John W. Moore III wrote:
> >Running Knoppix from the CD I encrypted the Linux partition and
> >it's virtually invisible. (unless one knows my HD size)
> What do you mean by this statement? Are you referring to the
> /randomization of the partition by use
68 matches
Mail list logo
