During our current annual PCI DSS audit, our auditor complains that a human
being can access the company's private key and, thus, a human being can
decrypt sales files containing credit card information.
All production processes are fully automated and run as non-privileged user.
We use GPG encry
During our current annual PCI DSS audit, our auditor complains that a human
being can access the company's private key and, thus, a human being can
decrypt sales files containing credit card information.
All production processes are fully automated and run as non-privileged user.
We use GPG encry
oever is logging into the system to access the
>key
>
> You just have to trust your employees at some point. None of this
> mitigates a rogue insider with access to the keys.
>
> -Farhan
>
>
> On Wed, Nov 9, 2016 at 11:16 AM, Mike Schleif
> wrote:
>
>> D
GPG version trying to import: gpg (GnuPG) 2.0.14
Header from shared armored public key: Version: Encryption Desktop 10.3.0
(Build 8741)
GPG error on import:
# gpg --import /tmp/imps.asc
gpg: key 845F5188: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number
My company uses several keys for signing files encrypted with one of many
recipient public keys.
Once in awhile, we get pushback from a recipient that they cannot decrypt
our file, and sometimes they claim it is because the encrypted file is
signed.
Yesterday, I took the same file, encrypted it a
On trying to decrypt a file, we get the subject error on failure.
What does this mean?
How ought we deal with this?
Please, advise. Thank you.
~ Mike
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-use
$ gpg --version
gpg (GnuPG) 2.0.22
libgcrypt 1.5.3
$ cat /etc/system-release
CentOS Linux release 7.9.2009 (Core)
On Sat, Apr 15, 2023 at 1:36 PM Bruce Walzer wrote:
> On Sat, Apr 15, 2023 at 11:17:31AM -0500, Mike Schleif wrote:
> > On trying to decrypt a file, we get the subject
pg.org> wrote:
> Mike Schleif wrote:
> > $ gpg --version
> > gpg (GnuPG) 2.0.22
> > libgcrypt 1.5.3
> >
> > $ cat /etc/system-release
> > CentOS Linux release 7.9.2009 (Core)
>
> Algorithm 18 is ECDH, which is not supported by gpg on
> CentOS 7.
What do we need to know about using our existing keyring, and copious CLIs,
that we use to encrypt, decrypt and administer our legacy GPG?
As previously posted, we are on Centos 7.9.2009, which only supports GPG
v2.0.x.
Until we upgrade Centos later this year, I've been reviewing suggestions on
h
e are loathe to do.
We do not want every key at level ultimate, and we do not want to manually
edit hundreds of keys to change each trust level.
What are we missing?
Please, advise. Thank you.
~ Mike
On Wed, Oct 9, 2024 at 11:30 AM Werner Koch wrote:
> On Tue, 8 Oct 2024 13:09, Mike Schl
02
> gpg: key occurs more than once in the trustdb
> /root/.gnupg/pubring.gpg
>
> sec dsa1024 2002-04-01 [SCA]
> 8C71B38C3A071ABCD831D4655257EBE831A070A8
> uid [ultimate] public...@provell.com
> ssb elg1024
, Oct 10, 2024 at 2:34 AM Werner Koch wrote:
> On Wed, 9 Oct 2024 13:55, Mike Schleif said:
>
> > We do not want every key at level ultimate, and we do not want to
> manually
> > edit hundreds of keys to change each trust level.
>
> There is a an easier way:
&g
to transition yesterday ...
~ Mike
On Tue, Oct 8, 2024 at 11:18 AM Werner Koch wrote:
> On Fri, 4 Oct 2024 12:45, Mike Schleif said:
>
> > gpg (GnuPG) 2.3.3
>
> > BEFORE taking your actions:
> >
> > -rw-r--r--. 1 root root 0 Oct 3 10:45 .gpg-v21-migrated
:31 CDT 2024
Please, advise. Thank you.
~ Mike
On Thu, Oct 3, 2024 at 11:19 AM Mike Schleif wrote:
> Finally, we are moving from CentOS Linux release 7.9.2009 (Core) _to_
> AlmaLinux release 9.4 (Seafoam Ocelot).
>
> I copied .gnupg/ to the new host. Problems unsued ...
>
> [ROOT
lom-Salam,
>
>Werner
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
>
--
If ever I can be of service to you; contact me at once.
I wish for you a truly extraordinary day ...
--
Best Regards,
Mike
t 4, 2024 at 10:14 AM Werner Koch wrote:
> On Fri, 4 Oct 2024 07:41, Mike Schleif said:
>
> > Also, how ought I cleanup these old, unused keys?
>
> $ gpg --export --export-options backup > exported.gpg
> $ echo use-keyboxd ~/.gnupg/common.conf
> $ gpgconf -K all
As my subject states, we are using v2.3.3 - and your suggestion does not
cleanup our keyring, continuing to spew these errors.
Please, advise. Thank you.
~ Mike
On Fri, Oct 4, 2024 at 10:14 AM Werner Koch wrote:
> On Fri, 4 Oct 2024 07:41, Mike Schleif said:
>
> > Also, how oug
Finally, we are moving from CentOS Linux release 7.9.2009 (Core) _to_
AlmaLinux release 9.4 (Seafoam Ocelot).
I copied .gnupg/ to the new host. Problems unsued ...
[ROOT@russell ~/tmP ] # date; /bin/gpg -K ;date
Thu Oct 3 11:13:52 CDT 2024
gpg: DBG: Oops: keyid_from_fingerprint: no pubkey; fpr:
18 matches
Mail list logo
