From mercuryrising11 at gmail.com Fri May 1 08:47:42 2015 From: mercuryrising11 at gmail.com (Mercury Rising) Date: Thu, 30 Apr 2015 23:47:42 -0700 Subject: Is Open PGP or GnuPG or GPG possible on a Mac? Message-ID: I will take the answer on the list and at mercuryrising11 at gmail.com. I Up graded to Mavericks on the Mac. I am looking for a whole package of open source PGP-like programs that will let me encrypt to other keys and manage other keys and my own. It is for private corrispondence. I was sending messages from my iPhone to the list but don't see them posted. Perhaps directly form my Mac will help this time. Elwin near San Francisco -------------- next part -------------- An HTML attachment was scrubbed... URL: From martin-gnupg-users at dkyb.de Fri May 1 09:17:47 2015 From: martin-gnupg-users at dkyb.de (Martin Behrendt) Date: Fri, 01 May 2015 09:17:47 +0200 Subject: Is Open PGP or GnuPG or GPG possible on a Mac? In-Reply-To: References: Message-ID: <5543289B.9030901@dkyb.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It should be possible but it might require high technical skills in the operation of a search engine of your choice. Lets try your topic: https://startpage.com/do/search?q=Is+Open+PGP+or+GnuPG+or+GPG+possible+on+a+Mac Looks like some usable answers turn up. But lets try something shorter and more specific: https://startpage.com/do/search?q=gnupg+on+mac Looks also good. Maybe we can see if people asked about this on the mailing list before? Lets try: https://www.google.de/search?&q=gnupg%20on%20mac%20site%3Agnupg.org&ie=iso-8859-1&q=mac+installer++site:lists.gnupg.org%2Fpipermail%2Fgnupg-users%2F2014 Looks also interesting for 2014. Maybe there will also be some results for 2015? Hope that gets you somewhere. Greetings Martin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlVDKJYACgkQ/6vdZgk46siVKQCfQy5CoANLrJiK5dSpoS75DG9X 5FcAnROfi88h0UYDQ0L4ZMYWSLYiWe5N =O6Pn -----END PGP SIGNATURE----- From transparentdata243 at gmail.com Fri May 1 08:37:03 2015 From: transparentdata243 at gmail.com (Danny Crane) Date: Thu, 30 Apr 2015 23:37:03 -0700 Subject: How to get my GNUPG Elgamal private key exponent? Message-ID: Hi, I have tried googling around. The closest solution I get is: private.key contains the private key file. $pgpdump -i private.key But this only gives me the following: ElGamal p ElGamal g ElGamal y Encrypted Elgamal x some other information of crypto It shows the value for p,g,y, but not x. How can I find out the value of x? -------------- next part -------------- An HTML attachment was scrubbed... URL: From samir at samirnassar.com Fri May 1 09:50:18 2015 From: samir at samirnassar.com (Samir Nassar) Date: Fri, 01 May 2015 09:50:18 +0200 Subject: Is Open PGP or GnuPG or GPG possible on a Mac? In-Reply-To: References: Message-ID: <3200919.eapcMDYOIV@lathe> On Thursday 30 April 2015 23:47:42 Mercury Rising wrote: > I will take the answer on the list and at mercuryrising11 at gmail.com. I Up > graded to Mavericks on the Mac. I am looking for a whole package of open > source PGP-like programs that will let me encrypt to other keys and manage > other keys and my own. It is for private corrispondence. I was sending > messages from my iPhone to the list but don't see them posted. Perhaps > directly form my Mac will help this time. Yes, it is possible to use OpenPGP with GnuPG on OS X: https://ssd.eff.org/en/module/how-use-pgp-mac-os-x The best (most stable, best supported, easiest overall) results tend to involve: GPG Suite: https://gpgtools.org/ Mozilla Thunderbird: https://www.mozilla.org/en-US/thunderbird/ Enigmail: https://www.enigmail.net/home/index.php Keep in mind that the parties you want to communicate with also have to understand how to handle OpenPGP. If it matters to you to be more secure in communication, I would strongly suggest making sure your computer is using full disk encryption. In the case of OS X on a Mac, this means enabling FileVault. Samir -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: This is a digitally signed message part. URL: From dkg at fifthhorseman.net Fri May 1 15:57:27 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 01 May 2015 09:57:27 -0400 Subject: How to get my GNUPG Elgamal private key exponent? In-Reply-To: References: Message-ID: <87wq0s9z94.fsf@alice.fifthhorseman.net> On Fri 2015-05-01 02:37:03 -0400, Danny Crane wrote: > I have tried googling around. The closest solution I get is: > > private.key contains the private key file. > > $pgpdump -i private.key > > But this only gives me the following: > > ElGamal p > ElGamal g > ElGamal y > Encrypted Elgamal x > some other information of crypto > > It shows the value for p,g,y, but not x. How can I find out the value of x? pgpdump shows that x is encrypted. pgpdump isn't capable of decrypting it. If you remove the passphrase from your secret key, you should be able to produce a file that pgpdump can parse for you. however, note that this places your secret key material is a very exposed place -- anyone who gets that file can trivially compromise your key. Since el gamal keys are usually subkeys, you might try *only* exporting the subkey without a passphrase, so that at least you do not expose the secret key material for your primary key. Using gpg 1.4.x or 2.0.x, that should be possible with: gpg --export-options export-reset-subkey-passwd --export-secret-subkeys ${SUBKEYID}\! | pgpdump yes, that is a literal ! at the end. so if your subkey ID is 0x1234567890abcdef, then you would run: gpg --export-options export-reset-subkey-passwd --export-secret-subkeys 0x1234567890abcdef\! | pgpdump hth, --dkg From transparentdata243 at gmail.com Fri May 1 18:16:15 2015 From: transparentdata243 at gmail.com (Danny Crane) Date: Fri, 1 May 2015 09:16:15 -0700 Subject: How to get my GNUPG Elgamal private key exponent? In-Reply-To: <87wq0s9z94.fsf@alice.fifthhorseman.net> References: <87wq0s9z94.fsf@alice.fifthhorseman.net> Message-ID: Thank you. Really helps! On May 1, 2015 6:57 AM, "Daniel Kahn Gillmor" wrote: > On Fri 2015-05-01 02:37:03 -0400, Danny Crane wrote: > > > I have tried googling around. The closest solution I get is: > > > > private.key contains the private key file. > > > > $pgpdump -i private.key > > > > But this only gives me the following: > > > > ElGamal p > > ElGamal g > > ElGamal y > > Encrypted Elgamal x > > some other information of crypto > > > > It shows the value for p,g,y, but not x. How can I find out the value of > x? > > > pgpdump shows that x is encrypted. pgpdump isn't capable of decrypting > it. > > If you remove the passphrase from your secret key, you should be able to > produce a file that pgpdump can parse for you. > > however, note that this places your secret key material is a very > exposed place -- anyone who gets that file can trivially compromise your > key. > > Since el gamal keys are usually subkeys, you might try *only* exporting > the subkey without a passphrase, so that at least you do not expose the > secret key material for your primary key. > > Using gpg 1.4.x or 2.0.x, that should be possible with: > > > gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > ${SUBKEYID}\! | pgpdump > > yes, that is a literal ! at the end. so if your subkey ID is > 0x1234567890abcdef, then you would run: > > gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > 0x1234567890abcdef\! | pgpdump > > hth, > > --dkg > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkg at fifthhorseman.net Sat May 2 04:36:47 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 01 May 2015 22:36:47 -0400 Subject: Multiple Smartcards - Signing In-Reply-To: <5542A368.1030104@monaco.cx> References: <5542A368.1030104@monaco.cx> Message-ID: <87vbgb7lj4.fsf@alice.fifthhorseman.net> On Thu 2015-04-30 17:49:28 -0400, Matthew Monaco wrote: > Why isn't gpg smarter about selecting only from the /available/ keys > at the time of signing? BTW, I'm using 2.1.3 I think this is the crux of your issue. It sounds like a bug to me. I've opened a bug report about it: https://bugs.gnupg.org/gnupg/issue1967 hth, --dkg From rjh at sixdemonbag.org Sat May 2 07:54:48 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 02 May 2015 01:54:48 -0400 Subject: excessive usage of /dev/random? In-Reply-To: <87h9rv94ib.fsf@alice.fifthhorseman.net> References: <87h9rv94ib.fsf@alice.fifthhorseman.net> Message-ID: <554466A8.3040505@sixdemonbag.org> > One assertion (from Robert J. Hansen) implies that a "high school > math overview of large number theory" suggests that it may well be > reasonable to require 2400 bits of entropy to generate a 2048-bit RSA > key. And unreasonable, too. I specifically said that I couldn't use it to argue one side or another, but rather it illuminated the uncertainty of both sides. A capsule summary is below. > The other assertion (From Peter Gutmann) says that it's not > necessary (with a sarcastic allusion to "numerology")... I concur with Peter's assessment that it's numerology. :) > 1) key generation routines for these problems need an unpredictable > source of entropy with which to search the space of possible values > to produce a proper secret key. A 2048-bit number as used in RSA has ~2028 shannons of uncertainty (due to not every number being prime). To sort through 2028 shannons of uncertainty using the general number field sieve requires approximately 2^112 work. (*Approximately*.) So I see an enormous disconnect between the uncertainty of the prime and the work factor that goes into breaking the key. We talk about how a key has so many shannons of entropy, but the reality is different: it has so much equivalent work factor. If we reduce the uncertainty of the prime to a "mere" 112 shannons, will that affect the work factor for the GNFS? I don't know, and I don't trust my sense of large number theory enough to even have a good guess. From matt at monaco.cx Sat May 2 18:29:45 2015 From: matt at monaco.cx (Matthew Monaco) Date: Sat, 02 May 2015 10:29:45 -0600 Subject: Multiple Smartcards - Signing In-Reply-To: <87vbgb7lj4.fsf@alice.fifthhorseman.net> References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> Message-ID: <5544FB79.604@monaco.cx> On 05/01/2015 08:36 PM, Daniel Kahn Gillmor wrote: > On Thu 2015-04-30 17:49:28 -0400, Matthew Monaco wrote: >> Why isn't gpg smarter about selecting only from the /available/ keys >> at the time of signing? BTW, I'm using 2.1.3 > > I think this is the crux of your issue. It sounds like a bug to me. > > I've opened a bug report about it: > > https://bugs.gnupg.org/gnupg/issue1967 > > hth, > > --dkg > Ah, thanks! I ended up moving forward with separate signing keys on each smartcard, filtering gpg.conf from rsync, and adding -u !. Conversely, I am using the same auth key on both smartcards. For me, managing multiple SSH keys is more trouble then it's worth. Most notably, OpenStack will only seed one key to a new instance and I don't want to deal with having to keep track of which smartcard I'm using. So this would be related, but maybe I'll file a second bug report to request that the shadow copy of a key is automatically updated if its seen on a new smartcard. This doesn't appear to be the case, however I may have broken it by getting fancy: I moved my .key files to -CAPS-8charkeyid-comment (e.g. rsa2048-E-DDEC74FE-revoked) and then symlinked .key. This is because sometimes I lose track of fingerprint <-> keygrip. It would be nice if --list-packets .key or some such listed info about the key... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From diafygi at gmail.com Sun May 3 01:02:46 2015 From: diafygi at gmail.com (Daniel Roesler) Date: Sat, 2 May 2015 16:02:46 -0700 Subject: --with-sig-check silently ignored when used with --import and --recv-keys Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Howdy all, I've been playing around with key signatures and ran across an interesting situation. For some reason, --with-sig-check is silently ignored when used with - --import and --recv-keys. Is this something I should file a bug on? ==Summary== I have setup a public key for Alice that has one valid signature from Bob and one invalid signature from Mallory. http://p80.pool.sks-keyservers.net/pks/lookup?op=vindex&search=0xA5452207 When you import Alice's public key via gpg --import or --recv-keys, GnuPG does not verify the signatures on Alice's public key, even if I have Bob and/or Mallory's public keys already in my keyring. ==Steps To Reproduce== 1. Request Bob and Mallory's public keys from the keyserver. > $ gpg2 --recv-keys --with-sig-check 65B57FDF B8062D4C > gpg: requesting key 65B57FDF from hkp server keys.gnupg.net > gpg: requesting key B8062D4C from hkp server keys.gnupg.net > gpg: key 65B57FDF: public key "Bob User (Good Signature) " imported > gpg: key B8062D4C: public key "Mallory User (Bad Signature) " imported > gpg: Total number processed: 2 > gpg: imported: 2 (RSA: 2) 2. Request Alice's public keys from the keyserver. > $ gpg2 --recv-keys --with-sig-check A5452207 > gpg: requesting key A5452207 from hkp server keys.gnupg.net > gpg: key A5452207: public key "Alice User (Signature Test) " imported > gpg: no ultimately trusted keys found > gpg: Total number processed: 1 > gpg: imported: 1 (RSA: 1) 3. Checking signatures shows that Mallory's signature is bad. > $ gpg2 --check-sigs > /home/user/testring/pubring.gpg > ------------------------------------------ > pub 2048R/65B57FDF 2015-04-01 > uid Bob User (Good Signature) > sig!3 65B57FDF 2015-04-01 Bob User (Good Signature) > sub 2048R/83518D34 2015-04-01 > sig! 65B57FDF 2015-04-01 Bob User (Good Signature) > > pub 2048R/B8062D4C 2015-04-01 > uid Mallory User (Bad Signature) > sig!3 B8062D4C 2015-04-01 Mallory User (Bad Signature) > sub 2048R/FDE6C57B 2015-04-01 > sig! B8062D4C 2015-04-01 Mallory User (Bad Signature) > > pub 2048R/A5452207 2015-04-01 > uid Alice User (Signature Test) > sig!3 A5452207 2015-04-01 Alice User (Signature Test) > sig! 65B57FDF 2015-04-01 Bob User (Good Signature) > sig- B8062D4C 2015-04-01 Mallory User (Bad Signature) > sub 2048R/0BE64ECE 2015-04-01 > sig! A5452207 2015-04-01 Alice User (Signature Test) > > 1 bad signature ==What Should Happen== When importing public keys, --with-sig-check should not get silently ignored when added to --import or --recv-keys. Alternatively, the --with-sig-check flag should throw an error if included with --import or --recv-keys since silently ignoring it might make a user assume that all signatures were valid. Thanks! Daniel Roesler -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVRVcQAAoJEOf2+tFy7+494jMP/RPTkAj94Q4ZCkyWvbMmcKqs 2y18GOhY1ETwTIlYPNY6ley8LhOpGZS7DmQ+vczpMf9PCCoTkBvUCdorwbSo1B2c N2t71jn65/wAQAYSGirTYCqqFALf9EZVk70RcjOIHc7jxr0sp3kUllCKBtNuRYWj i2+JOVV8+/qWkByxEkCTSY0N7w83IivRqRdVsfsm4kaDI7cQJ8l/ETPtS3nzSJcQ s1RRtvwEw/yOnBvHZ1Q1WnQAR9P2edafzR4Wx/UTgtJqj1pRaE4f6ceiW5eGtX6N UQoBoFQ0+iMVvtNGX6eE/1bvp8uifnIWKfQOacUHO/eq2AdH2pkBgKe5yl0vL4dN wEbjTm046c2SQf6e57EfwNAX2dVjDsLUFOnLdYxAE0wUX40MlbYI+5we1LATAfoV CruDl2BWUKUM7QgT9Aiv6GSh2q+btVhljX13wVuhPMeXr+xorMq4R5XPdzimdnyH CSkIsonf21I9AbESOvG5nH7hbeRgAHn5sE9Zvj/+AsFpjV/5cAWyA6/R+vk9d6/J rUpap0MxtK79ZP35U1w57pbESMniE+owEDlTUd/Jjy3rbcdvmAUVJPdFJDqJmo7k q5MjfsgPeedLBC1bXklR30jyQyoOAerbiCWnpW6390AJDF+oRyJ2+r+dhTSJBm26 3WLQkeeHKZnSpbwrMDDs =6tWl -----END PGP SIGNATURE----- From mercuryrising11 at gmail.com Sun May 3 06:27:39 2015 From: mercuryrising11 at gmail.com (Mercury Rising) Date: Sat, 2 May 2015 21:27:39 -0700 Subject: Is Open PGP or GnuPG or GPG possible on a Mac? In-Reply-To: <5543289B.9030901@dkyb.de> References: <5543289B.9030901@dkyb.de> Message-ID: Wow, thank you for your search engine skills and all this great information! I will put it to use on getting GPG/GnuPG stuff running on my Mac. I'm trying to start a code, cipher, invisible ink/steganography club for kids, adults can be in it too, but kids like the mystical powers of a secret cipher "code" that's not too hard, to write to a friend with. I found that siblings and cousins do this more often than not. I think kids grow out of it maybe, and there were periods where it waned for years but I always came back to them for fun. A phyc thought I had Obsesive Compulsive Disorder (OCD), but in the 2000's I found it was Asperger's but I don't mind being an Auspie. My sister has it too. Lots of nephews with it too. If I could find an Auspie club maybe I could recruit there, lol. :-)) Elwin On Friday, May 1, 2015, Martin Behrendt wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > It should be possible but it might require high technical skills in > the operation of a search engine of your choice. > > Lets try your topic: > > > https://startpage.com/do/search?q=Is+Open+PGP+or+GnuPG+or+GPG+possible+on+a+Mac > > Looks like some usable answers turn up. But lets try something shorter > and more specific: > > https://startpage.com/do/search?q=gnupg+on+mac > > Looks also good. Maybe we can see if people asked about this on the > mailing list before? Lets try: > > > https://www.google.de/search?&q=gnupg%20on%20mac%20site%3Agnupg.org&ie=iso-8859-1&q=mac+installer++site:lists.gnupg.org%2Fpipermail%2Fgnupg-users%2F2014 > > Looks also interesting for 2014. Maybe there will also be some results > for 2015? Hope that gets you somewhere. > > Greetings > Martin > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iEYEARECAAYFAlVDKJYACgkQ/6vdZgk46siVKQCfQy5CoANLrJiK5dSpoS75DG9X > 5FcAnROfi88h0UYDQ0L4ZMYWSLYiWe5N > =O6Pn > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mercuryrising11 at gmail.com Sun May 3 07:06:53 2015 From: mercuryrising11 at gmail.com (Mercury Rising) Date: Sat, 2 May 2015 22:06:53 -0700 Subject: Is Open PGP or GnuPG or GPG possible on a Mac? In-Reply-To: <3200919.eapcMDYOIV@lathe> References: <3200919.eapcMDYOIV@lathe> Message-ID: Your information is most valuable. I went over the EFF link and I'm a proud member off EFF. Why didn't I think to look there! Thank you, Thank you, Thank you for this link. I went to an EFF meetting in SF and some guy said he had a special database manipulation program and dasseled me with terms that were way above my pay grade or a bunch of dasseling bull. He acted so Smart and superior then walked out.I don't trust people like that. I tried to follow him to ask more questions but he disappeared. I had a systems manager from Google that told me PGP used weakened math to let someone with superior computing power like the NSA break it but offered no proof. Snowden said certain encryption can be broken in real time but Snowden Uses the over 4000 (4096?) keys all the time. I found some of his keys at the MIT key server. I used to use PGP in the 90's (2 or 3 point something's for my Mac IIsi, but platforms changed). I wrote a former Scientology leader from Sweeden once with it. We traded some interesting information about the ownership that was behind the scenes. I got into politics, met Some top politicians and was forced out because I was honest. As they say the scum rises to the top of the pond. The higher you go the dirtier it gets. Want to meet big criminals? Get into politics and you'll meet a few. I found some honest people mixed in there too, but their success at the top was short lived. Elwin On Friday, May 1, 2015, Samir Nassar wrote: > On Thursday 30 April 2015 23:47:42 Mercury Rising wrote: > > I will take the answer on the list and at mercuryrising11 at gmail.com > . I Up > > graded to Mavericks on the Mac. I am looking for a whole package of open > > source PGP-like programs that will let me encrypt to other keys and > manage > > other keys and my own. It is for private corrispondence. I was sending > > messages from my iPhone to the list but don't see them posted. Perhaps > > directly form my Mac will help this time. > > Yes, it is possible to use OpenPGP with GnuPG on OS X: > > https://ssd.eff.org/en/module/how-use-pgp-mac-os-x > > The best (most stable, best supported, easiest overall) results tend to > involve: > > GPG Suite: https://gpgtools.org/ > Mozilla Thunderbird: https://www.mozilla.org/en-US/thunderbird/ > Enigmail: https://www.enigmail.net/home/index.php > > Keep in mind that the parties you want to communicate with also have to > understand how to handle OpenPGP. > > If it matters to you to be more secure in communication, I would strongly > suggest making sure your computer is using full disk encryption. In the > case > of OS X on a Mac, this means enabling FileVault. > > Samir > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Sun May 3 11:02:59 2015 From: wk at gnupg.org (Werner Koch) Date: Sun, 03 May 2015 11:02:59 +0200 Subject: --with-sig-check silently ignored when used with --import and --recv-keys In-Reply-To: (Daniel Roesler's message of "Sat, 2 May 2015 16:02:46 -0700") References: Message-ID: <878ud62fuk.fsf@vigenere.g10code.de> On Sun, 3 May 2015 01:02, diafygi at gmail.com said: > I've been playing around with key signatures and ran across an interesting > situation. For some reason, --with-sig-check is silently ignored when used with > --import and --recv-keys. Is this something I should file a bug on? It has no function there. It is used as an option for --list-keys. Import simply imports the key and does only a few basic checks. It is in particular not useful to do a key signatures check during import because at the point you may not yet have imported the keys used to create the key signature. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From 2014-667rhzu3dc-lists-groups at riseup.net Sun May 3 12:35:37 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Sun, 3 May 2015 11:35:37 +0100 Subject: Multiple Smartcards - Signing In-Reply-To: <87vbgb7lj4.fsf@alice.fifthhorseman.net> References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> Message-ID: <1361995305.20150503113537@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Saturday 2 May 2015 at 3:36:47 AM, in , Daniel Kahn Gillmor wrote: > I think this is the crux of your issue. It sounds like > a bug to me. > I've opened a bug report about it: > https://bugs.gnupg.org/gnupg/issue1967 Do you think a notification should be displayed, something like "Signing subkey 0x01234567 not available. Creating signature using key 0x89abcdef instead"? - -- Best regards MFPA There is no snooze button for a cat that wants breakfast -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVRfn8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwbHEIAItqDXrCV+43jQJgAm1AKpCO NG8vXiz7pXnGMCGsaj13LCjx7lHL+BC6Xjm2Y2uRrnK9ZXWWQuwft6j2ZGX+lOi/ KcTBFIy6xRp5rZaXkzGRKb0kZkZJcIJ7r3AuNux/i041KIuYTgRgSGhdqvrSjlah giQwFYb4z57Y5RR2+O8E+q7J1IkLd5S0MU52kabCnHVbFyGfpvHNfjVAmMDwrWC2 Sj8q12R6nQYDihSMP+J4D+dJP31dF/X0ZjTdTarmqC+uCl4hvjaJsoGMbdDU0Kcd zYR/uLwyFXS1omflBCzoHes97RUw5UHandNZSoBQeatVGLRDHeWyvc0B19MLZtiI vgQBFgoAZgUCVUX6EV8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45NVmAQCap2W8TOjOgkQUnlW7LgxGlrpt /OFoJ1SAwb8bDfaswAEAmH4z+bfPonScJMhk/jFOp2D5eN7U68Rci+6y/bGU5Qk= =fFLm -----END PGP SIGNATURE----- From wk at gnupg.org Sun May 3 17:29:39 2015 From: wk at gnupg.org (Werner Koch) Date: Sun, 03 May 2015 17:29:39 +0200 Subject: Multiple Smartcards - Signing In-Reply-To: <5544FB79.604@monaco.cx> (Matthew Monaco's message of "Sat, 02 May 2015 10:29:45 -0600") References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <5544FB79.604@monaco.cx> Message-ID: <874mnt1xy4.fsf@vigenere.g10code.de> On Sat, 2 May 2015 18:29, matt at monaco.cx said: > smartcard. This doesn't appear to be the case, however I may have broken it by > getting fancy: I moved my .key files to -CAPS-8charkeyid-comment > (e.g. rsa2048-E-DDEC74FE-revoked) and then symlinked .key. Better don't do that. That may break on when changing the passphrase. > This is because sometimes I lose track of fingerprint <-> keygrip. It would be > nice if --list-packets .key or some such listed info about the key... At least for ssh keys this is easy: $ gpg-connect-agent 'keyinfo --ssh-fpr CFC82DE2AB8BD267A2C575F7553793ACE27AE54A' /bye S KEYINFO CFC82DE2AB8BD267A2C575F7553793ACE27AE54A D - - - P bd:50:eb:d0:8b:17:3d:78:36:44:e4:68:cc:8a:1f:1d - - OK OpenPGP fingerprints are not available because the original goal was to keep gpg-agent clear of protocol specific stuff. However, given that we already have ssh fingerprints (and OpenPGP import code), there is no valid excuse for not adding v4 OpenPGP fingerprints here or in gpg. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dkg at fifthhorseman.net Sun May 3 21:16:40 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sun, 03 May 2015 15:16:40 -0400 Subject: Multiple Smartcards - Signing In-Reply-To: <1361995305.20150503113537@my_localhost> References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <1361995305.20150503113537@my_localhost> Message-ID: <87vbg9v5d3.fsf@alice.fifthhorseman.net> On Sun 2015-05-03 06:35:37 -0400, MFPA wrote: > On Saturday 2 May 2015 at 3:36:47 AM, in , Daniel Kahn Gillmor wrote: > >> https://bugs.gnupg.org/gnupg/issue1967 > > Do you think a notification should be displayed, something like > "Signing subkey 0x01234567 not available. Creating signature using key > 0x89abcdef instead"? I don't have much of a preference. Such a message should probably appear if the user has asked for --debug-level basic at least, though. --dkg From matt at monaco.cx Sun May 3 21:21:48 2015 From: matt at monaco.cx (Matthew Monaco) Date: Sun, 03 May 2015 13:21:48 -0600 Subject: Multiple Smartcards - Signing In-Reply-To: <87vbg9v5d3.fsf@alice.fifthhorseman.net> References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <1361995305.20150503113537@my_localhost> <87vbg9v5d3.fsf@alice.fifthhorseman.net> Message-ID: <5546754C.5080501@monaco.cx> On 05/03/2015 01:16 PM, Daniel Kahn Gillmor wrote: > On Sun 2015-05-03 06:35:37 -0400, MFPA wrote: >> On Saturday 2 May 2015 at 3:36:47 AM, in , Daniel Kahn Gillmor wrote: >> >>> https://bugs.gnupg.org/gnupg/issue1967 >> >> Do you think a notification should be displayed, something like >> "Signing subkey 0x01234567 not available. Creating signature using key >> 0x89abcdef instead"? > > I don't have much of a preference. Such a message should probably > appear if the user has asked for --debug-level basic at least, though. > > --dkg > I agree with a debug message. But in general I don't think a notification is so important because the selection algorithm is arbitrary anyway. E.g., why not strongest rather than newest? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From matt at monaco.cx Sun May 3 21:29:17 2015 From: matt at monaco.cx (Matthew Monaco) Date: Sun, 03 May 2015 13:29:17 -0600 Subject: Multiple Smartcards - Signing In-Reply-To: <874mnt1xy4.fsf@vigenere.g10code.de> References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <5544FB79.604@monaco.cx> <874mnt1xy4.fsf@vigenere.g10code.de> Message-ID: <5546770D.9020501@monaco.cx> On 05/03/2015 09:29 AM, Werner Koch wrote: > On Sat, 2 May 2015 18:29, matt at monaco.cx said: > >> smartcard. This doesn't appear to be the case, however I may have broken it by >> getting fancy: I moved my .key files to -CAPS-8charkeyid-comment >> (e.g. rsa2048-E-DDEC74FE-revoked) and then symlinked .key. > > Better don't do that. That may break on when changing the passphrase. > Thanks, I'll keep my eye out for issues. All of my .key files are shadow copies for smartcards anyway so pw change is not an issue. What about updating show copies? It looks like when scdaemon starts, they're automatically created for new keys observed on the card. Is it a security risk to update the shadow copies (e.g., blindly overwrite) every time scdaemon starts? It's not as though I ever explicitly configured the keygrip -> card. Or, would it be a risk or otherwise problematic to have the shadow copy contain a list of cards? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Mon May 4 11:23:19 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 04 May 2015 11:23:19 +0200 Subject: Multiple Smartcards - Signing In-Reply-To: <5546770D.9020501@monaco.cx> (Matthew Monaco's message of "Sun, 03 May 2015 13:29:17 -0600") References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <5544FB79.604@monaco.cx> <874mnt1xy4.fsf@vigenere.g10code.de> <5546770D.9020501@monaco.cx> Message-ID: <87d22gzofs.fsf@vigenere.g10code.de> On Sun, 3 May 2015 21:29, matt at monaco.cx said: > What about updating show copies? It looks like when scdaemon starts, they're > automatically created for new keys observed on the card. Is it a security risk We might even have an open bug report about this. IIRC, gniibe proposed a solution. > Or, would it be a risk or otherwise problematic to have the shadow copy contain > a list of cards? It is a convenience thing anyway. With several serial numbers a Pinentry prompt Please insert card with S/N 12345 or 34567 or 567788 would not be very helpful. It should then better display Please insert the appropriate card. and a "*" instead of a list of serial numbers would be sufficient. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon May 4 11:28:03 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 04 May 2015 11:28:03 +0200 Subject: Multiple Smartcards - Signing In-Reply-To: <5546754C.5080501@monaco.cx> (Matthew Monaco's message of "Sun, 03 May 2015 13:21:48 -0600") References: <5542A368.1030104@monaco.cx> <87vbgb7lj4.fsf@alice.fifthhorseman.net> <1361995305.20150503113537@my_localhost> <87vbg9v5d3.fsf@alice.fifthhorseman.net> <5546754C.5080501@monaco.cx> Message-ID: <878ud4zo7w.fsf@vigenere.g10code.de> On Sun, 3 May 2015 21:21, matt at monaco.cx said: > I agree with a debug message. But in general I don't think a notification is so > important because the selection algorithm is arbitrary anyway. E.g., why not > strongest rather than newest? What does "stronger" mean: 2k RSA on-card stronger than 4k on-disk. 2 year old 2k stronger than 5 year old 4k? Using the newest key be default is the only non-surprising option. It is actually required to implement a key-rollover and was done for encryption subkeys in preparation for a forward secrecy feature as proposed by Ben Laurie and other in ~1999. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From diafygi at gmail.com Mon May 4 17:58:49 2015 From: diafygi at gmail.com (Daniel Roesler) Date: Mon, 4 May 2015 08:58:49 -0700 Subject: --with-sig-check silently ignored when used with --import and --recv-keys In-Reply-To: <878ud62fuk.fsf@vigenere.g10code.de> References: <878ud62fuk.fsf@vigenere.g10code.de> Message-ID: Gotcha. Would it be possible to throw an error when --with-sig-check is included with --import or --recv-keys? When silently ignored, it is very easy for a user to assume that the signature checks passed. Daniel On Sun, May 3, 2015 at 2:02 AM, Werner Koch wrote: > On Sun, 3 May 2015 01:02, diafygi at gmail.com said: > >> I've been playing around with key signatures and ran across an interesting >> situation. For some reason, --with-sig-check is silently ignored when used with >> --import and --recv-keys. Is this something I should file a bug on? > > It has no function there. It is used as an option for --list-keys. > Import simply imports the key and does only a few basic checks. It is > in particular not useful to do a key signatures check during import > because at the point you may not yet have imported the keys used to > create the key signature. > > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > From terje at elde.net Mon May 4 23:05:03 2015 From: terje at elde.net (terje at elde.net) Date: Mon, 04 May 2015 23:05:03 +0200 Subject: Incorrect general key info, for key on Yubikey NEO Message-ID: <4b04d6830d2997ece58722f68ccba1f8@elde.net> Hi list, I've got what seems to be a not too uncommon setup, with a primary key used only for certifying, then separate signature, encryption and authentication keys as subkeys. I wanted to make new ones, and have the subkeys on a Yubikey NEO. All was going perfectly fine, I revoked the old subkeys, generated new ones, and everything seemed well. After I moved the key to another machine though, I noticed that the "General key info" is somehow bound to the signature subkey, not to my primary key. I'm not sure, but I'm wondering if what I did wrong could have been that I ran a gpg --card-edit and fetch, while the machine was offline, so it wasn't able to pull down the key from the set URL. I'm wondering if this can be the source of the incorrect binding. On the old (offline, airgapped etc) machine where I generated the key, the subkeys seem to be properly set up on the master key, but with the general key info being incorrect, I can't get the second (online, day-to-day work-laptop) machine to properly recognise and bind the subkeys to the master key. Exporting/importing the public keys from the offline machine doesn't seem to change anything either. Output from gpg --card-status is as follows: ---------- Application ID ...: D276000[...] Version ..........: 2.0 Manufacturer .....: Yubico Serial number ....: 0350[...] Name of cardholder: Terje Elde Language prefs ...: [not set] Sex ..............: unspecified URL of public key : http://elde.net/keys/pgp/terje.asc Login data .......: tld Signature PIN ....: forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 1 Signature key ....: F76C 2924 AA47 2F40 9B8D 3BCD 53C9 00F2 CD95 0E4F created ....: 2015-05-04 18:02:05 Encryption key....: D87C 6986 5C34 C778 A0CF 4208 4B31 3528 CA68 9462 created ....: 2015-05-04 17:04:17 Authentication key: D5CC 5261 CA84 CFAC 0BBC EB22 EEF9 5F70 1D85 0949 created ....: 2015-05-04 18:03:08 General key info..: pub 2048R/0x53C900F2CD950E4F 2015-05-04 Terje Elde ---------- As you can see, the key mentioned in general key info: 0x53C900F2CD950E4F matches the signature-key, ending in: 53C900F2CD950E4F The key as a whole looks like this: ---------- > gpg --list-key 0xAE05171EA277084B pub 3072R/0xAE05171EA277084B 2015-04-22 [expires: 2016-10-13] Key fingerprint = 04F1 2CA5 E18B DE4F CF19 0A69 AE05 171E A277 084B uid [ultimate] Terje Elde uid [ultimate] Terje Elde sub 2048R/0x4B313528CA689462 2015-05-04 [expires: 2016-10-25] sub 2048R/0x53C900F2CD950E4F 2015-05-04 [expires: 2016-10-25] sub 2048R/0xEEF95F701D850949 2015-05-04 [expires: 2016-10-25] ---------- It's even aware of the subkeys being detached: ---------- > gpg -K /Users/tld/.gnupg/secring.gpg ----------------------------- sec# 3072R/0xAE05171EA277084B 2015-04-22 [expires: 2016-10-13] Key fingerprint = 04F1 2CA5 E18B DE4F CF19 0A69 AE05 171E A277 084B uid Terje Elde uid Terje Elde ssb> 2048R/0xFC5D2BB7C48EB15C 2015-04-22 ssb> 2048R/0xE7A7BAFE92B298A2 2015-04-22 ssb> 2048R/0xDE0525B2E9641E2B 2015-04-22 ---------- Not possible to use the thing though: ---------- > gpg --clearsign f.txt gpg: no default secret key: Unusable secret key gpg: f.txt: clearsign failed: Unusable secret key ---------- I am able to confirm that I can actually use the keys, as using them with SSH seems to work fine. My guest guess would be that GnuPG isn't connecting the dots. For completeness, let me quickly mention that previous (now revoked) subkeys were also on smartcard, Yubikey NEO-n to be exact. Would love a suggestion or a pointer, I'm a bit eager to release the revocation of the old subkeys. Terje From luis at greenhost.nl Tue May 5 01:14:27 2015 From: luis at greenhost.nl (luis) Date: Tue, 05 May 2015 01:14:27 +0200 Subject: generating revocation certs non-interactively Message-ID: <5547FD53.5030203@greenhost.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello everyone, I am working with a friend on project to try and get lots and lots of people on encrypted email at an event using something like a photobooth. At the end of the experience you leave with a keypair and little gift wrapped with your revocation cert. To do this efficiently we are using the batch generation option, I have a set of scripts that can generate the key, copy it to the final user's media and then shred it. It all works like a charm. Along with the keypair we would also like to generate a revocation certificate. Keys are passwordless, so at first I thought that it should be straight forward. I couldn't find any documentation on how to do the same batch generation for the revocation certificate. So I'm a little stuck. The --gen-revoke option prompts the user for 4 questions for a passwordless key, 5 if the key has a password and I couldn't get around this. I have tried the python wrapper, but the python API doesn't seem to expose revocation certificate generation. Calling the --gen-revoke option in combination with the --batch option returns: gpg: can't do this in batch mode So maybe this is so by design? How could I get around the interactive process and generate the certificate programmatically? I have also tried pexpect to 'mock' user input to bypass interaction, no success there. Any help would be greatly appreciated. Cheers, Luis. - -- Luis Fern?ndez Greenhost - Duurzame Hosting en Digitale Veiligheid Weesperstraat 3 1018 DN TS Amsterdam T: 020 489 4349 https://greenhost.nl You may verify my identity using these weird numbers 7F1D B683 6410 EB2E 4459 0CCA 758D 90BB 2857 4DFE https://keyserver2.pgp.com/vkd/DownloadKey.event?keyid=0x758D90BB28574DFE -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJVR/1TAAoJEHWNkLsoV03+DAkQAK3yJR99ulztPT7unX7WXTWo QY3ZtxyBo/Vwh7xRYp34Hv4G8pVC1NCpAiqBZV3EjNl2OG/vB5+8Q5lcsN1eTcLz UswyaABg8JWXlelGhJrE68Ct6tCIdmRwEJMAoo+eryrhMIGohM8usayUZeK94DyX ZVOS4byyZb2WVt7axqdcM24VVvO0/nppilOApTBzx5AgHapTLkNOPpCuztjRSuiA +gT+xBJiPsyAtv50OGgXMGFKCvMLoqUrmiuIqpjfhChOwNge38qte7933T8+sO4b C61zh1MSfLq1ba/mlDCewL3pCJJBTkQeGyBnq7XNYZsc+voALNlB1O84mONpi9U/ uUpYbT8OU5JfGVNRi6gtFIUlf2hjuFr13E6T+JU5P9Y24mKjWd7mhFOOLbfWCwhR VKM/sucr1uthPSZE/dIrEjHXh04EaZn6yGjuRSnGttFS9YOVPgfo3ugzolTITl8Z ZgRSOR2362PJavJCn6OmFd7RZvyaa+vQ+aVQG2+XPTZK/1A7a7Ub0/gPgvAA5zAx YE6j5rewB6CtLbYyyk3AAM1s2t4W1fpwKazGIFdByuPci0hb4bRkMENiwAY9fITO iTlB3pK7/3LwwHHl6PsbRbqRD0F2aw+d6NCWiw+UNiELqniZQSsWb4khK5RsvAeD Cl1/6SCK/dayXn/zQXdq =lGem -----END PGP SIGNATURE----- From wk at gnupg.org Tue May 5 09:41:52 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 05 May 2015 09:41:52 +0200 Subject: generating revocation certs non-interactively In-Reply-To: <5547FD53.5030203@greenhost.nl> (luis@greenhost.nl's message of "Tue, 05 May 2015 01:14:27 +0200") References: <5547FD53.5030203@greenhost.nl> Message-ID: <87bnhzwjwf.fsf@vigenere.g10code.de> On Tue, 5 May 2015 01:14, luis at greenhost.nl said: > keypair we would also like to generate a revocation certificate. Keys > are passwordless, so at first I thought that it should be straight forward. Note that GnuPG 2.1 generates revocation certificates by default. > for the revocation certificate. So I'm a little stuck. The --gen-revoke > option prompts the user for 4 questions for a passwordless key, 5 if the > key has a password and I couldn't get around this. The idea is that you should be able to tell the reason for the revocation. This is not very often used and thus I consider the command line interface sufficent. You may automate this but you need to employ a state mahine to answer all the questions. This is how the GUI tools work. I don't think that adding a --quick-gen-revoke command is very useful here. It would be only done for 2.1 anyway and that version has the pre-made revocations. > I have also tried pexpect to 'mock' user input to bypass interaction, no > success there. You need to use this command gpg --command-fd 0 --status-fd 2 --gen-revoke 0x12345678 and act upon the GET_* status lines. --8<---------------cut here---------------start------------->8--- [GNUPG:] GET_BOOL gen_revoke.okay y [GNUPG:] GOT_IT Please select the reason for the revocation: 0 = No reason specified 1 = Key has been compromised 2 = Key is superseded 3 = Key is no longer used Q = Cancel (Probably you want to select 1 here) [GNUPG:] GET_LINE ask_revocation_reason.code 3 [GNUPG:] GOT_IT Enter an optional description; end it with an empty line: [GNUPG:] GET_LINE ask_revocation_reason.text foo [GNUPG:] GOT_IT [GNUPG:] GET_LINE ask_revocation_reason.text [GNUPG:] GOT_IT Reason for revocation: Key is no longer used foo [GNUPG:] GET_BOOL ask_revocation_reason.okay y [GNUPG:] GOT_IT ASCII armored output forced. --8<---------------cut here---------------end--------------->8--- End the "ask_revocation_reason.text" prompts with an empty line. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue May 5 09:47:46 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 05 May 2015 09:47:46 +0200 Subject: --with-sig-check silently ignored when used with --import and --recv-keys In-Reply-To: (Daniel Roesler's message of "Mon, 4 May 2015 08:58:49 -0700") References: <878ud62fuk.fsf@vigenere.g10code.de> Message-ID: <877fsnwjml.fsf@vigenere.g10code.de> On Mon, 4 May 2015 17:58, diafygi at gmail.com said: > Gotcha. Would it be possible to throw an error when --with-sig-check > is included with --import or --recv-keys? When silently ignored, it is > very easy for a user to assume that the signature checks passed. No. The purporse of the --with-* options is to allow putting them into your gpg.conf. If you want to check the signatures you use the --check-sigs command. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From mixmaster at remailer.privacy.at Tue May 5 05:33:00 2015 From: mixmaster at remailer.privacy.at (Anonymous Remailer (austria)) Date: Tue, 5 May 2015 05:33:00 +0200 (CEST) Subject: generating revocation certs non-interactively Message-ID: luis wrote: > To: gnupg-users > Subject: generating revocation certs non-interactively > ECHO Y\n0\n\nY\n|GPG --command-fd 0 --gen-revoke 0xDEADBEEF From matt at monaco.cx Tue May 5 17:44:26 2015 From: matt at monaco.cx (Matthew Monaco) Date: Tue, 05 May 2015 09:44:26 -0600 Subject: Incorrect general key info, for key on Yubikey NEO In-Reply-To: <4b04d6830d2997ece58722f68ccba1f8@elde.net> References: <4b04d6830d2997ece58722f68ccba1f8@elde.net> Message-ID: <5548E55A.9050104@monaco.cx> On 05/04/2015 03:05 PM, terje at elde.net wrote: > Hi list, > > I've got what seems to be a not too uncommon setup, with a primary key used only > for certifying, then separate signature, encryption and authentication keys as > subkeys. I wanted to make new ones, and have the subkeys on a Yubikey NEO. > > All was going perfectly fine, I revoked the old subkeys, generated new ones, and > everything seemed well. After I moved the key to another machine though, I > noticed that the "General key info" is somehow bound to the signature subkey, > not to my primary key. > > I'm not sure, but I'm wondering if what I did wrong could have been that I ran a > gpg --card-edit and fetch, while the machine was offline, so it wasn't able to > pull down the key from the set URL. I'm wondering if this can be the source of > the incorrect binding. > > On the old (offline, airgapped etc) machine where I generated the key, the > subkeys seem to be properly set up on the master key, but with the general key > info being incorrect, I can't get the second (online, day-to-day work-laptop) > machine to properly recognise and bind the subkeys to the master key. > > Exporting/importing the public keys from the offline machine doesn't seem to > change anything either. > > Output from gpg --card-status is as follows: > > ---------- > Application ID ...: D276000[...] > Version ..........: 2.0 > Manufacturer .....: Yubico > Serial number ....: 0350[...] > Name of cardholder: Terje Elde > Language prefs ...: [not set] > Sex ..............: unspecified > URL of public key : http://elde.net/keys/pgp/terje.asc > Login data .......: tld > Signature PIN ....: forced > Key attributes ...: 2048R 2048R 2048R > Max. PIN lengths .: 127 127 127 > PIN retry counter : 3 3 3 > Signature counter : 1 > Signature key ....: F76C 2924 AA47 2F40 9B8D 3BCD 53C9 00F2 CD95 0E4F > created ....: 2015-05-04 18:02:05 > Encryption key....: D87C 6986 5C34 C778 A0CF 4208 4B31 3528 CA68 9462 > created ....: 2015-05-04 17:04:17 > Authentication key: D5CC 5261 CA84 CFAC 0BBC EB22 EEF9 5F70 1D85 0949 > created ....: 2015-05-04 18:03:08 > General key info..: pub 2048R/0x53C900F2CD950E4F 2015-05-04 Terje Elde > > ---------- > > > As you can see, the key mentioned in general key info: > 0x53C900F2CD950E4F > matches the signature-key, ending in: > 53C900F2CD950E4F > > The key as a whole looks like this: > ---------- >> gpg --list-key 0xAE05171EA277084B > pub 3072R/0xAE05171EA277084B 2015-04-22 [expires: 2016-10-13] > Key fingerprint = 04F1 2CA5 E18B DE4F CF19 0A69 AE05 171E A277 084B > uid [ultimate] Terje Elde > uid [ultimate] Terje Elde > sub 2048R/0x4B313528CA689462 2015-05-04 [expires: 2016-10-25] > sub 2048R/0x53C900F2CD950E4F 2015-05-04 [expires: 2016-10-25] > sub 2048R/0xEEF95F701D850949 2015-05-04 [expires: 2016-10-25] > ---------- > > It's even aware of the subkeys being detached: > ---------- >> gpg -K > /Users/tld/.gnupg/secring.gpg > ----------------------------- > sec# 3072R/0xAE05171EA277084B 2015-04-22 [expires: 2016-10-13] > Key fingerprint = 04F1 2CA5 E18B DE4F CF19 0A69 AE05 171E A277 084B > uid Terje Elde > uid Terje Elde > ssb> 2048R/0xFC5D2BB7C48EB15C 2015-04-22 > ssb> 2048R/0xE7A7BAFE92B298A2 2015-04-22 > ssb> 2048R/0xDE0525B2E9641E2B 2015-04-22 > ---------- > > Not possible to use the thing though: > ---------- >> gpg --clearsign f.txt > gpg: no default secret key: Unusable secret key > gpg: f.txt: clearsign failed: Unusable secret key > ---------- > > I am able to confirm that I can actually use the keys, as using them with SSH > seems to work fine. > > My guest guess would be that GnuPG isn't connecting the dots. > > For completeness, let me quickly mention that previous (now revoked) subkeys > were also on smartcard, Yubikey NEO-n to be exact. > > > Would love a suggestion or a pointer, I'm a bit eager to release the revocation > of the old subkeys. > > Terje > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users This made me notice that my --card-status does the same thing, it shows my signing subkey at "General key info" (although I thought at some point it used to show the master...). That said, everything works fine and my card is usable (v2.1.3). So maybe it's a red herring. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From luis at greenhost.nl Tue May 5 20:46:39 2015 From: luis at greenhost.nl (luis) Date: Tue, 05 May 2015 20:46:39 +0200 Subject: generating revocation certs non-interactively In-Reply-To: <87bnhzwjwf.fsf@vigenere.g10code.de> References: <5547FD53.5030203@greenhost.nl> <87bnhzwjwf.fsf@vigenere.g10code.de> Message-ID: <5549100F.3050601@greenhost.nl> On 05/05/15 09:41, Werner Koch wrote: > Note that GnuPG 2.1 generates revocation certificates by default. Great! Good to know! > The idea is that you should be able to tell the reason for the > revocation. Yes of course, this makes perfect sense. There is however the fact that good practice guides now a days often advice to generate a preemptive revocation certificate at the time of creation of the key. So at that moment the reason is well... not really relevant. So it's great that 2.1 does this on keypair generation. > You need to use this command > > gpg --command-fd 0 --status-fd 2 --gen-revoke 0x12345678 > > and act upon the GET_* status lines. Great, thanks! This hack seems to have worked though (in python), but your suggestion seems more robust: import pexpect cmd = "gpg --homedir {0} --gen-revoke {1}".format(KEYRING_DIR, '0xDEADD00D') px = pexpect.spawn(cmd, timeout=5) px.expect("(y/N)") px.sendline("y") px.expect("Your decision?") px.sendline('0') px.expect("> ") px.sendline("\n") px.sendline("\n") px.expect("Is this okay?") px.sendline("y") px.expect(pexpect.EOF) bidx = px.before.index('-----BEGIN PGP PUBLIC KEY BLOCK-----') eidx = px.before.index('-----END PGP PUBLIC KEY BLOCK-----') eidx += len('-----END PGP PUBLIC KEY BLOCK-----') print px.before[bidx:eidx] Salud, Luis. From mailinglist at krebs.uno Tue May 5 22:47:30 2015 From: mailinglist at krebs.uno (Daniel Krebs) Date: Tue, 05 May 2015 22:47:30 +0200 Subject: Incorrect general key info, for key on Yubikey NEO In-Reply-To: <5548E55A.9050104@monaco.cx> References: <4b04d6830d2997ece58722f68ccba1f8@elde.net> <5548E55A.9050104@monaco.cx> Message-ID: <55492C62.8030904@krebs.uno> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > This made me notice that my --card-status does the same thing, it > shows my signing subkey at "General key info" (although I thought > at some point it used to show the master...). That said, everything > works fine and my card is usable (v2.1.3). So maybe it's a red > herring. Hi, I just checked this and get the same results with an FSFE Smartcard: Signing Subkey is mentioned under General Key Info.. DK -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVSSxWAAoJEA7irlPqaBCOtXkP/jQaW/1EsHiPCb/WH0A+Wdly yOrzvzDr2QNQJrC4nv9P077cjMViiNJfr2QwTDNh8/uX1eDgR7h9FjM/TTABksB0 yRUWkUHtPuSpromZUceEsFQ7BnGnP8Foqfm7UPYFGTbwPXQFnWSLPDQ87rBi/Ugd 7WO1HeGx4Vr5geEIlRwcc6Or2n0aIlU6ksKiXcFzHTCtSbbKtElGVqFkNQWY2Diy itmvU66bf6udqL6g++Zh++k7o+UDsdgW5jTCMphe5kqeG17NlFTxICOPvoPV+G89 Pvlvhk3SsTdAHtrxPRprq3RYSjYYSaFWuFitB6vVNiI9apLTpThnI2FG0STGtd/k sdVQZ18cbLkpqFKWHxytTvb+k0H7Wqdhrys4/IYqE9ox2NyPNv2UU5qNsaEzu20T ZMOUzmYjcZRGORmq3h/rjc00UFy55F3g+EPOVRSkYz4ebzGewxz1u1vbj6Subq/T OiSEeMUAj8AvDav5aZ2lZE7Wd8d0wQX+rI+5mi+BKdwFh8IoV8Q1SdEoBCD1V2+u JoORSj7KGmU/vuDnS9ORJJ9mzwcWY/Jnx+FtU41lxJFRysieOSczTCy0HUlGMIgL ch/CzRgIBdpUguWm7TTac5dpU6ZZ2AkAV39Z3j2KDecFGgx40EqjH+/SUwX/dRu6 k2F0B1fjB6wuV4+39gyo =2iTb -----END PGP SIGNATURE----- From dkbryant at gmail.com Wed May 6 02:08:01 2015 From: dkbryant at gmail.com (Dan Bryant) Date: Tue, 5 May 2015 19:08:01 -0500 Subject: Generating GnuPG S/MINE key pair In-Reply-To: References: <87d22obtnr.fsf@vigenere.g10code.de> Message-ID: *SOLVED* On Tue, Apr 28, 2015 at 11:12 AM, Dan Bryant wrote: > OK... I'm apparently suffering from a bad gpgsm setup. According to > the 2011 post (https://lists.gnupg.org/pipermail/gnupg-devel/2011-March/025989.html) > the following command, should just work: > gpgsm --gen-key | gpgsm --import > > Not for me... I get > gpgsm: problem looking for existing certificate: Invalid argument > gpgsm: error storing certificate > I found the problem. I had a corrupt install. I was trying to work around problems in the 2.1.3 installer, and went about it poorly. I copied pinentry from gpg4win 2.2.4 (bad idea). The better way to do it was as follows: 1) Download gnupg-w32-2.1.1_20141216.exe 2) Install {1} to %ProgramFiles(x86)%\GNU\GnuPG 3) Copy files out of {2} into %UserProfile%\GnuPG.Combined 4) Uninstall {1} 6) Stop any processes running from {2} 7) Remove directory {2} 8) Download gnupg-w32-2.1.3_20150413.exe 9) Install {8} to %ProgramFiles(x86)%\GNU\GnuPG 10) Copy files out of {9} into %UserProfile%\GnuPG.Combined 11) Stop any processes running from {9} 12) Copy %UserProfile%\GnuPG.Combined to %UserProfile%\GnuPG as Admin 13) Remove %UserProfile%\GnuPG.Combined This will get GPA.exe and PinEntry.exe working (I hope) on a 2.1.3 baseline. You may be able to simply install 2.1.1 then install 2.1.3 over it, I leave others to speculate on that. This worked for me. The GPGSM self-sign cert now imports without error. From wk at gnupg.org Wed May 6 11:29:06 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 06 May 2015 11:29:06 +0200 Subject: Incorrect general key info, for key on Yubikey NEO In-Reply-To: <4b04d6830d2997ece58722f68ccba1f8@elde.net> (terje@elde.net's message of "Mon, 04 May 2015 23:05:03 +0200") References: <4b04d6830d2997ece58722f68ccba1f8@elde.net> Message-ID: <878ud2uk9p.fsf@vigenere.g10code.de> On Mon, 4 May 2015 23:05, terje at elde.net said: > Output from gpg --card-status is as follows: What gpg version is that? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Wed May 6 12:00:20 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 06 May 2015 12:00:20 +0200 Subject: Incorrect general key info, for key on Yubikey NEO In-Reply-To: <878ud2uk9p.fsf@vigenere.g10code.de> References: <4b04d6830d2997ece58722f68ccba1f8@elde.net> <878ud2uk9p.fsf@vigenere.g10code.de> Message-ID: <5549E634.9040201@digitalbrains.com> On 06/05/15 11:29, Werner Koch wrote: > What gpg version is that? I can confirm this behaviour with multiple versions. On a Debian wheezy/oldstable, normal gnupg2 package, with surgically altered secret key such that the primary key is on one card, and the subkeys are on another: --------------------- 8< ------------ >8 --------------------- $ gpg2 --version gpg (GnuPG) 2.0.19 libgcrypt 1.5.0 [...] $ gpg2 --card-status Application ID ...: D2760001240102000005000002410000 Version ..........: 2.0 Manufacturer .....: ZeitControl Serial number ....: 00000241 [...] Signature key ....: 6500 8DC2 20AA E2A2 574D 6CD5 969E 018F DE6C DCA1 created ....: 2009-11-12 13:15:07 Encryption key....: 2E0F 8C51 BC77 58A3 3795 79D9 26F7 563E 73A3 3BEE created ....: 2009-11-12 13:15:36 Authentication key: A87C F55C 8435 36F3 1CBC C63C 4FBB CA40 B65D 8246 created ....: 2009-12-05 13:59:13 General key info..: pub 2048R/DE6CDCA1 2009-11-12 Peter Lebbing sec> 2048R/DE500B3E created: 2009-11-12 expires: 2015-10-27 card-no: 0005 00000274 ssb> 2048R/DE6CDCA1 created: 2009-11-12 expires: 2015-10-27 card-no: 0005 00000241 ssb> 2048R/73A33BEE created: 2009-11-12 expires: 2015-10-27 card-no: 0005 00000241 ssb> 2048R/B65D8246 created: 2009-12-05 expires: 2015-10-27 card-no: 0005 00000241 --------------------- 8< ------------ >8 --------------------- And on a Debian jessie/stable, gnupg2 package from experimental: --------------------- 8< ------------ >8 --------------------- $ gpg2 --version gpg (GnuPG) 2.1.2 libgcrypt 1.6.3 [...] $ gpg2 --card-status Application ID ...: D2760001240102000005000011120000 Version ..........: 2.0 Manufacturer .....: ZeitControl Serial number ....: 00001112 [...] Signature key ....: 6500 8DC2 20AA E2A2 574D 6CD5 969E 018F DE6C DCA1 created ....: 2009-11-12 13:15:07 Encryption key....: 2E0F 8C51 BC77 58A3 3795 79D9 26F7 563E 73A3 3BEE created ....: 2009-11-12 13:15:36 Authentication key: [none] General key info..: pub rsa2048/DE6CDCA1 2009-11-12 Peter Lebbing sec rsa2048/DE500B3E created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/DE6CDCA1 created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/73A33BEE created: 2009-11-12 expires: 2015-10-27 ssb rsa2048/B65D8246 created: 2009-12-05 expires: 2015-10-27 --------------------- 8< ------------ >8 --------------------- This latter installation also uses the card with serial 274 for the primary key. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Wed May 6 12:29:57 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 06 May 2015 12:29:57 +0200 Subject: Incorrect general key info, for key on Yubikey NEO In-Reply-To: <5549E634.9040201@digitalbrains.com> (Peter Lebbing's message of "Wed, 06 May 2015 12:00:20 +0200") References: <4b04d6830d2997ece58722f68ccba1f8@elde.net> <878ud2uk9p.fsf@vigenere.g10code.de> <5549E634.9040201@digitalbrains.com> Message-ID: <871tiuuhga.fsf@vigenere.g10code.de> On Wed, 6 May 2015 12:00, peter at digitalbrains.com said: > And on a Debian jessie/stable, gnupg2 package from experimental: My fault. I missed the call to print_pubkey_info and looked only for the detailed listing below. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jafesp at gmail.com Wed May 6 13:04:20 2015 From: jafesp at gmail.com (Jamenson Ferreira Espindula de Almeida Melo) Date: Wed, 6 May 2015 08:04:20 -0300 Subject: Subject: Opening a gpg file format in read and write mode Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jaboat?o dos Guararapes, PE, Brazil, may 06, 2015. Subject: Opening a gpg file format in read and write mode Hi everyone. I want to open a file called passwords.txt.gpg and editing it directly. The mentioned file holds a password list and I prefer not to decrypt it, that is, I want to read it directly in gpg format itself. I believe it is possible reading, editing and writing directly in gpg file format itself without decrypting it, provided that GnuPG itself does the same thing on the public keyring (pubring.gpg), on the secret keyring (secring.gpg) and on the trust database (trustdb.gpg). I hope I had made myself clear enought. Best regards. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.18 (GNU/Linux) iQEcBAEBCAAGBQJVSfRvAAoJECrgJcAIqGGA9TYIAI0k7bkuz8fGA4PKuxWweh4d uFi42d/qjorhPoOYcK+1MOUeQIXqPWCn4/WCojltrDrW1SUY9e7IxJnmaK1L52Wi zZyDPMs5JKVkZBrNzb/GB1/ZSb5QTDxqe/zc3vNSuupQ2tJ9SFx0b/BMbkxAd8PT /iTYkNYEc6M9sGLFk2CN7SdKMlEH+o2wtvoJCJJXJCF1aE7/SGJWhj1JMHFycv1x Nl4h1YSS5kNlTYls4YKQg5NpVgF98An/QnB//pmStVFly7F3q/drHJ/Kq0dg392v LyVHBAqGUg6DU9wx9TH9kHXjz19twQMWRCNDmSTvJC79A4riprewVH/nQZbFafo= =riX5 -----END PGP SIGNATURE----- From matt at monaco.cx Wed May 6 21:57:09 2015 From: matt at monaco.cx (Matthew Monaco) Date: Wed, 06 May 2015 13:57:09 -0600 Subject: Subject: Opening a gpg file format in read and write mode In-Reply-To: References: Message-ID: <554A7215.8080607@monaco.cx> On 05/06/2015 05:04 AM, Jamenson Ferreira Espindula de Almeida Melo wrote: > Hi everyone. > > I want to open a file called passwords.txt.gpg and editing it > directly. The mentioned file holds a password list and I prefer not > to decrypt it, that is, I want to read it directly in gpg format > itself. > > I believe it is possible reading, editing and writing directly in gpg > file format itself without decrypting it, provided that GnuPG itself > does the same thing on the public keyring (pubring.gpg), on the secret > keyring (secring.gpg) and on the trust database (trustdb.gpg). > Search engine found this: http://www.vim.org/scripts/script.php?script_id=3645 From mkfranny at gmail.com Wed May 6 23:08:57 2015 From: mkfranny at gmail.com (Michelle Gmail) Date: Wed, 6 May 2015 17:08:57 -0400 Subject: generating revocation certs non-interactively In-Reply-To: <5549100F.3050601@greenhost.nl> References: <5547FD53.5030203@greenhost.nl> <87bnhzwjwf.fsf@vigenere.g10code.de> <5549100F.3050601@greenhost.nl> Message-ID: <8CC111A5-F096-4F1C-9151-901F406488BF@gmail.com> Some how in the one ur doing this to I have done nothing to deserve to have put through 2 months of non stop names called then I love then I hate u ... Do u tell me who needs help. I did no approve to have anyone jailbreak my phone and make my 2 computer 1 iPad and my iPhone to have all these public files I did not allow these it is illegal he is going to far w this anyone with the intent to purposely do this to someone is demented. This is wrong what he is doing I'm very upset I did nothing to deserve this pls stop. Please Sent from my iPhone On May 5, 2015, at 2:46 PM, luis wrote: > On 05/05/15 09:41, Werner Koch wrote: > Note that GnuPG 2.1 generates revocation certificates by default. Great! Good to know! > The idea is that you should be able to tell the reason for the > revocation. Yes of course, this makes perfect sense. There is however the fact that good practice guides now a days often advice to generate a preemptive revocation certificate at the time of creation of the key. So at that moment the reason is well... not really relevant. So it's great that 2.1 does this on keypair generation. > You need to use this command > > gpg --command-fd 0 --status-fd 2 --gen-revoke 0x12345678 > > and act upon the GET_* status lines. Great, thanks! This hack seems to have worked though (in python), but your suggestion seems more robust: import pexpect cmd = "gpg --homedir {0} --gen-revoke {1}".format(KEYRING_DIR, '0xDEADD00D') px = pexpect.spawn(cmd, timeout=5) px.expect("(y/N)") px.sendline("y") px.expect("Your decision?") px.sendline('0') px.expect("> ") px.sendline("\n") px.sendline("\n") px.expect("Is this okay?") px.sendline("y") px.expect(pexpect.EOF) bidx = px.before.index('-----BEGIN PGP PUBLIC KEY BLOCK-----') eidx = px.before.index('-----END PGP PUBLIC KEY BLOCK-----') eidx += len('-----END PGP PUBLIC KEY BLOCK-----') print px.before[bidx:eidx] Salud, Luis. _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From luis at greenhost.nl Thu May 7 10:47:21 2015 From: luis at greenhost.nl (luis) Date: Thu, 07 May 2015 10:47:21 +0200 Subject: offtopic [WAS] Re: generating revocation certs non-interactively In-Reply-To: <8CC111A5-F096-4F1C-9151-901F406488BF@gmail.com> References: <5547FD53.5030203@greenhost.nl> <87bnhzwjwf.fsf@vigenere.g10code.de> <5549100F.3050601@greenhost.nl> <8CC111A5-F096-4F1C-9151-901F406488BF@gmail.com> Message-ID: <554B2699.3020807@greenhost.nl> ??? Is this spam? How odd. Could this person be stuck in this mailinglist somehow? On 05/06/2015 11:08 PM, Michelle Gmail wrote: > Some how in the one ur doing this to I have done nothing to deserve to have put through 2 months of non stop names called then I love then I hate u ... Do u tell me who needs help. I did no approve to have anyone jailbreak my phone and make my 2 computer 1 iPad and my iPhone to have all these public files I did not allow these it is illegal he is going to far w this anyone with the intent to purposely do this to someone is demented. This is wrong what he is doing I'm very upset I did nothing to deserve this pls stop. > Please > > Sent from my iPhone > From antony at blazrsoft.com Thu May 7 23:09:20 2015 From: antony at blazrsoft.com (Antony Prince) Date: Thu, 07 May 2015 17:09:20 -0400 Subject: liblber-2.4 compile error for dirmngr 1.1.0 Message-ID: <554BD480.9030500@blazrsoft.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Building gnupg 2.1.3 from source on Xubuntu 14.04, I ran into the following error while compiling dirmngr 1.1.0: "liblber-2.4.so.2: error adding symbols: DSO missing from command line" I already had libldap2-dev installed. I resolved it by adding -llber to the LDAPLIBS variable in the Makefile for dirmngr. root at 050415:/usr/local/src/dirmngr-1.1.0/src# diff Makefile.bak Makefile 160c160 < LDAPLIBS = -lldap - --- > LDAPLIBS = -lldap -llber Just a heads-up as I'm not sure if anyone else has run into this issue. - -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVS9RxAAoJEK89QIcwGxsZGR0QAI96dnEP4hJPiGpT8/5IsNqM Xi/70KABDjGzwOyYk47V1vud5D1sG8yHYNQsu4QfNpuFw38rxYphHcibpp2IEwkY A/QIK5rMOCYry3PFWCbPaJ5cwiPNsBzgXkMfTslnDWjbFkdSwqok428eFxIW5MLo ExXc42/UkZ0w73JVd+xmONRD8OHRB/sGgeacmx6DJOWazCfmJlYKE67BmApn5S5D 38jnKokFZEAv4IZBxK7VcB0x7Xul+uxu6bhymh6X6rJwECguQtMS+5ZsmgwEzkG1 ruTDXvzXqXTUihPsgLaRdIBXpIDc1rq0696dik/eMqd8PPmGhgNywa8OfG0ElGUn LxORFXBXO8peEChJF4fcQ7mrrKP7A+0etrOCmKMCzjCwrDcH5iaTEgw7hDxa2DP+ HLOJVS8E9HYzdVAVjBXkgNP45p/jr0Kp84uhdW+4k0gQ4r8DA3YkTizO5NjHkDOv jmF008nwXK4Bs3UYFjF4DET6h8fk68SadinE+A85v5kicSzsq5nSCqtIkHrFztyn CfTYEQye1YTD6J6ytUaaMIvVpPgr7iLybEIGrTDgHVwqkdCb6MiR+TgGRa6FYRSY I7MlZ/t1GsoNfCazWb2Ko2du9/yAfGUukuJxheHmnLfRItULygTb49zYMBH2Pkez 2CmShaCv27k+wdU9Sht1 =E2yV -----END PGP SIGNATURE----- From Josh.Clearihan at isuzu.net.au Mon May 11 07:17:59 2015 From: Josh.Clearihan at isuzu.net.au (Josh Clearihan) Date: Mon, 11 May 2015 15:17:59 +1000 Subject: WINDOWS - Adding passphrase to gpg via command line Message-ID: Hi all, Environment Windows 2012 Server GnuPG 2.0.27 Requirement To automatically decrypt and encrypt files from cmd batch file. I'm experiencing issues trying to decrypt a .pgp file from command line. When running this it launches the pinentry window, manually requiring the passkey. gpg2.exe --output D:\Folder --recipient certname --decrypt D:\Folder\*.txt.pgp If I enter the passkey manually in the pinentry box it seems to stay active for a number of minutes, allowing me to decrypt multiple files without being prompted by pinentry. However, after say 10 - 15 mins when I try to decrypt another file, the pinentry windows appears requiring manual entry again. After researching how to set the passkey in the stdin cache I attempted this gpg-preset-passphrase.exe --preset "mypassphrase" This syntax seems correct because it does not come up invalid, it just sits there in cmd on the next line doing nothing https://www.gnupg.org/documentation/manuals/gnupg/Invoking-gpg_002dpreset_002dpassphrase.html#Invoking-gpg_002dpreset_002dpassphrase I manually edited my gpg-agent.conf file, it looks like this ###+++--- GPGConf ---+++### enable-passphrase-history allow-preset-passphrase ###+++--- GPGConf ---+++### 04/30/15 09:41:02 AUS Eastern Standard Time # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. I have also tried piping in my passphrase via this command, but this also launches pinentry requiring manual entry if the passphrase echo "mypassphrase"| gpg2.exe --output D:\Folder --recipient certname --decrypt D:\Folder\*.txt.pgp This solution was posted here http://www.gossamer-threads.com/lists/gnupg/users/59418 Can someone please tell me what I'm doing wrong. Many Thanks! Josh Clearihan Senior Systems Administrator 858 Lorimer Street | PO Box 107 Port Melbourne, VIC 3207 T: 03 9644 6666 | D: 03 9644 6899 F: 03 9644 6622 | M: 0437 096 974 E: Josh.Clearihan at isuzu.net.au Think Green! DISCLAIMER: Any views or opinions expressed in this communication are those of the individual sender, except where the sender specifically states them to be the views or opinions of Isuzu Australia Limited. This communication is confidential. If you are not the intended recipient of this communication please delete and destroy all copies and contact the sender immediately. Any unauthorised form of disclosure or reproduction of this message is prohibited. Isuzu Australia Ltd does not guarantee the security of any information electronically transmitted. Isuzu Australia Ltd does not accept responsibility for any improper or incomplete transmission. Any views or opinions expressed in this communication are those of the individual sender, except where the sender specifically states them to be the views or opinions of Isuzu Australia Limited. This communication is confidential. If you are not the intended recipient of this communication please delete and destroy all copies and contact the sender immediately. Any unauthorised form of disclosure or reproduction of this message is prohibited. Isuzu Australia Ltd does not guarantee the security of any information electronically transmitted. Isuzu Australia Ltd does not accept responsibility for any improper or incomplete transmission. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 3482 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 3685 bytes Desc: not available URL: From 2014-667rhzu3dc-lists-groups at riseup.net Mon May 11 09:19:21 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 11 May 2015 08:19:21 +0100 Subject: WINDOWS - Adding passphrase to gpg via command line In-Reply-To: References: Message-ID: <1422424091.20150511081921@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Monday 11 May 2015 at 6:17:59 AM, in , Josh Clearihan wrote: > Requirement To automatically decrypt and encrypt files > from cmd batch file. > I'm experiencing issues trying to decrypt a .pgp file > from command line. > When running this it launches the pinentry window, > manually requiring the passkey. gpg2.exe --output > D:\Folder --recipient certname --decrypt > D:\Folder\*.txt.pgp If you set an empty passphrase for the decryption key, the pinentry window will not appear. - -- Best regards MFPA Never lean forward to push an invisible object. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVUFf8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwDiUIAIjJnq3s1gX6ROdyXvrhsCFc zLbBP3XjCdzwNzEYaRDP6S3XoxOb6c/RNGLsHRh0uhyjBtXSrjFbS1S5BRSwyYUD RsslammzBquw1DOJwcWBOXA5ivTeTaOw4sWDhgB5Y1y9qUonryYLvJHEwrzmGhN0 aUD8gM02uH7JKqACzpdjC1FscoNe4UVNyJz74VwJczeVnSaT/I6E80AhTBMAYhwm kdmcWbCeJC8/KRN4ldemQyBEU7yNdasnYF+P2hjqpr+d0PgzSS36hq1vTACSosxn wPtRt3eF4JDg3P0OO76W7jQN4+faxgjCa4zq9Kphdqt89Fv6LadqnBU+9Gn9mY+I vgQBFgoAZgUCVVBYCl8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45DCiAQC0Ni8QurSE9bl49wcyjVAHguG/ bBJKzVAe9OPSxnXZjAEA7iUZZV98aXc9AcnHXftZa0Kv6FQtVCHzaO67T6+jiQ4= =TRPA -----END PGP SIGNATURE----- From quite at hack.org Mon May 11 09:28:44 2015 From: quite at hack.org (Daniel) Date: Mon, 11 May 2015 09:28:44 +0200 Subject: SSH generic socket forwarding for gpg-agent References: <546248D5.9050509@monaco.cx> <87lhmnvn53.fsf__30607.2664251134$1417681625$gmane$org@vigenere.g10code.de> Message-ID: I got the forwarding working, gpg-connect-agent says "connection to agent is in restricted mode" and gives me a prompt. So am I all set? Doesn't seem like that. My GPG_AGENT_INFO is empty, as it is on my local machine where everything works as expected (once my gpg-agent is running, has a key, and has created its ~/.gnupg/S.gpg-agent -- and yes, now it also creates S.gpg-agent-extra which I forward to) So, on remote, "gpg --use-agent test.asc" gives me "gpg: decryption failed: No secret key". But shouldn't this just work? Shouldn't it just get the private/secret key from the (forwarded) socket? I tried pointing GPG_AGENT_INFO at that socket as well, to no avail. From wk at gnupg.org Mon May 11 11:02:47 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 11 May 2015 11:02:47 +0200 Subject: SSH generic socket forwarding for gpg-agent In-Reply-To: (Daniel's message of "Mon, 11 May 2015 09:28:44 +0200") References: <546248D5.9050509@monaco.cx> <87lhmnvn53.fsf__30607.2664251134$1417681625$gmane$org@vigenere.g10code.de> Message-ID: <87zj5bpjuw.fsf@vigenere.g10code.de> On Mon, 11 May 2015 09:28, quite at hack.org said: > So, on remote, "gpg --use-agent test.asc" gives me "gpg: decryption failed: > No secret key". But shouldn't this just work? Shouldn't it just get the Are you sure that the gpg version at the remote site is also >= 2.1? Given that you used the option "--use-agent" I assume that this is a gpg 1.4. For that feature to work you need GnuPG 2.1 local and remote. The reason is that only since 2.1 gpg diverts all private key operations to the agent. GPG_AGENT_INFO is ignore by GnuPG >= 2.1. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From quite at hack.org Mon May 11 11:54:15 2015 From: quite at hack.org (Daniel) Date: Mon, 11 May 2015 09:54:15 +0000 (UTC) Subject: SSH generic socket forwarding for gpg-agent References: <546248D5.9050509@monaco.cx> <87lhmnvn53.fsf__30607.2664251134$1417681625$gmane$org@vigenere.g10code.de> <87zj5bpjuw.fsf@vigenere.g10code.de> Message-ID: Werner Koch gnupg.org> writes: > Are you sure that the gpg version at the remote site is also >= 2.1? > Given that you used the option "--use-agent" I assume that this is a gpg > 1.4. > > For that feature to work you need GnuPG 2.1 local and remote. The > reason is that only since 2.1 gpg diverts all private key operations to > the agent. > > GPG_AGENT_INFO is ignore by GnuPG >= 2.1. Oh, yes, I had just compiled a gpg 2.1.3 in my $HOME, because the system had 2.0.14. BUT, the make install only gave me "gpg2" in $HOME/bin and not a "gpg" -- so that was still in /usr/bin/gpg. Of course I ended up using the latter for testing, inanely typing just "gpg". With gpg2 it all works! Great. cd ~/bin; ln -s gpg2 gpg From Josh.Clearihan at isuzu.net.au Tue May 12 01:07:52 2015 From: Josh.Clearihan at isuzu.net.au (Josh Clearihan) Date: Tue, 12 May 2015 09:07:52 +1000 Subject: WINDOWS - Adding passphrase to gpg via command line In-Reply-To: <1422424091.20150511081921@my_localhost> References: <1422424091.20150511081921@my_localhost> Message-ID: Hi, Thanks, but our requirement is that the key is secured with a passphrase. Any other ideas into what is wrong with my coding? Cheers Josh Clearihan Senior Systems Administrator 858 Lorimer Street | PO Box 107 Port Melbourne, VIC 3207 T: 03 9644 6666 | D: 03 9644 6899 F: 03 9644 6622 | M: 0437 096 974 E: Josh.Clearihan at isuzu.net.au Think Green! DISCLAIMER: Any views or opinions expressed in this communication are those of the individual sender, except where the sender specifically states them to be the views or opinions of Isuzu Australia Limited. This communication is confidential. If you are not the intended recipient of this communication please delete and destroy all copies and contact the sender immediately. Any unauthorised form of disclosure or reproduction of this message is prohibited. Isuzu Australia Ltd does not guarantee the security of any information electronically transmitted. Isuzu Australia Ltd does not accept responsibility for any improper or incomplete transmission. From: MFPA <2014-667rhzu3dc-lists-groups at riseup.net> To: "Josh Clearihan on GnuPG-Users" Cc: "Josh Clearihan" Date: 11/05/2015 05:19 PM Subject: Re: WINDOWS - Adding passphrase to gpg via command line -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Monday 11 May 2015 at 6:17:59 AM, in , Josh Clearihan wrote: > Requirement To automatically decrypt and encrypt files > from cmd batch file. > I'm experiencing issues trying to decrypt a .pgp file > from command line. > When running this it launches the pinentry window, > manually requiring the passkey. gpg2.exe --output > D:\Folder --recipient certname --decrypt > D:\Folder\*.txt.pgp If you set an empty passphrase for the decryption key, the pinentry window will not appear. - -- Best regards MFPA Never lean forward to push an invisible object. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVUFf8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwDiUIAIjJnq3s1gX6ROdyXvrhsCFc zLbBP3XjCdzwNzEYaRDP6S3XoxOb6c/RNGLsHRh0uhyjBtXSrjFbS1S5BRSwyYUD RsslammzBquw1DOJwcWBOXA5ivTeTaOw4sWDhgB5Y1y9qUonryYLvJHEwrzmGhN0 aUD8gM02uH7JKqACzpdjC1FscoNe4UVNyJz74VwJczeVnSaT/I6E80AhTBMAYhwm kdmcWbCeJC8/KRN4ldemQyBEU7yNdasnYF+P2hjqpr+d0PgzSS36hq1vTACSosxn wPtRt3eF4JDg3P0OO76W7jQN4+faxgjCa4zq9Kphdqt89Fv6LadqnBU+9Gn9mY+I vgQBFgoAZgUCVVBYCl8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45DCiAQC0Ni8QurSE9bl49wcyjVAHguG/ bBJKzVAe9OPSxnXZjAEA7iUZZV98aXc9AcnHXftZa0Kv6FQtVCHzaO67T6+jiQ4= =TRPA -----END PGP SIGNATURE----- Any views or opinions expressed in this communication are those of the individual sender, except where the sender specifically states them to be the views or opinions of Isuzu Australia Limited. This communication is confidential. If you are not the intended recipient of this communication please delete and destroy all copies and contact the sender immediately. Any unauthorised form of disclosure or reproduction of this message is prohibited. Isuzu Australia Ltd does not guarantee the security of any information electronically transmitted. Isuzu Australia Ltd does not accept responsibility for any improper or incomplete transmission. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 3482 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 3685 bytes Desc: not available URL: From flapflap at riseup.net Tue May 12 07:59:09 2015 From: flapflap at riseup.net (flapflap) Date: Tue, 12 May 2015 05:59:09 +0000 Subject: WINDOWS - Adding passphrase to gpg via command line In-Reply-To: References: <1422424091.20150511081921@my_localhost> Message-ID: <555196AD.9050507@riseup.net> Josh Clearihan: > Hi, > > Thanks, but our requirement is that the key is secured with a passphrase. > > Any other ideas into what is wrong with my coding? > echo "mypassphrase"| gpg2.exe ... In my opinion it makes little sense to use a passphrase in this way: the passphrase is supposed to be entered interactively since in case someone gets access to the script with hardcoded passphrase, then she gets the passphrase, too. If you don't want to store the secret key unencrypted on disk, maybe you could use a disk encryption layer below the file system (like dm-crypt/LUKS on GNU/Linux). As a result, you have a passphrase for the disk that is entered only once on reboot, then - when the system is running - you use the secret OpenPGP key without passphrase, but the key material is still not stored unencrypted on disk and protected in case an adversary just takes the disks with her. Of course, this does not protect from cold-boot attacks, but (IMHO) should be better than hardcoding the passphrase in a script on an unencrypted disk, just to meet the requirement that the key should be encrypted with a passphrase. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Tue May 12 11:59:34 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 12 May 2015 11:59:34 +0200 Subject: WINDOWS - Adding passphrase to gpg via command line In-Reply-To: References: <1422424091.20150511081921@my_localhost> Message-ID: <5551CF06.8050601@digitalbrains.com> Hi, (Could you please not top-post and trim your quotes) > Thanks, but our requirement is that the key is secured with a > passphrase. Often, this is not useful on a server. When someone gains access to the processes that do the decryption and/or signing, they already have access to the decrypted key material by virtue of the key being unlocked and ready to use. Another reason to encrypt a file (in this case the private key) is so it doesn't end up in backups in unencrypted form. For GnuPG keys, it might simply be sensible to arrange for backups to not include that file, and handle the backing up of secret key material separately. This is relatively little overhead because a secret key doesn't change often anyway. > Any other ideas into what is wrong with my coding? Well, you quote an old thread from this mailing list. Later on in the thread, Werner chimes in[1] about gpg-preset-passphrase and its usage, however it seems you are using it wrong. You said you did: > gpg-preset-passphrase.exe --preset "mypassphrase" That seems to miss the most crucial part of the whole command: the keygrip of the key. Also your described behaviour of "it just sits there in cmd on the next line doing nothing" doesn't seem like it is working. So perhaps you should reread [1]. By the way, you should probably have gpg-preset-passphrase interactively query you for the password, because including it in the command line defeats part of the use of encryption (anyone logged in to the server can observe the passphrase). And if it's in a startup script like that, it wholly defeats the purpose of encryption and is a generous helping of snake oil. I was surprised to read that the person in that thread actually managed to pipe in the password like that without anything like --passphrase-fd. I wouldn't expect that to work, and it seems like a lucky hit, for some definition of lucky. It also seems to serve no purpose at all. Not only is the passphrase visible for anyone logged in at the moment the command is issued, also it's part of the script and thus the data on disk. It seems to be there just to comply with some ill-defined "keys need to be encrypted" requirement, following the requirement to the letter rather than to the spirit. HTH, Peter. [1] http://www.gossamer-threads.com/lists/gnupg/users/59416#59416 -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Tue May 12 18:24:40 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 12 May 2015 18:24:40 +0200 Subject: [Announce] GnuPG 2.1.4 released Message-ID: <87sib1ojav.fsf@vigenere.g10code.de> Hello! The GnuPG Project is pleased to announce the availability of a new release of GnuPG modern: Version 2.1.4. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard which is commonly abbreviated as PGP. GnuPG allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different branches of GnuPG are actively maintained: - GnuPG "modern" (2.1) is the latest development with a lot of new features. This announcement is about this branch. - GnuPG "stable" (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG "classic" (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install "modern" (2.1) and "stable" (2.0) at the same time. However, it is possible to install "classic" (1.4) along with any of the other versions. Noteworthy changes in version 2.1.4 =================================== * gpg: Add command --quick-adduid to non-interactively add a new user id to an existing key. * gpg: Do no enable honor-keyserver-url by default. Make it work if enabled. * gpg: Display the serial number in the --card-status output again. * agent: Support for external password managers. Add option --no-allow-external-cache. * scdaemon: Improved handling of extended APDUs. * Make HTTP proxies work again. * All network access including DNS as been moved to Dirmngr. * Allow building without LDAP support. A detailed description of the changes found in the 2.1 branch can be found at . This version fixes many bugs found after the release of 2.1.3 but there are still known bugs which we are working on. Please check the the bug tracker, https://wiki.gnupg.org, or mailing list archives for known problems and workaround. Getting the Software ==================== Please follow the instructions found at https://gnupg.org/download/ or read on: GnuPG 2.1.4 may be downloaded from one of the GnuPG mirror sites or direct from its primary FTP server. The list of mirrors can be found at . Note that GnuPG is not available at ftp.gnu.org. On ftp.gnupg.org you find these files: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.4.tar.bz2 (4771k) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.4.tar.bz2.sig This is the GnuPG source code compressed using BZIP2 and its OpenPGP signature. ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.4_20150512.exe (2566k) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.4_20150512.exe.sig This is an installer for Windows without graphical frontends except for a basic Pinentry tool. Please de-install an installed Gpg4win version before trying this installer. Note, that TLS access to keyservers is not yet available. The sources used to build the installer can be found in the same directory with an ".tar.xz" suffix. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.1.4.tar.bz2 you would use this command: gpg --verify gnupg-2.1.4.tar.bz2.sig gnupg-2.1.4.tar.bz2 This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one or more of the release signing keys. Make sure that this is a valid key, either by matching the shown fingerprint against a trustworthy list of valid release signing keys or by checking that the key has been signed by trustworthy other keys. See below for information on the signing keys. * If you are not able to use an existing version of GnuPG, you have to verify the SHA-1 checksum. On Unix systems the command to do this is either "sha1sum" or "shasum". Assuming you downloaded the file gnupg-2.1.4.tar.bz2, you would run the command like this: sha1sum gnupg-2.1.4.tar.bz2 and check that the output matches the next line: ad68d65c54698e3c781e17864ab5918442df155a gnupg-2.1.4.tar.bz2 d8f4a326c36578d05af5751abea668a15ea0aae1 gnupg-w32-2.1.4_20150512.exe dbd3af91467ecb4c0826d45497793cc3249f9cc9 gnupg-w32-2.1.4_20150512.tar.xz Release Signing Keys ==================== To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 Werner Koch (dist sig) rsa2048/E0856959 2014-10-29 [expires: 2019-12-31] Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959 David Shaw (GnuPG Release Signing Key) rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28] Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06 NIIBE Yutaka (GnuPG Release Key) rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31] Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9 Werner Koch (Release Signing Key) You may retrieve these files from a keyserver using this command gpg --keyserver hkp://keys.gnupg.net --recv-keys \ 249B39D24F25E3B6 04376F3EE0856959 \ 2071B08A33BD3F06 8A861B1C7EFD60D9 The keys are also available at https://gnupg.org/signature_key.html and in any recently released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed using by a different key. Internationalization ==================== This version of GnuPG has support for 26 languages with Chinese, Czech, French, German, Japanese, Russian, and Ukrainian being almost completely translated (2062 different strings). Documentation ============= If you used GnuPG in the past you should read the description of changes and new features at doc/whats-new-in-2.1.txt or online at https://gnupg.org/faq/whats-new-in-2.1.html The file gnupg.info has the complete user manual of the system. Separate man pages are included as well but they have not all the details available as are the manual. It is also possible to read the complete manual online in HTML format at https://gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at https://gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. You may also want to follow postings at https://gnupg.org/blob/. Support ======== Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . For commercial support requests we keep a list of known service companies at: https://gnupg.org/service.html If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GnuPG is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is a announcement only mailing list. Please send replies only to the gnupg-users at gnupg.org mailing list. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From 2014-667rhzu3dc-lists-groups at riseup.net Tue May 12 23:10:43 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 12 May 2015 22:10:43 +0100 Subject: [Announce] GnuPG 2.1.4 released In-Reply-To: <87sib1ojav.fsf@vigenere.g10code.de> References: <87sib1ojav.fsf@vigenere.g10code.de> Message-ID: <1703207833.20150512221043@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Tuesday 12 May 2015 at 5:24:40 PM, in , Werner Koch wrote: > Hello! > The GnuPG Project is pleased to announce the > availability of a new release of GnuPG modern: Version > 2.1.4. Have some of the keyserver options changed between GnuPG versions 2.1.3 and 2.1.4? After installing 2.1.4 (on Windows XP), I keep seeing:- gpg: keyserver option 'tls' is unknown gpg: keyserver option 'verbose' is unknown gpg: keyserver option 'include-disabled' is unknown gpg: keyserver option 'auto-pka-retrieve' is unknown - -- Best regards MFPA The cure for anything is salt water - sweat, tears, or the sea. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVUmxcXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwZ10H/2eNrh5cDUDwigDd8tjZdfa5 6HcHTYUHEYsiWJN3EETCg9qbvTHrROpAojP2Qdlc8YJyyqA0wdayGc4M6T5PB8XM a5ZKhBVC7je8C7IvnalksOCpkCTUcKJOgCC/y8KnK76kUPibXeRvKtQMhXFOz2qa e3JaLoG02812Znx/8Lv9H1k9YyzDlKQpYTWVW3uUDSsLM7yyL5x2azE1wzwHpFKz IXhCnYr2wZE4PUGLUyIejSQnCMOJqcMuBi01umxmjnY+ihdhjHlLiLiSQnLRicY8 +wxQe9bFoFyI+gfPW36uRn8/WskwMdRhBi5Ky5Kf58TLLi5rYg2PI8i/THeR7m2I vgQBFgoAZgUCVVJshF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45F/8AQCDjpOfIBT8QuXXbrPeAdLuWR7n 95UP3hNwAivH6PMs5gD7B+U5BaUDUJ1FONjcwgdpTwrFPHkb08MeWtJClaqBlwM= =1ImS -----END PGP SIGNATURE----- From gniibe at fsij.org Wed May 13 02:29:51 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 13 May 2015 09:29:51 +0900 Subject: [Announce] GnuPG 2.1.4 released In-Reply-To: <1703207833.20150512221043@my_localhost> References: <87sib1ojav.fsf@vigenere.g10code.de> <1703207833.20150512221043@my_localhost> Message-ID: <55529AFF.6030708@fsij.org> Thanks for your report. On 05/13/2015 06:10 AM, MFPA wrote: > Have some of the keyserver options changed between GnuPG versions > 2.1.3 and 2.1.4? After installing 2.1.4 (on Windows XP), I keep > seeing:- > > gpg: keyserver option 'tls' is unknown > gpg: keyserver option 'verbose' is unknown > gpg: keyserver option 'include-disabled' is unknown > gpg: keyserver option 'auto-pka-retrieve' is unknown The message "unknown" is new in 2.1.4. These options have been unknown for GnuPG 2.1. The change makes inform users about these unknown options: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=c4d98734c5df39f57a71f0ec1c0c80e82ff08508 The options 'tls', 'verbose' and 'include-disabled' are options for keyserver helper programs of GnuPG 1.4 and 2.0, which are irrelevant for GnuPG 2.1. For 'verbose', I think that you'd specify it in dirmngr.conf if needed. I think that auto-pka-retrieve was renamed to honor-pka-record in 2006. I think that we need to review g10/options.skel and doc/gpg.texi for GnuPG 2.1, as they still have an entry for 'include-disabled'. -- From dbdaniel42 at gmail.com Thu May 14 04:41:26 2015 From: dbdaniel42 at gmail.com (Daniel Bomar) Date: Wed, 13 May 2015 21:41:26 -0500 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? Message-ID: I'm using Arch Linux and running a custom kernel (version 4.0.2) and I'm unable to use the --refresh-keys function. I know the kernel is the problem because when I reboot into the ARCH distribution kernel (also version 4.0.2) it works fine. It's only my custom kernel that has this issue. I need to know what configuration options GPG requires so I can compile in the required features. Here is the error I'm getting. # gpg --homedir /etc/pacman.d/gnupg --refresh-keys gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net gpg: keyserver refresh failed: Address family not supported by protocol From mark.hellewell at gmail.com Thu May 14 08:33:10 2015 From: mark.hellewell at gmail.com (mark hellewell) Date: Thu, 14 May 2015 16:33:10 +1000 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: References: Message-ID: Smells like something to do with IPv6 On 14 May 2015 at 12:41, Daniel Bomar wrote: > I'm using Arch Linux and running a custom kernel (version 4.0.2) and > I'm unable to use the --refresh-keys function. I know the kernel is > the problem because when I reboot into the ARCH distribution kernel > (also version 4.0.2) it works fine. It's only my custom kernel that > has this issue. I need to know what configuration options GPG > requires so I can compile in the required features. > > Here is the error I'm getting. > > # gpg --homedir /etc/pacman.d/gnupg --refresh-keys > gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net > gpg: keyserver refresh failed: Address family not supported by protocol > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From berend.de.schouwer at gmail.com Thu May 14 13:16:42 2015 From: berend.de.schouwer at gmail.com (Berend De Schouwer) Date: Thu, 14 May 2015 13:16:42 +0200 Subject: gnupg migration corrupt db? Message-ID: <1431602202.9420.11.camel@gmail.com> Hi, On my system both gnupg 1.4.19 and 2.1.2 are installed. I'm still trying to track down what needs what. gnupg2 seems to have attempted to automatically migrate my DB from an older version to a newer version on first execution. However, it seems to have failed: gpg: starting migration from earlier GnuPG versions gpg: porting secret keys from '/home/berend/.gnupg/secring.gpg' to gpg -agent gpg: keydb_get_keyblock failed: Value not found gpg: key 77731557: failed to re-lookup public key gpg: keydb_get_keyblock failed: Value not found ... gpg: migration succeeded Five keys failed like this. Right now gnupg1 works, but gnupg2 does not. With that, I mean gnupg1 can decrypt, but gnupg2 cannot decrypt the same files. The reason seems to be a failure to read or accept certain secret keys. gnupg1 --list-secret-keys lists 6 secret keys. Some are old. One is expired. Two are "active" for different e-mail accounts. gnupg2 --list-secret-keys lists 1 secret key. Attempting to re-import the DB, using gpg2 --import secring-old.gpg does: gpg: keydb_get_keyblock failed: Value not found gpg: key 77731557: public key "[User ID not found]" imported gpg: key 77731557: failed to re-lookup public key gnupg2 --list-keys lists a key as: pub ... date uid [unknown] name email sub ... date gnupg1 --list-keys doesn't print [unknown] I do have backups :) Is this salvageable? Berend From dfalko at digiflak.com Thu May 14 14:39:23 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Thu, 14 May 2015 15:39:23 +0300 Subject: gpgsm --list-external-keys over TLS Message-ID: <5554977B.9080609@digiflak.com> Hello! Is it possible to connect to the ldap server by TLS(ldaps). -- Best Regards! From mls at dabpunkt.eu Thu May 14 15:46:26 2015 From: mls at dabpunkt.eu (Daniel Baur) Date: Thu, 14 May 2015 15:46:26 +0200 Subject: Receiving keys by PKA or OpenPGP Message-ID: <5554A732.4040505@dabpunkt.eu> Hello, maybe I?m blind, but how can I receive a key from a pka- or OpenPGP-DNS-entry without encrypting a (dummy-)file? Sincerely, DaB. From masterkorp at masterkorp.net Thu May 14 18:04:39 2015 From: masterkorp at masterkorp.net (Alfredo Palhares) Date: Thu, 14 May 2015 17:04:39 +0100 Subject: Creating a new Identity Message-ID: <1431617213-sup-3025@vegeta> Hello everyone, I am finally planning on leaving the nickname I choose as a kid for my email. So I bough the palhares.me domain (my last name) and I will be setting Postfix for that email alfredo at palhares.me, with that, I want to have the best possible GPG Keypair. I've been doing some reading[1][2] and I plan to create a master keypair to a set of subkeys for my laptop and another for my smartphone, but right away I have the following questions: - I use a password manager[3] to store my passwords and share them across devices, since they would be to separate keys, I would need to encrypt for to separate key IDs right ? - How do you store your master GPG key offline ? - Comming from another email and GPG what would be the best method to prove I am the person that used masterkorp at masterkorp.net email and X key id ? [1]: https://alexcabal.com/creating-the-perfect-gpg-keypair/ [2]: https://www.gnupg.org/gph/en/manual.html [3]: http://www.passwordstore.org/ Regards, -- Alfredo Palhares GPG/PGP Key Fingerprint 68FC B06A 6C22 8B9B F110 38D6 E8F7 4D1F 0763 CAAD -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From dbdaniel42 at gmail.com Thu May 14 19:51:56 2015 From: dbdaniel42 at gmail.com (Daniel Bomar) Date: Thu, 14 May 2015 12:51:56 -0500 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: References: Message-ID: Looks to be the case. The strange thing is I thought that as well and tested by passing "ipv6.disable=1" to my distribution kernel and it still worked. Then I compiled IPV6 support into my custom kernel and that got it working BUT when I pass "ipv6.disable=1" to my custom kernel it does NOT work. I'm not sure what the difference is there where I can disable it in one kernel and have it work but not the other. In any case, is this a bug? I don't see why I should have to have IPV6 support compiled in when my ISP only gives me an IPV4 address so I explicitly left it out. On Thu, May 14, 2015 at 1:33 AM, mark hellewell wrote: > Smells like something to do with IPv6 > > On 14 May 2015 at 12:41, Daniel Bomar wrote: >> I'm using Arch Linux and running a custom kernel (version 4.0.2) and >> I'm unable to use the --refresh-keys function. I know the kernel is >> the problem because when I reboot into the ARCH distribution kernel >> (also version 4.0.2) it works fine. It's only my custom kernel that >> has this issue. I need to know what configuration options GPG >> requires so I can compile in the required features. >> >> Here is the error I'm getting. >> >> # gpg --homedir /etc/pacman.d/gnupg --refresh-keys >> gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net >> gpg: keyserver refresh failed: Address family not supported by protocol >> >> _______________________________________________ >> Gnupg-users mailing list >> Gnupg-users at gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-users From jackyalcine at gmail.com Thu May 14 18:41:35 2015 From: jackyalcine at gmail.com (Jacky Alcine) Date: Thu, 14 May 2015 12:41:35 -0400 Subject: Creating a new Identity In-Reply-To: <1431617213-sup-3025@vegeta> References: <1431617213-sup-3025@vegeta> Message-ID: <2056428.RCTOQlSNfl@stark.jalcine> On Thursday, May 14, 2015 05:04:39 PM Alfredo Palhares wrote: Password Store allows you to encrypt your entire tree of keys with multiple keys so for #2, you shouldn't have a problem. As for storing keys offline, in the case of having a backup, storing your private keys to a physical medium or printing them out and locking them in safe keeping would be one case. > Hello everyone, > > I am finally planning on leaving the nickname I choose as a kid for my > email. > > So I bough the palhares.me domain (my last name) and I will be setting > Postfix for that email alfredo at palhares.me, with that, I want to have the > best possible GPG Keypair. > > I've been doing some reading[1][2] and I plan to create a master keypair to > a set of subkeys for my laptop and another for my smartphone, but right > away I have the following questions: > > - I use a password manager[3] to store my passwords and share them across > devices, since they would be to separate keys, I would need to encrypt for > to separate key IDs right ? > > - How do you store your master GPG key offline ? > > - Comming from another email and GPG what would be the best method to prove > I am the person that used masterkorp at masterkorp.net email and X key id ? > > [1]: https://alexcabal.com/creating-the-perfect-gpg-keypair/ > [2]: https://www.gnupg.org/gph/en/manual.html > [3]: http://www.passwordstore.org/ > > Regards, -- Jacky Alcine, web developer on a sugar high https://jacky.wtf #BlackLivesMatter -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: This is a digitally signed message part. URL: From dgouttegattat at incenp.org Thu May 14 21:00:33 2015 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Thu, 14 May 2015 21:00:33 +0200 Subject: Creating a new Identity In-Reply-To: <1431617213-sup-3025@vegeta> References: <1431617213-sup-3025@vegeta> Message-ID: <5554F0D1.5080601@incenp.org> On 05/14/2015 06:04 PM, Alfredo Palhares wrote: > I've been doing some reading[1] I would note that this document is obsolete on several points. * First and foremost, it suggests using GnuPG 1.4. Even in 2013, there were already no reason to prefer that version over GnuPG 2.0; a fortiori there is no reason today to prefer it over GnuPG 2.1. Actually, ?creating the perfect GPG keypair? is much easier with Modern GnuPG. * I also disagree with the advice of always ?using the highest possible values for key length?, although I reckon that this point is controversial [1]. I?d rather stick to 2048-bit for the subkeys (they can be changed at anytime, if we were to learn that attacks on 2048-bit RSA become practical), even if I do recommend 4096-bit for the *master* key only. * There is no more need to ?strengthen hash preferences?. * GnuPG 2.1 already creates a revocation certificate (stored in ~/.gnupg/openpgp-revocs.d) when creating a new key pair. * With GnuPG 2.1 removing the master private key from the keyring is now much easier, as you don?t need to go through the whole process of exporting the private subkeys, deleting all the private keys, then importing back the subkeys only. Instead, get the ?keygrip? of your master key: $ gpg2 --with-keygrip -K /home/alice/.gnupg/pubring.kbx ------------------------------ sec rsa4096/CB2F38F25B491A54 2014-12-31 [SC] [expires: 2017-12-30] Keygrip = D4DF0C35D3E22FA6AC37DA2E54FB03F73616A3CB uid [ultimate] Alice [?] You will find the file containing the private key in ~/.gnupg/private-keys-v1.d/KEYGRIP.key. Move this file to any secure place you want. When you will need your private master key, just put the file back in the private-keys-v1.d directory (do not change its name). > - How do you store your master GPG key offline ? I?ve splitted it in 2-of-3 shares using libgfshare [2]. One share is left on my computer, the other two are offline on two USB sticks. > - Comming from another email and GPG what would be the best method to prove I am > the person that used masterkorp at masterkorp.net email and X key id ? You could either: * sign your new keypair with your old key; * write a transition statement and sign it with both your old and your new key. [1] http://wiki.gnupg.org/LargeKeys [2] http://www.digital-scurf.org/software/libgfshare -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From juanmi.3000 at gmail.com Thu May 14 22:51:25 2015 From: juanmi.3000 at gmail.com (=?windows-1252?Q?Juan_Miguel_Navarro_Mart=EDnez?=) Date: Thu, 14 May 2015 20:51:25 +0000 Subject: Creating a new Identity In-Reply-To: <1431617213-sup-3025@vegeta> References: <1431617213-sup-3025@vegeta> Message-ID: <55550ACD.7010401@gmail.com> Alfredo Palhares: > - I use a password manager[3] to store my passwords and share them across > devices, since they would be to separate keys, I would need to encrypt for to > separate key IDs right ? > I don't understand what you are trying to say here. Alfredo Palhares: > - How do you store your master GPG key offline ? > Store it in a Smartcard, like Yubikey, an air-gapped computer or a CD or USB, then you can import the secret key back to your PC if you need to sign keys, then delete it afterwards. Alfredo Palhares: > - Comming from another email and GPG what would be the best method to prove I am > the person that used masterkorp at masterkorp.net email and X key id ? > Why not just use the same old master key, just add the new UID (alfredo at palhares.me) and revoke, if you want to, the old UID (masterkorp at masterkorp.net). If you want to really transition from key to key, you can sign the new key with the old key. And if you know of people that use GPG and follows the news from you (on your blog, website), you can make a key transition statement[1][2][3] signed by both the old and new GPG keys. I created an script[4] to make an unsigned transition statement, you are free to look at the code and see if there is something bad or wrong with it, you are also free to modify it as well. [1] http://vincent.bernat.im/en/blog/2012-gpg-transition-new-key.html [2] http://www.itais.net/key-transition-2014-12-12.txt [3] http://blog.josefsson.org/2014/06/23/openpgp-key-transition-statement/ [4] https://paste.debian.net/177153/ From 2014-667rhzu3dc-lists-groups at riseup.net Fri May 15 01:58:52 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Fri, 15 May 2015 00:58:52 +0100 Subject: [Announce] GnuPG 2.1.4 released In-Reply-To: <55529AFF.6030708@fsij.org> References: <87sib1ojav.fsf@vigenere.g10code.de> <1703207833.20150512221043@my_localhost> <55529AFF.6030708@fsij.org> Message-ID: <1975514618.20150515005852@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Wednesday 13 May 2015 at 1:29:51 AM, in , NIIBE Yutaka wrote: > The message "unknown" is new in 2.1.4. > These options have been unknown for GnuPG 2.1. The > change makes inform users about these unknown options: > http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=c4d98734c5df39f57a71f0ec1c0c80e82ff08508 Unfortunately that link currently gets me "The site could be temporarily unavailable or too busy. Try again in a few moments." > The options 'tls', 'verbose' and 'include-disabled' are > options for keyserver helper programs of GnuPG 1.4 and > 2.0, which are irrelevant for GnuPG 2.1. For > 'verbose', I think that you'd specify it in > dirmngr.conf if needed. Sounds like I should remove these from the gpg.conf I use with GnuPG 2.1.x. > I think that auto-pka-retrieve was renamed to > honor-pka-record in 2006. My gpg.conf currently has both. (-; - -- Best regards MFPA None are so fond of secrets as those who do not mean to keep them -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVVTa/XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwg4cIAKOlb5qJvW9ZMyCqC8q3TyP3 BvM2iGNA7W3SN7gcQ4otgn8gBVeLI4yal2xCTAft/sGTOv/EgQ3H4vgas/6VBQNo hbW93Q+aAPj2gsa94YaB/uClUbff5mSEvyKiLep5l/DR0fvWGEaaw6I5oT1g5Xqb KjrMHqJvygUeDyXpivw/mD5Pf2JxQ4lqrP1c6JSHxVmgoQN2ER2Io1MwyeLI6g/j NAQAks0AmSDuk+bF9M2uWapjAHZmuMIxBEgvwb+WUkNhdjR6uN4XSdNUnLGhEHwb t6MvTEg6zAiOKQdhDn7PCWAPGN0xzy5O4H6uIaV7cxtovbEooPfcxmLOwwvaXOCI vgQBFgoAZgUCVVU2zF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45EWzAQDRZNZcrQmrp+wxqpMlVQ7MIhBu i1LZAcwApueAY+H0lgEAlKlnIVhJ3iEUzjfquuXt1QWeNroz9gUJIjYSfwwa/g0= =YMWt -----END PGP SIGNATURE----- From wk at gnupg.org Fri May 15 13:33:07 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 15 May 2015 13:33:07 +0200 Subject: Receiving keys by PKA or OpenPGP In-Reply-To: <5554A732.4040505@dabpunkt.eu> (Daniel Baur's message of "Thu, 14 May 2015 15:46:26 +0200") References: <5554A732.4040505@dabpunkt.eu> Message-ID: <87mw16krd8.fsf@vigenere.g10code.de> On Thu, 14 May 2015 15:46, mls at dabpunkt.eu said: > maybe I?m blind, but how can I receive a key from a pka- or > OpenPGP-DNS-entry without encrypting a (dummy-)file? gpg2 --auto-key-locate clear,nodefault,pka --locate-key ADDRESS Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri May 15 13:37:51 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 15 May 2015 13:37:51 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <1431602202.9420.11.camel@gmail.com> (Berend De Schouwer's message of "Thu, 14 May 2015 13:16:42 +0200") References: <1431602202.9420.11.camel@gmail.com> Message-ID: <87iobukr5c.fsf@vigenere.g10code.de> On Thu, 14 May 2015 13:16, berend.de.schouwer at gmail.com said: > Right now gnupg1 works, but gnupg2 does not. With that, I mean gnupg1 > can decrypt, but gnupg2 cannot decrypt the same files. The reason > seems to be a failure to read or accept certain secret keys. Are tehse PGP2 keys - they are not anymore supported in 2.1 > gpg: keydb_get_keyblock failed: Value not found > gpg: key 77731557: public key "[User ID not found]" imported > gpg: key 77731557: failed to re-lookup public key Please update to 2.1.4 2.1.2 has some problems skipping PGP-2 keys. > I do have backups :) Is this salvageable? In fact it should continue to work with GnuPG-1. There is a stamp file which tells 2.1 not to auto-migrate anymore (~/.gnupg/.gpg-v21-migrated). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri May 15 13:43:12 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 15 May 2015 13:43:12 +0200 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: (Daniel Bomar's message of "Wed, 13 May 2015 21:41:26 -0500") References: Message-ID: <87egmikqwf.fsf@vigenere.g10code.de> On Thu, 14 May 2015 04:41, dbdaniel42 at gmail.com said: > # gpg --homedir /etc/pacman.d/gnupg --refresh-keys > gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net > gpg: keyserver refresh failed: Address family not supported by protocol DNS tells that there are v6 keyservers but your kernel seems to support only legacy IP. Change your resolver not to return AAAA records. I won't consider this a bug but I suspect that we will have a bug the other way around (No legacy IP but DNS returned A records). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From berend.de.schouwer at gmail.com Fri May 15 13:57:35 2015 From: berend.de.schouwer at gmail.com (Berend De Schouwer) Date: Fri, 15 May 2015 13:57:35 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <87iobukr5c.fsf@vigenere.g10code.de> References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> Message-ID: <1431691055.9420.34.camel@gmail.com> On Fri, 2015-05-15 at 13:37 +0200, Werner Koch wrote: > On Thu, 14 May 2015 13:16, berend.de.schouwer at gmail.com said: > > > Right now gnupg1 works, but gnupg2 does not. With that, I mean > > gnupg1 > > can decrypt, but gnupg2 cannot decrypt the same files. The reason > > seems to be a failure to read or accept certain secret keys. > > Are tehse PGP2 keys - they are not anymore supported in 2.1 Some of them were likely created with GnuPG 0.0001, in the year 1917 :) Some of them are more recent. They are unlikely to have been created by PGP any version. How do I check if they are PGP2 keys? > > gpg: keydb_get_keyblock failed: Value not found > > gpg: key 77731557: public key "[User ID not found]" imported > > gpg: key 77731557: failed to re-lookup public key > > Please update to 2.1.4 2.1.2 has some problems skipping PGP-2 keys. Will do. gnupg.org/download is my friend. > > I do have backups :) Is this salvageable? > > In fact it should continue to work with GnuPG-1. They do. But I don't want to keep two gnupg versions installed indefinitely, and use different binaries for different keys. That's madness. > There is a stamp file > which tells 2.1 not to auto-migrate anymore (~/.gnupg/.gpg-v21 > -migrated). I'll restore from backup, and create that file. From berend.de.schouwer at gmail.com Fri May 15 15:40:19 2015 From: berend.de.schouwer at gmail.com (Berend De Schouwer) Date: Fri, 15 May 2015 15:40:19 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <87iobukr5c.fsf@vigenere.g10code.de> References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> Message-ID: <1431697219.9420.42.camel@gmail.com> On Fri, 2015-05-15 at 13:37 +0200, Werner Koch wrote: > > gpg: keydb_get_keyblock failed: Value not found > > gpg: key 77731557: public key "[User ID not found]" imported > > gpg: key 77731557: failed to re-lookup public key > > Please update to 2.1.4 2.1.2 has some problems skipping PGP-2 keys. With 2.1.4: 1. the secret keys do import. 2. each key asks for a passphrase. (2.1.2 did not) 3. It still prints "value not found", but no longer "failed to re -lookup public key" 4. --decrypt on an encrypted file: gpg: decryption failed: No secret key 5. the keys listed with --list-secret-keys are now listed multiple times. It's possible that the keys were imported -- incorrectly -- by 2.1.2. This might cause decrypting to fail. Time to recover backups. From dbdaniel42 at gmail.com Fri May 15 16:20:01 2015 From: dbdaniel42 at gmail.com (Daniel Bomar) Date: Fri, 15 May 2015 09:20:01 -0500 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: <87egmikqwf.fsf@vigenere.g10code.de> References: <87egmikqwf.fsf@vigenere.g10code.de> Message-ID: I verified this to be the case in Wireshark. It's sending both A and AAAA queries for hostname vod.ohai.su (not sure how it got that from pool.sks-keyservers.net but whatever probably not relevant.) However it's only GPG that seems to do this. If I ping either of those hostnames it sends only an A query. Same for my web browser and all other traffic I observed. It's only GPG that's trying to do these AAAA DNS queries. How do I change my resolver as you suggested? I don't have any kind of special setup. I'm just using Google's public DNS (8.8.8.8 and 8.8.4.4) set in /etc/resolv.conf along with a static IP. On Fri, May 15, 2015 at 6:43 AM, Werner Koch wrote: > On Thu, 14 May 2015 04:41, dbdaniel42 at gmail.com said: > >> # gpg --homedir /etc/pacman.d/gnupg --refresh-keys >> gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net >> gpg: keyserver refresh failed: Address family not supported by protocol > > DNS tells that there are v6 keyservers but your kernel seems to support > only legacy IP. Change your resolver not to return AAAA records. > > I won't consider this a bug but I suspect that we will have a bug the > other way around (No legacy IP but DNS returned A records). > > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > From dkg at fifthhorseman.net Fri May 15 16:36:40 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 15 May 2015 10:36:40 -0400 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: <87egmikqwf.fsf@vigenere.g10code.de> References: <87egmikqwf.fsf@vigenere.g10code.de> Message-ID: <87k2w952mf.fsf@alice.fifthhorseman.net> On Fri 2015-05-15 07:43:12 -0400, Werner Koch wrote: > On Thu, 14 May 2015 04:41, dbdaniel42 at gmail.com said: > >> # gpg --homedir /etc/pacman.d/gnupg --refresh-keys >> gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net >> gpg: keyserver refresh failed: Address family not supported by protocol > > DNS tells that there are v6 keyservers but your kernel seems to support > only legacy IP. Change your resolver not to return AAAA records. shouldn't dirmngr know enough to stop trying v6 addresses when v6 isn't available? > I won't consider this a bug but I suspect that we will have a bug the > other way around (No legacy IP but DNS returned A records). shouldn't dirmngr know enough to stop trying v4 addresses when v4 isn't available? These seem like parallel problems to me, but maybe i'm missing something. Can you explain why the situations are different? And just to clarify, which of the following best characterizes the bug (or something else?): 0) dirmngr can't talk to keyservers on networks it does not have access to. 1) dirmngr tries to access keyservers on networks it does not have access to. 2) dirmngr reports errors when trying to access keyservers on networks it does not have access to. 3) dirmngr fails to try other addresses on networks it does have access to when some addresses fail. --dkg From mls at dabpunkt.eu Fri May 15 16:48:24 2015 From: mls at dabpunkt.eu (Daniel Baur) Date: Fri, 15 May 2015 16:48:24 +0200 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: References: <87egmikqwf.fsf@vigenere.g10code.de> Message-ID: <55560738.4010105@dabpunkt.eu> Hello, Am 15.05.2015 um 16:20 schrieb Daniel Bomar: > If I ping either of those hostnames it sends only an A query that?s normal, because the ping-command works only for IPv4. Sincerely, DaB. From kristian.fiskerstrand at sumptuouscapital.com Fri May 15 16:52:20 2015 From: kristian.fiskerstrand at sumptuouscapital.com (Kristian Fiskerstrand) Date: Fri, 15 May 2015 16:52:20 +0200 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: References: <87egmikqwf.fsf@vigenere.g10code.de> Message-ID: <55560824.4060702@sumptuouscapital.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/15/2015 04:20 PM, Daniel Bomar wrote: > I verified this to be the case in Wireshark. It's sending both A > and AAAA queries for hostname vod.ohai.su (not sure how it got that > from pool.sks-keyservers.net but whatever probably not relevant.) > However it's only GPG that seems to do this. If I ping either of > those hostnames it sends only an A query. Same for my web browser > and all other traffic I observed. It's only GPG that's trying to > do these AAAA DNS queries. just throwing this in here for the archive purpose, but you have ipv4.pool.sks-keyservers.net that only servers A records (and the opposite for IPv6 at ipv6.pool.) to use as mitigants if such situations arise. - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- Quidquid latine dictum sit, altum videtur. Anything said in Latin sounds profound -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJVVgggAAoJEP7VAChXwav6t1kH/iy6Wn7nuz/lJ4QQri9wdwsp UcQEIPImVDfuVuGp75iqL6+QHJc9oLYv7KeBEiXv/thFvcBXaLORNzLDDDLrXYNP N1rntOmJ+hGvY5fI+D62z5q1A4oQaGiIxv/xww7jC2CCUtUB42L6mOGxmyE2+6Zg AfAtxjKn/Cj7Ydt8/UxmuhqAhj7bnnY15TYIdxETMmyPCNm2xCgOyEP6KzdjpFPe 9XYvmiaNUFi/aQRLeRXWk701vK8meH288BrzJ/XCclK4b3PRUBCYR5HezX0cJPDV Tu+SGUD4sLZcFbejXvXgmvNMhmazIG0F2/fFFGvMCkJg5/lT83NmSTmaJ0vLjpQ= =48rM -----END PGP SIGNATURE----- From support at camatek.com Fri May 15 17:48:52 2015 From: support at camatek.com (Camatek Electronics Support Staff) Date: Fri, 15 May 2015 11:48:52 -0400 Subject: Removing hkp from server Message-ID: <000601d08f26$a5370500$efa50f00$@camatek.com> Made the mistake of having no revocation certs and ended up with a mess. Lots of duplicates on hkp.gnupg.net. Is there an administrative contact to have them removed? Mark Rybicki CAMATEK Electronics Inc 480 W Mitchell St Ste 1W Petoskey, MI 49770 P: 231-347-7530 P: 231-547-2575 F: 231-622-7686 support at camatek.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkg at fifthhorseman.net Fri May 15 21:23:08 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 15 May 2015 15:23:08 -0400 Subject: Removing hkp from server In-Reply-To: <000601d08f26$a5370500$efa50f00$@camatek.com> References: <000601d08f26$a5370500$efa50f00$@camatek.com> Message-ID: <87r3qh3asj.fsf@alice.fifthhorseman.net> On Fri 2015-05-15 11:48:52 -0400, Camatek Electronics Support Staff wrote: > Made the mistake of having no revocation certs and ended up with a mess. > Lots of duplicates on hkp.gnupg.net. > > Is there an administrative contact to have them removed? Sorry, you probably can't get them removed. I suspect you mean hkp://keys.gnupg.net, which is an alias to the main keyserver pool, which is described here: https://sks-keyservers.net/ The keyserver pool is deliberately append-only. See for example, this FAQ: https://pgp.mit.edu/faq.html Regards, --dkg From peter at digitalbrains.com Fri May 15 21:24:02 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Fri, 15 May 2015 21:24:02 +0200 Subject: Removing hkp from server In-Reply-To: <000601d08f26$a5370500$efa50f00$@camatek.com> References: <000601d08f26$a5370500$efa50f00$@camatek.com> Message-ID: <555647D2.5030709@digitalbrains.com> On 15/05/15 17:48, Camatek Electronics Support Staff wrote: > Is there an administrative contact to have them removed? No, that is not possible. Do you still have the private key? Because as long as you still have the private key, you can still generate a revocation certificate and upload it. That's the only way to flag a key as unused or wrong. Otherwise, you'll just have to accept that these keys turn up as a search result. Normally, what counts is the signatures people place on the keys to gain trust in them, so that should not be a problem. Old unused keys are just noise, and the keyservers are full of them, HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From rjh at sixdemonbag.org Fri May 15 21:26:20 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 15 May 2015 15:26:20 -0400 Subject: Removing hkp from server In-Reply-To: <000601d08f26$a5370500$efa50f00$@camatek.com> References: <000601d08f26$a5370500$efa50f00$@camatek.com> Message-ID: <5556485C.8010201@sixdemonbag.org> > Made the mistake of having no revocation certs and ended up with a mess. > Lots of duplicates on hkp.gnupg.net. > > Is there an administrative contact to have them removed? Once uploaded to a keyserver, a certificate can't be removed. Once it's there, it's there for good. From 2014-667rhzu3dc-lists-groups at riseup.net Fri May 15 21:28:51 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Fri, 15 May 2015 20:28:51 +0100 Subject: gnupg migration corrupt db? In-Reply-To: <1431691055.9420.34.camel@gmail.com> References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> <1431691055.9420.34.camel@gmail.com> Message-ID: <147330398.20150515202851@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Friday 15 May 2015 at 12:57:35 PM, in , Berend De Schouwer wrote: > How do I check if they are PGP2 keys? If they are, they will have a shorter fingerprint which is commonly presented as 16 separate double hex digits. - -- Best regards MFPA Confusion is always the most honest response -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVVkj3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwOmUH/2aw4QGPNGfgUnhg8OeZyzU8 80H1g/CFJ9QjuVG1niIws0X+BiLtBf1Q0C/EDH9t1k05Rf8IcfYnJdr42xXMInXV MqZJPy4CO1TeCTR7+GWSAD9/ecBbiUHcEiCiyYIKr6OrZKjAcFIagY8d/p0I4Vtj 66/XJ9Nj207VPPXNdEX2lc59trmhYIXAdQ7ul30z87l35mSdQiZHeGuVA/GTm7XZ Hlt8pCxEZFObgePhU85FjHHt+9yLdnLEaeJQiy45wXiCKaj10shdcS6CFhBjz/VR DTCAMasofsvqs1n6ADstNpE8BaJZlvcxfjqXNeijne271cDYbeRX/vhLhII2682I vgQBFgoAZgUCVVZJBF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HFaAQDdmRiCd1VOz0vt4WzBB/5Vf4uB bE6gjrndn60xjErekQD9HxDjvWV1oVtAztnanBHADellvhVy+Z0em0nDSujyVAs= =mRyq -----END PGP SIGNATURE----- From 2014-667rhzu3dc-lists-groups at riseup.net Fri May 15 21:37:00 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Fri, 15 May 2015 20:37:00 +0100 Subject: Removing hkp from server In-Reply-To: <000601d08f26$a5370500$efa50f00$@camatek.com> References: <000601d08f26$a5370500$efa50f00$@camatek.com> Message-ID: <381362292.20150515203700@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Friday 15 May 2015 at 4:48:52 PM, in , Camatek Electronics Support Staff wrote: > Is there an administrative contact to have them > removed? No. If a server administrator deleted keys from one server, they would soon be propagated back from other keyservers. But that is a Good Thing. If you could contact somebody and get your unwanted keys removed from the keyservers, another person/agency could, potentially, also contact somebody and get _your_ keys removed. - -- Best regards MFPA A bird in the hand makes it awfully hard to blow your nose -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVVkrdXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwCb8H/iU8W05UUt49tRGUA5eI97H9 0m2UWYHgSkY7ItjdxupdHUuJpw+HxMotichnYkoU4sJy852y+CRr1YZAEp1mybCa rqkQxxha8gjmQybfUeoFbf+gyj06LJCE1g/SNE33lBJzKIcJnBoYWljPxkf5mn2z lA8vTMy7tA8zG5/k080GLf2GH7WjV5WdYYK7+JRuH+oQLGc95tCMYmL+YtwBmKkA VK7GygkauvVSsvSMj18leY1aEduLb5iwWPvbnM/TOMKAEiTDhdNks+GMniCK2SXU outsl9j4yCBDUIkN6R2OckJBa/XoY0DqUCWLASZNRZgeQLNZh1U38sRgiOHN5nCI vgQBFgoAZgUCVVZK3V8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45A+9AP9xd7XnEinFr4DvNTxiPXUWT0+I HoQrCsvC6Rvyt8O9xQD+OhUYnl+vOCY2nebDMAzjKEmBQko+Php99NBisSgsjQo= =Hdrr -----END PGP SIGNATURE----- From juanmi.3000 at gmail.com Fri May 15 21:49:23 2015 From: juanmi.3000 at gmail.com (=?windows-1252?Q?Juan_Miguel_Navarro_Mart=EDnez?=) Date: Fri, 15 May 2015 19:49:23 +0000 Subject: Removing hkp from server In-Reply-To: <000601d08f26$a5370500$efa50f00$@camatek.com> References: <000601d08f26$a5370500$efa50f00$@camatek.com> Message-ID: <55564DC3.3040604@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Camatek Electronics Support Staff: > Made the mistake of having no revocation certs and ended up with a > mess. Lots of duplicates on hkp.gnupg.net. > > > > Is there an administrative contact to have them removed? > It would depend on the keyserver, like those that need an email confirmation. But for most servers in pools like keys.gnupg.net, subkeys.gnupg.net and [hkps.]pool.sks-keyservers.net, you're out of luck. Next time create revocation certs and let the key expire as well, as you can later extend the expiration date. - -- Juan Miguel Navarro MArt?nez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9BC6 B3CF -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJVVk29AAoJEELfPuRPJIB7OxcH+gPZ9nSBWEq1JJM0oe4xJXBZ e8KZxcY6POXUNzNzAK9CQ97v5ZwQ/IDxBSQR8Y2b81QJ5WWR//UX3xZUfn7aObty Vc+rsC6Dg8D0cWI7D6Wvp/KvvjYE0Rd6gHqpquuFrryE6PW87cJmwLau93pgWn3i k0fRM3UPPZt7OnMuTVw834GjHf/4qNA5WZT2qOxUtx429iw1GNOhd5VmgDl8U7Kn G8xAwoyvo2DPhxSrghXPH1vov+00Ir96Jd0w7ah8DAzIJYJtJTURnkT7BCz0Eymj OYy/h8/YjanDUML0mjsFOdBMPvRv9j0OCjt3osnAAWlriN2zxtlfH4GBkvq8c6g= =QEna -----END PGP SIGNATURE----- From berend.de.schouwer at gmail.com Sat May 16 08:26:17 2015 From: berend.de.schouwer at gmail.com (Berend De Schouwer) Date: Sat, 16 May 2015 08:26:17 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <87iobukr5c.fsf@vigenere.g10code.de> References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> Message-ID: <1431757577.9420.51.camel@gmail.com> On Fri, 2015-05-15 at 13:37 +0200, Werner Koch wrote: > > > gpg: keydb_get_keyblock failed: Value not found > > gpg: key 77731557: public key "[User ID not found]" imported > > gpg: key 77731557: failed to re-lookup public key > > Please update to 2.1.4 2.1.2 has some problems skipping PGP-2 keys. I restored from backup, and 2.1.4 migrated successfully. The keys are not PGP2 keys. Thank you for the help. From berend.de.schouwer at gmail.com Sat May 16 08:21:07 2015 From: berend.de.schouwer at gmail.com (Berend De Schouwer) Date: Sat, 16 May 2015 08:21:07 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <147330398.20150515202851@my_localhost> References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> <1431691055.9420.34.camel@gmail.com> <147330398.20150515202851@my_localhost> Message-ID: <1431757267.9420.49.camel@gmail.com> On Fri, 2015-05-15 at 20:28 +0100, MFPA wrote: > > > How do I check if they are PGP2 keys? > > If they are, they will have a shorter fingerprint which is commonly > presented as 16 separate double hex digits. > ; Then no, they are not PGP2 keys. fingerprint = 10 x 4 hex digits. From wk at gnupg.org Sat May 16 11:34:20 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 16 May 2015 11:34:20 +0200 Subject: gnupg migration corrupt db? In-Reply-To: <1431691055.9420.34.camel@gmail.com> (Berend De Schouwer's message of "Fri, 15 May 2015 13:57:35 +0200") References: <1431602202.9420.11.camel@gmail.com> <87iobukr5c.fsf@vigenere.g10code.de> <1431691055.9420.34.camel@gmail.com> Message-ID: <87d220kgrn.fsf@vigenere.g10code.de> On Fri, 15 May 2015 13:57, berend.de.schouwer at gmail.com said: > They do. But I don't want to keep two gnupg versions installed > indefinitely, and use different binaries for different keys. That's > madness. Those few folks who still use their old insecure PGP-2 keys need to keep 1.4 around. It has been discussed on the devel list that removing all PGP2 support is the Right Thing to do even if some people need to do some extra work when decrypting or verifying data made with a PGP-2. > I'll restore from backup, and create that file. According to your other report restoring and using 2.1.4 solved the problems. Thanks for helping us to fix remaining problems in 2.1. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Sat May 16 11:37:12 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 16 May 2015 11:37:12 +0200 Subject: Removing hkp from server In-Reply-To: <55564DC3.3040604@gmail.com> ("Juan Miguel Navarro =?utf-8?Q?Mart=C3=ADnez=22's?= message of "Fri, 15 May 2015 19:49:23 +0000") References: <000601d08f26$a5370500$efa50f00$@camatek.com> <55564DC3.3040604@gmail.com> Message-ID: <878ucokgmv.fsf@vigenere.g10code.de> On Fri, 15 May 2015 21:49, juanmi.3000 at gmail.com said: > Next time create revocation certs and let the key expire as well, as > you can later extend the expiration date. FWIW: GnuPG 2.1 creates revocation certifciates for all new keys and stores them below ~/.gnupg/openpgp-recovs.d/. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Sat May 16 11:47:03 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 16 May 2015 11:47:03 +0200 Subject: What Linux kernel configuration options are required by GPG for --refresh-keys? In-Reply-To: <87k2w952mf.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Fri, 15 May 2015 10:36:40 -0400") References: <87egmikqwf.fsf@vigenere.g10code.de> <87k2w952mf.fsf@alice.fifthhorseman.net> Message-ID: <874mnckg6g.fsf@vigenere.g10code.de> On Fri, 15 May 2015 16:36, dkg at fifthhorseman.net said: > shouldn't dirmngr know enough to stop trying v6 addresses when v6 isn't > available? Adding v6 support at runtime would then require a restart. The real bug is that dirmngr does not mark the v6 address dead and retry anotyer server (or the v4 address). I need to look closer at it. Let's track this at https://bugs.gnupg.org/gnupg/issue1989 > 3) dirmngr fails to try other addresses on networks it does have access > to when some addresses fail. This one. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jerry at seibercom.net Sat May 16 12:20:51 2015 From: jerry at seibercom.net (Jerry) Date: Sat, 16 May 2015 06:20:51 -0400 Subject: OT: Re: Removing hkp from server In-Reply-To: <878ucokgmv.fsf@vigenere.g10code.de> References: <000601d08f26$a5370500$efa50f00$@camatek.com> <55564DC3.3040604@gmail.com> <878ucokgmv.fsf@vigenere.g10code.de> Message-ID: <20150516062051.263fe4af@seibercom.net> On Sat, 16 May 2015 11:37:12 +0200, Werner Koch stated: > FWIW: GnuPG 2.1 creates revocation certifciates for all new keys and > stores them below ~/.gnupg/openpgp-recovs.d/. I have created new keys; however, they are not located in that folder. The only key I have there is for the very first one I created on this system. Am I doing something wrong? -- Jerry From mls at dabpunkt.eu Sat May 16 15:06:38 2015 From: mls at dabpunkt.eu (Daniel Baur) Date: Sat, 16 May 2015 15:06:38 +0200 Subject: Receiving keys by PKA or OpenPGP In-Reply-To: <87mw16krd8.fsf@vigenere.g10code.de> References: <5554A732.4040505@dabpunkt.eu> <87mw16krd8.fsf@vigenere.g10code.de> Message-ID: <555740DE.2020907@dabpunkt.eu> Hello, Am 15.05.2015 um 13:33 schrieb Werner Koch: > gpg2 --auto-key-locate clear,nodefault,pka --locate-key ADDRESS ah ok, thanks. I forgot to consult the man-page for gpg2, sorry. Sincerely, DaB. From juanmi.3000 at gmail.com Sat May 16 20:50:16 2015 From: juanmi.3000 at gmail.com (=?windows-1252?Q?Juan_Miguel_Navarro_Mart=EDnez?=) Date: Sat, 16 May 2015 18:50:16 +0000 Subject: OT: Re: Removing hkp from server In-Reply-To: <20150516062051.263fe4af@seibercom.net> References: <000601d08f26$a5370500$efa50f00$@camatek.com> <55564DC3.3040604@gmail.com> <878ucokgmv.fsf@vigenere.g10code.de> <20150516062051.263fe4af@seibercom.net> Message-ID: <55579168.8080208@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Jerry: > On Sat, 16 May 2015 11:37:12 +0200, Werner Koch stated: > >> FWIW: GnuPG 2.1 creates revocation certifciates for all new keys >> and stores them below ~/.gnupg/openpgp-recovs.d/. > > I have created new keys; however, they are not located in that > folder. The only key I have there is for the very first one I > created on this system. Am I doing something wrong? > Only those created in 2.1 auto-create a revoke certification - -- Juan Miguel Navarro Mart?nez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9BC6 B3CF -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJVV5B5AAoJEELfPuRPJIB7PAAH/1d7VhD8L6du3XJtd6J0Aef2 m5FvlfxrWvNjXGOBwbcCaRXfNv3u4leCjOlD6YLb3b0LXCbq+PbVGbDnZUwI6kdv Cl/Cz/a3Mi3RjoE3uqvcqBXrM/gqsS60FAF6OFCmWP44/hqAnhKto+zzzIx+/A3v DLW1y2qWzU+Xi/Nqi36Pwhzwpu8qwYDwlHgF+Wb6q//+11Lw+Xca/lIHnYuosx2X BKeJJ5xD0+f/I7bHlWzEAUT3yHx6wi+qacotg5bcMKg4dqmS3D896Tbi6s4GUwY0 Syh6CFNsVUcDG7fZ59ERGae7LXbL2Kw8HDOmpK8IrSjOe1eRzgJpBED2BFDo1qY= =64Cr -----END PGP SIGNATURE----- From 2014-667rhzu3dc-lists-groups at riseup.net Mon May 18 03:02:54 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 18 May 2015 02:02:54 +0100 Subject: multiple instances of gpg-agent Message-ID: <899747200.20150518020254@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I have read several times that multiple instances of gpg-agent is not good. But I regularly see six or seven listings of "gpg-agent.exe" in Task Manager or Process Explorer. If I don't re-boot in the meantime (or kill the gpg-agent.exe processes with Task Manager) they can hang around for at least a day after last use. Is this likely to cause any problems? I am currently running GnuPG version 2.1.4 under Windows XP. GnuPG is used by my email client, by a GUI key manager, occasional commandline use, and by Mike Ingle's Confidant Mail. - -- Best regards MFPA No matter where you go, there you are. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVWTpCXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwyKUH/0KgDsPAOvlZ7gN4jn8/a9XJ QM9g4FOFBPiImSJDPNOevcqEzcw3QjiwdrZsmshtgYtuuqphL6DOKWKahhOU7/Pp 3rLvJzUlQkRHJCaAE3NQr0CVJflANCitWUzEW3pFg8FKH/OhU0AnEfraMeniHeA8 zOvosGGVHZ1BdN4Xyu6j943i1bcVwnjhdqTtsPfuwh/KpF8gtaWVVX9yqDCfhUFR 5JkKjzyzRIHkB0h+XMKlcXt9LYMsZcwag6mBPQRipxoyitgUtjJDScXOh3dzjZSX jXhqJQJ06827x4KvWA2+sMcsGk8Fsfb79dtsRYZAveGrvbdiYGpdzZEJc3LJ45yI vgQBFgoAZgUCVVk6R18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45PsrAQCTjOOg+yfFE9gYacIqoXNDPnrY +OU9fASAJmh3ZCW+BQD7B2QV+cIgDnsekI30qLRFfCbj9/Us8WkMSn/Bb8Repwc= =WEBu -----END PGP SIGNATURE----- From wk at gnupg.org Mon May 18 12:29:03 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 18 May 2015 12:29:03 +0200 Subject: multiple instances of gpg-agent In-Reply-To: <899747200.20150518020254@my_localhost> (MFPA's message of "Mon, 18 May 2015 02:02:54 +0100") References: <899747200.20150518020254@my_localhost> Message-ID: <87vbfqfac0.fsf@vigenere.g10code.de> On Mon, 18 May 2015 03:02, 2014-667rhzu3dc-lists-groups at riseup.net said: > I have read several times that multiple instances of gpg-agent is not > good. But I regularly see six or seven listings of "gpg-agent.exe" in > Task Manager or Process Explorer. If I don't re-boot in the meantime I have only seen two and since the auto-start process locking you should never see more than one. In any case the agent checks its own socket and if it is not connected to itself it will terminate itself. You see different agents for different GNUPGHOMEs and users; this is okay. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From philip.jackson at nordnet.fr Mon May 18 14:51:59 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Mon, 18 May 2015 14:51:59 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame Message-ID: <5559E06F.5030603@nordnet.fr> Using UbuntuStudio 1404 (and updates), gnupg 1.4.16 and gnupg2 2.0.22 (ubuntu installation) I came across this line (see subject) in an enigmail debug log recently and it was held as the likely cause of the display of an alertbox containing absolutely no information. Now today, while using the command line to check some public keys, I came across the same message. using : gpg -k : this gives what appears to be a normal listing terminating normally. but gpg2 -k : gives a shorter listing which is terminated by : > gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame > Aborted (core dumped) What causes this with gpg2 and not with gpg and what does it mean ? How should I recover this situation ? Thanks, Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From jeandavid8 at verizon.net Mon May 18 14:38:40 2015 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 18 May 2015 08:38:40 -0400 Subject: multiple instances of gpg-agent In-Reply-To: <899747200.20150518020254@my_localhost> References: <899747200.20150518020254@my_localhost> Message-ID: <5559DD50.9060801@verizon.net> On 05/17/2015 09:02 PM, MFPA wrote: > > > I have read several times that multiple instances of gpg-agent is > not good. But I regularly see six or seven listings of > "gpg-agent.exe" in Task Manager or Process Explorer. If I don't > re-boot in the meantime (or kill the gpg-agent.exe processes with > Task Manager) they can hang around for at least a day after last > use. Is this likely to cause any problems? > > I am currently running GnuPG version 2.1.4 under Windows XP. GnuPG > is used by my email client, by a GUI key manager, occasional > commandline use, and by Mike Ingle's Confidant Mail. > I run Red Hat Enterprise Linux 6 and I get lots of them too. I just kill them once in a while, but surely that is not ideal. I tried the following script in my .bash_profile that I thought would work, but it does not. SOCKET=S.gpg-agent PIDOF=`pidof gpg-agent` declare -x PIDOF #RETVAL=$? kill -s SIGHUP $PIDOF 2>/dev/null rm $HOME/.gnupg/$SOCKET rm -fr /tmp/gpg-* eval $(gpg-agent --daemon) GPG_SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET` 2>/dev/null ln -s $GPG_SOCKET_FILE $HOME/.gnupg #echo .bash_profile ran `/bin/date +%Y%b%d%R ` $GPG_SOCKET_FILE >> /home/jeandavid8/XprofileLog.txt -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://linuxcounter.net ^^-^^ 08:15:01 up 16 days, 16:06, 2 users, load average: 5.37, 5.13, 4. 87 From 2014-667rhzu3dc-lists-groups at riseup.net Tue May 19 00:54:49 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 18 May 2015 23:54:49 +0100 Subject: multiple instances of gpg-agent In-Reply-To: <87vbfqfac0.fsf@vigenere.g10code.de> References: <899747200.20150518020254@my_localhost> <87vbfqfac0.fsf@vigenere.g10code.de> Message-ID: <1759879274.20150518235449@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Monday 18 May 2015 at 11:29:03 AM, in , Werner Koch wrote: > I have only seen two and since the auto-start process > locking you should never see more than one. In any > case the agent checks its own socket and if it is not > connected to itself it will terminate itself. I just saw that in action: trying to run the command line shown in Process Explorer for an already-running agent gives me:- gpg-agent: a gpg-agent is already running - not starting a new one > You see different agents for different GNUPGHOMEs and > users; this is okay. Ah, that explains why there are so many running. Thank you. Looking at Process Explorer, it gives the command line for each instance of agent. Each one I see there at the moment contains a different path for --homedir. How long is agent supposed to stay running when it is no longer being used? It looks like mine last until I reboot. Or specifically kill them. Or delete the file S.gpg-agent in the relevant GnuPG home directory. - -- Best regards MFPA Look, it's a hat! It's not going to hurt you. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVWm2/XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwnaYH/RJ4ofwixL4IRKIrX3KZuG+1 o7DJnBNtijFvAGZr5zQdEfWLnO0VJxnyQcolA1jMhiHL9rwo6kEAFM3urLopxziM uYyCoqBLPGDATHE+TjcyLXQNbMhf16Vg+TMH981JVNGti0Gh4jQTVNA0qmb2q+/R 5hZHyrd9vbw3iu8dPBTKKZV4tiW3pMEvcydDBhn18s5r2+pbZARUDkxTEFxp5FKP PyuakXx4Vb7SLs0cRlQbnO0s01iJOrF68xsKUtEaFm1WMNvfdIp9mKpT6hvvZbFM nruVP8ORyOOf41BsY9Xny68uXcbMHlGvOiSb1I4Na7P9qyG05gver0oho94ufTGI vgQBFgoAZgUCVVptzF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45DxLAQD+65Nd7oq736PIbhryhH93asou jGyTO1CACUEy85lqHQEA3EuD0THBjyWAfZQS7ZNqY6TJYfRi1K2+PViDPHPzxg0= =n4DY -----END PGP SIGNATURE----- From mkfranny at gmail.com Tue May 19 12:51:07 2015 From: mkfranny at gmail.com (Michelle Gmail) Date: Tue, 19 May 2015 06:51:07 -0400 Subject: generating revocation certs non-interactively In-Reply-To: <5547FD53.5030203@greenhost.nl> References: <5547FD53.5030203@greenhost.nl> Message-ID: <3883DFD5-B386-477D-AA44-C650B2C2E8F4@gmail.com> U cheated, u lied, u manipulated me, u destroyed my credit the apartment , my life ur beautiful daughter that's so happy and just loves for us all to be together, ur stepson now can not get a birthday gift because I do not know how I will be able to pay rent or other bills or food , we can not even afford another apartment, what U have done was so cold as if we just all met, then u lied repeatedly too u were blue in the face denying u had a girlfriend and denied that all those things I said weren't true BUT THEY WERE. The planning u did the roll u played was as if u believed ur own lies and no one I mean no one would ever understand what u did to me and the kids. It wasn't something that a normal adult would do. Well let's go on then u developed a pretty dependent habit but u were after years later still not wanting to do anything for urself but u expected and wanted whenever u asked. U took took took u ran me dry then u moved on as if we didn't exsist but the crazy thing is u played a role as if u were this nice guy that did so much for me and with the kids but in fact u did not u verbally tortured me for hours with name calling and ur gossip talk about ur co workers ALL OF THEN!!!! I did so much more than what u have me credit for, and the blaming all ur mistakes on me daily cuz jason Boyer does no wrong. I'm gonna say I was warned my many people in which some had proof about ur problem. But I said he was young and gave u the benefit of doubt haha And then wow I mean WOW what I just lived more do past few months since u met girlfriend was by far the strangest behavior I have ever seen, I seen on jerry springer and all but never did I ever think that an individual would do something like this to his girl and family intentional. Oh yes hard to believe but believe it cuz he won't stop trying to destroye as if I was the one cheating but I wasn't but he's treating his family mostly myself as if I committed this horrible horrible crime that affected him in a way that he is so messed up now. But nooooo everyone that indeed is not true ither this is the strangest behavior I have ever witness. He played the role of the good guy and the one who loved me sooo much and did everything w kids and his family but no no None of that is true especially since he met his sugar mama it was total ignore the kids day after day as well as the verbal abuse got worse and worse Sent from my iPhone > On May 4, 2015, at 7:14 PM, luis wrote: > > From wk at gnupg.org Tue May 19 18:02:43 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 19 May 2015 18:02:43 +0200 Subject: multiple instances of gpg-agent In-Reply-To: <1759879274.20150518235449@my_localhost> (MFPA's message of "Mon, 18 May 2015 23:54:49 +0100") References: <899747200.20150518020254@my_localhost> <87vbfqfac0.fsf@vigenere.g10code.de> <1759879274.20150518235449@my_localhost> Message-ID: <87zj50blng.fsf@vigenere.g10code.de> On Tue, 19 May 2015 00:54, 2014-667rhzu3dc-lists-groups at riseup.net said: > I just saw that in action: trying to run the command line shown in > Process Explorer for an already-running agent gives me:- > > gpg-agent: a gpg-agent is already running - not starting a new one You are starting it and it is not started on demand by gpg. Thus youy get this error message. If gpg detects that no agent is running, it takes a lock, tests again, starts the agent, and releases the lock. > How long is agent supposed to stay running when it is no longer being > used? It looks like mine last until I reboot. Or specifically It is a daemon and it is not expected to stop. You logout script may stop it using "gpgconf --kill gpg-agent". You should not stop it if it is used by other sessions - thus this is left to the user. There is no harm in keeping the agent running. To flush the passphrase cache you may send a HUP to the agent or "gpgconf --reload gpg-agent". Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue May 19 18:11:27 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 19 May 2015 18:11:27 +0200 Subject: multiple instances of gpg-agent In-Reply-To: <5559DD50.9060801@verizon.net> (Jean-David Beyer's message of "Mon, 18 May 2015 08:38:40 -0400") References: <899747200.20150518020254@my_localhost> <5559DD50.9060801@verizon.net> Message-ID: <87vbfobl8w.fsf@vigenere.g10code.de> On Mon, 18 May 2015 14:38, jeandavid8 at verizon.net said: > I run Red Hat Enterprise Linux 6 and I get lots of them too. I just > kill them once in a while, but surely that is not ideal. The man pages gives hints on how to avoid starting several instances of gpg-agent. You should start it in your ~/.xsession script: gpg-agent --daemon --enable-ssh-support \ --write-env-file "$@{HOME@}/.gpg-agent-info" and for each login shell you run this: if [ -f "${HOME}/.gpg-agent-info" ]; then . "${HOME}/.gpg-agent-info" export GPG_AGENT_INFO export SSH_AUTH_SOCK fi However it is easier to put "use-standard-socket" into ~/.gnupg/gpg-agent.conf and let gpg start gpg-agent as needed. This is the same procedure as used by 2.1 and which has always used with 2.0 on Windows (where use-standard-socket is the default). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue May 19 18:14:19 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 19 May 2015 18:14:19 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <5559E06F.5030603@nordnet.fr> (Philip Jackson's message of "Mon, 18 May 2015 14:51:59 +0200") References: <5559E06F.5030603@nordnet.fr> Message-ID: <87r3qcbl44.fsf@vigenere.g10code.de> On Mon, 18 May 2015 14:51, philip.jackson at nordnet.fr said: >> gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame >> Aborted (core dumped) > > What causes this with gpg2 and not with gpg and what does it mean ? > How shoul You are trying to sign using SHA-512 and a small key. This is most likely due to custom preferences set on your key or in your config. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From philip.jackson at nordnet.fr Tue May 19 23:18:20 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Tue, 19 May 2015 23:18:20 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <87r3qcbl44.fsf@vigenere.g10code.de> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> Message-ID: <555BA89C.4080303@nordnet.fr> On 19/05/15 18:14, Werner Koch wrote: > > You are trying to sign using SHA-512 and a small key. This is most > likely due to custom preferences set on your key or in your config. I do have SHA-512 set as first preference in gpg.conf for both "message digest algorithm used when signing a key" and for "personal-digest-preferences" My key and sub-keys are RSA2048 - I didn't think that would be classed as a small key. And this message doesn't seem to me to have anything to do with signing. I first saw this message in an enigmail debug log after having received an enigmail alertbox containing absolutely no information. The alertbox appeared when I opened the next message in a recent thread of the gnupg-users mail list. The message was signed by its sender but enigmail would not display the key properties. Patric B suggested that the cause of the blank alertbox was this line in the debug log : gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame A couple of days' later, I wanted to look at my public keyring contents so I entered : gpg2 -k and the listing stopped short with the following : gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame Aborted (core dumped) 134 philip at philip-desktop:~$ (134 being, I suppose, the error return) This does not happen with gpg -k (ie using gnupg 1.4.16) None of this is directly connected with attempting to sign a key (which I haven't done for several months). Regards Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Wed May 20 12:24:25 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 20 May 2015 12:24:25 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <555BA89C.4080303@nordnet.fr> (Philip Jackson's message of "Tue, 19 May 2015 23:18:20 +0200") References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> Message-ID: <87h9r7bl7q.fsf@vigenere.g10code.de> On Tue, 19 May 2015 23:18, philip.jackson at nordnet.fr said: > A couple of days' later, I wanted to look at my public keyring contents so I > entered : gpg2 -k and the listing stopped short with the following : > > gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame gpg tried to verify a key signature and ran into that problem. Of course it should not abort here. It would be helpful if you can you figure out which key causes the problem. Maybe the key shown last or the one which would be shown next. Running with "--debug 64" might give some hints. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Thu May 21 02:13:32 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 20 May 2015 20:13:32 -0400 Subject: Popescu and keys Message-ID: <555D232C.3010309@sixdemonbag.org> In the last couple of days a few different people have pointed me to Mircea Popescu's blog, where he's claimed he's broken ~150 keys that are in common circulation among the keyservers. Unfortunately, his blog post is rather difficult to read: it's full of rude political asides that have no bearing on anything cryptological. I regret that, because it obscures what I think is a fascinating question: has he actually managed to recover private keys given just the public key? He claims to already have broken my key. If so, proving it is straightforward: sign a 256-bit value with my private key and upload it somewhere the world can see it. I'm going to be fascinated by the results, one way or another. If he can successfully do this it's going to lead to a lot of very interesting questions. For those people who are concerned about this, relax and remember to breathe. :) The 256-bit value, in base64 encoding: * anr8HIZZ1hRjeaXDxJ71qBNpw5s9r+42CqF+Bpk9vU4= -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From jeandavid8 at verizon.net Thu May 21 03:29:48 2015 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Wed, 20 May 2015 21:29:48 -0400 Subject: generating revocation certs non-interactively In-Reply-To: <3883DFD5-B386-477D-AA44-C650B2C2E8F4@gmail.com> References: <5547FD53.5030203@greenhost.nl> <3883DFD5-B386-477D-AA44-C650B2C2E8F4@gmail.com> Message-ID: <555D350C.30805@verizon.net> On 05/19/2015 06:51 AM, Michelle Gmail wrote: > U cheated, u lied, u manipulated me, u destroyed my credit the > apartment , my life ur beautiful daughter that's so happy and just > loves for us all to be together, ur stepson now can not get a > birthday gift because I do not know how I will be able to pay rent or > other bills or food , we can not even afford another apartment, what > U have done was so cold as if we just all met, then u lied repeatedly > too u were blue in the face denying u had a girlfriend and denied > that all those things I said weren't true BUT THEY WERE. The planning > u did the roll u played was as if u believed ur own lies and no one I > mean no one would ever understand what u did to me and the kids. It > wasn't something that a normal adult would do. Well let's go on then > u developed a pretty dependent habit but u were after years later > still not wanting to do anything for urself but u expected and wanted > whenever u asked. U took took took u ran me dry then u moved on as if > we didn't exsist but the crazy thing is u played a role as if u were > this nice guy that did so much for me and with the kids but in fact u > did not u verbally tortured me for hours with name calling and ur > gossip talk about ur co workers ALL OF THEN!!!! I did so much more > than what u have me credit for, and the blaming all ur mistakes on me > daily cuz jason Boyer does no wrong. I'm gonna say I was warned my > many people in which some had proof about ur problem. But I said he > was young and gave u the benefit of doubt haha And then wow I mean > WOW what I just lived more do past few months since u met girlfriend > was by far the strangest behavior I have ever seen, I seen on jerry > springer and all but never did I ever think that an individual would > do something like this to his girl and family intentional. Oh yes > hard to believe but believe it cuz he won't stop trying to destroye > as if I was the one cheating but I wasn't but he's treating his > family mostly myself as if I committed this horrible horrible crime > that affected him in a way that he is so messed up now. But nooooo > everyone that indeed is not true ither this is the strangest behavior > I have ever witness. He played the role of the good guy and the one > who loved me sooo much and did everything w kids and his family but > no no None of that is true especially since he met his sugar mama it > was total ignore the kids day after day as well as the verbal abuse > got worse and worse > It looks something like plain text, but I cannot figure out how to decrypt it. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://linuxcounter.net ^^-^^ 21:25:01 up 19 days, 5:16, 2 users, load average: 4.31, 4.49, 4.82 From jeandavid8 at verizon.net Thu May 21 04:37:19 2015 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Wed, 20 May 2015 22:37:19 -0400 Subject: multiple instances of gpg-agent In-Reply-To: <87vbfobl8w.fsf@vigenere.g10code.de> References: <899747200.20150518020254@my_localhost> <5559DD50.9060801@verizon.net> <87vbfobl8w.fsf@vigenere.g10code.de> Message-ID: <555D44DF.2070003@verizon.net> On 05/19/2015 12:11 PM, Werner Koch wrote: > On Mon, 18 May 2015 14:38, jeandavid8 at verizon.net said: > >> I run Red Hat Enterprise Linux 6 and I get lots of them too. I just >> kill them once in a while, but surely that is not ideal. > > The man pages gives hints on how to avoid starting several > instances of gpg-agent. You should start it in your ~/.xsession script: > > gpg-agent --daemon --enable-ssh-support \ > --write-env-file "$@{HOME@}/.gpg-agent-info" I tried this and it would not work. No such file or directory. I removed the @ signs and then that part worked. > > and for each login shell you run this: > > if [ -f "${HOME}/.gpg-agent-info" ]; then > . "${HOME}/.gpg-agent-info" > export GPG_AGENT_INFO > export SSH_AUTH_SOCK > fi I put that into .bashrc and it seems to work. Thank you. > > However it is easier to put "use-standard-socket" into > ~/.gnupg/gpg-agent.conf and let gpg start gpg-agent as needed. This is > the same procedure as used by 2.1 and which has always used with 2.0 on > Windows (where use-standard-socket is the default). > > > Salam-Shalom, > > Werner > -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://linuxcounter.net ^^-^^ 22:35:01 up 19 days, 6:26, 2 users, load average: 4.61, 4.47, 4.34 From wk at gnupg.org Thu May 21 11:30:02 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 21 May 2015 11:30:02 +0200 Subject: multiple instances of gpg-agent In-Reply-To: <555D44DF.2070003@verizon.net> (Jean-David Beyer's message of "Wed, 20 May 2015 22:37:19 -0400") References: <899747200.20150518020254@my_localhost> <5559DD50.9060801@verizon.net> <87vbfobl8w.fsf@vigenere.g10code.de> <555D44DF.2070003@verizon.net> Message-ID: <87oale8ehx.fsf@vigenere.g10code.de> On Thu, 21 May 2015 04:37, jeandavid8 at verizon.net said: >> --write-env-file "$@{HOME@}/.gpg-agent-info" > > I tried this and it would not work. No such file or directory. > > I removed the @ signs and then that part worked. Sorry, I copied it from the texinfo source and missed these escape sequences. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Thu May 21 11:28:20 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 21 May 2015 11:28:20 +0200 Subject: [admin] Please do not reply to obvious spam In-Reply-To: <555D350C.30805@verizon.net> (Jean-David Beyer's message of "Wed, 20 May 2015 21:29:48 -0400") References: <5547FD53.5030203@greenhost.nl> <3883DFD5-B386-477D-AA44-C650B2C2E8F4@gmail.com> <555D350C.30805@verizon.net> Message-ID: <87siaq8ekr.fsf_-_@vigenere.g10code.de> Hi! As some of you might have noticed, from time to time spam slips through the filter by means of subscribed users. That is a little bit annoying but it does not really harm. However, it is worse to reply to spam or send the mailing list owner a notice of that. That does not help. For the recent case I enabled the moderation flag on the posters account and also for an account with a similar gmail address. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From s7r at sky-ip.org Thu May 21 10:50:53 2015 From: s7r at sky-ip.org (s7r) Date: Thu, 21 May 2015 11:50:53 +0300 Subject: Popescu and keys In-Reply-To: <555D232C.3010309@sixdemonbag.org> References: <555D232C.3010309@sixdemonbag.org> Message-ID: <555D9C6D.2030409@sky-ip.org> Hello, I tried to read this guy's blog either but it seams like you have to pay to read it (buy credits with bitcoin). I don't know who the hell this guy thinks he is, not even Bruce Schneier asks to pay fees to read his blog/research papers, but I am just going to keep calm. So, since I wouldn't give anything more than the bandwidth I am already consuming to read this guy's blog, I guess I will never read his 'academic research on PGP', but I am really looking forward to see if he can sign the nonce you've provided with your so-called compromised key. I doubt this will ever happen. Even he never cracked any PGP keys at all, the FUD he spread around was a nice way to get some free advertising. Look, people saying his name on gnupg and enigmail lists, which are quite popular I believe. If he can prove he has your key by signing the nonce you've provided, I hereby confirm that I will subscribe to his 'academic research blog' and pay for each and every article, regardless I won't read them or have interest in them. Cheers! On 5/21/2015 3:13 AM, Robert J. Hansen wrote: > In the last couple of days a few different people have pointed me to > Mircea Popescu's blog, where he's claimed he's broken ~150 keys that are > in common circulation among the keyservers. Unfortunately, his blog > post is rather difficult to read: it's full of rude political asides > that have no bearing on anything cryptological. I regret that, because > it obscures what I think is a fascinating question: has he actually > managed to recover private keys given just the public key? > > He claims to already have broken my key. If so, proving it is > straightforward: sign a 256-bit value with my private key and upload it > somewhere the world can see it. > > I'm going to be fascinated by the results, one way or another. If he > can successfully do this it's going to lead to a lot of very interesting > questions. > > For those people who are concerned about this, relax and remember to > breathe. :) > > The 256-bit value, in base64 encoding: > > * anr8HIZZ1hRjeaXDxJ71qBNpw5s9r+42CqF+Bpk9vU4= > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From dkg at fifthhorseman.net Thu May 21 18:23:20 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 21 May 2015 12:23:20 -0400 Subject: [Enigmail] Popescu and keys In-Reply-To: <555D232C.3010309@sixdemonbag.org> References: <555D232C.3010309@sixdemonbag.org> Message-ID: <87382pucg7.fsf@alice.fifthhorseman.net> On Wed 2015-05-20 20:13:32 -0400, Robert J. Hansen wrote: > In the last couple of days a few different people have pointed me to > Mircea Popescu's blog, where he's claimed he's broken ~150 keys that are > in common circulation among the keyservers. At least one of the keys he claimed to have broken is a degraded copy of one of H. Peter Anvin's actual subkeys, as Hanno B?ck pointed out here: https://blog.hboeck.de/archives/872-About-the-supposed-factoring-of-a-4096-bit-RSA-key.html To my knowledge, Mircea (cc'ed here) has not retracted this particular claim, despite having issued at least three updates to his initial report about this key (which is not behind a paywall at the moment): http://trilema.com/2015/full-disclosure-4096-rsa-key-in-the-strongset-factored/ > Unfortunately, his blog post is rather difficult to read: it's full of > rude political asides that have no bearing on anything cryptological. > I regret that, because it obscures what I think is a fascinating > question: has he actually managed to recover private keys given just > the public key? > > He claims to already have broken my key. If so, proving it is > straightforward: sign a 256-bit value with my private key and upload it > somewhere the world can see it. > > I'm going to be fascinated by the results, one way or another. If he > can successfully do this it's going to lead to a lot of very interesting > questions. > > For those people who are concerned about this, relax and remember to > breathe. :) > > The 256-bit value, in base64 encoding: > > * anr8HIZZ1hRjeaXDxJ71qBNpw5s9r+42CqF+Bpk9vU4= Which key does he claim to have broken? If Mircea has broken your encryption-capable subkey (0xB8A6B74C001892C2) then he might only be able to decrypt messages sent to you, but not sign them. To provide him with an opportunity to demonstrate this (Hi Mircea!), i've produced this message, encrypted to rjh's encryption-capable subkey. Mircea, if you can decrypt it, you should find a secret message, signed by me, which includes within it the message-id of the e-mail i'm replying to. You can either produce the session-key (e.g. with gpg --show-session-key) or produce the signed message to demonstrate that you have control of Robert's secret key material: -----BEGIN PGP MESSAGE----- Version: GnuPG v2 hQIOA7imt0wAGJLCEAf/f8YJHSum4fhlU6o54747oW76E2wGPotvIU3g7kfpOBWa kjPB/x1VLrwYbCvJX2c7EmvshTwzZ2v4mqVfQ4d5shRqVCgtMiJlvxjrtQB9Rs29 6Im16cQeMNWSVT51HltoSkt5ZaA2Rx/19UEdFIRz9NR4kkXvGd3W3ZIj8FUBMHHy tLCCkaUI+9xZjQu32IVyhkUSrdSPvXMdHd0s2iaecUJxSuHeWeumTxkXZtX/ajlB VIy8Tc0zOPCK+FNhGKqasVvGhAABRxzXBLCgXu5v68hs3fv72JXXXXLdt2nbBVxG SjCN9v4FiPf5+dH+5rsKsDoEL7sIgHgiQX+m5vfs+wf/diBQW55yisHtfneQeTe4 DQc2Zl/dsOIMF5ZnouyZgW2ha2h1MG/6nYlnbrauBUYNSP19XI4YO3yt33Z4RjmD tsl92ENrio37hsOmjFOB54ail57tmkL7VoNYqBhbOnNcPK9FSPoPVsIT4t7TZm9Z uCVHa2P5/IZmUT2G9MfoZZuJDg/b4QhWOWNPEQc+qWgxB6GbEfFLSENO74xb7NN/ x6PbM7qRLqE8/rPBzm29zYBmWHKLBli4ibAuEHtXPN7pHBZiLdQ26uRl2mB+FOJy oCbgPdY+SDYKrLmi4/fL7d+kgJuWL5ox+0ZukV0vPax+ouXH/TsPN1NfMYO8t+R7 I9LpAeXFD2dTf25g8nnnC+pZK0gRgkaBHJ8YJQ3rkuL3Zn223KyAaXyIFMU18+Cc 7UiHPjNdA9imcFm0Bwu7rs0+Xu/+C/JOQf1pwhZb5/6f5BqqZAw1nhKi/lXrP4Ei mLHw5Yn1VDRBnyqtKM4EBmrSye8q+qdd5kVARyr5Rsl8NFi4PC8eM09C29h4JfFy yNZJEmJ7kqUiN/Lh1UegjaBbu0Zq1LASfAvcL040HHeMaswqEI+SZG2dI9tQcPws cqJvT/+Jx18PWOPo/sB6ITkyoeuGAUh0o+6UJ7bIxIMCNRluy8UBGxGgqi7jqPTs oXiHaf7GkMXcjZJUiYiCJH6G1GuS+mUwiIgzedCibm8TUGpLETW7hW7R4d3bcWon d6gZr/avBHNLqIWsWtaDi05x2MyBTiYqJuc2g2VRUCiXqU5ME1OoYC8KBtanQ+zj YO0bWVaDfCkbI6M8yLZ6u7glXLYLUOYhZ9/vlBgD8xbpiBo9AhUBejheqMOM55Fm AAVV7HYG78iz2tx8kv+HyC1e7Rg3AtjtphOw5tSfFMgIE9jTQZGDBE4GCyZtddQy edjX+a6MlWGN7DBttAentgFDXraKjD4zQszRNa4r0G8YiGWxTElBV1JPOrLbr8uA 9qc3Rt6cdM5Vd4AApoAxHf4L/josR0Cowm1wav6tRQxKKrXA/OYjnBDBfF2t+hAG zwikEoCrxERMF6fxvN+ovytsmvSFfMRulStl/L4i3kR/blfvZOp0FfjL5vdtboIA iGXqj7khAg5B47x3o31WgHAe0ZuzK+Vosdj5fpBk/Oo8oeHbQjPg6KOUNhOQuhey M4CDo1EJwjPbRhQNUGhK21hCHaShWS3rCCO5t/yYNEI1tdqIjpurUyxr1SlNcoqz AB+djexxxR8WZa4Mno9WVrLFDMOkcKFrWCILjL+AoGHAP0oc8jpyjiOlyWq7xvDn T4y5b9Lj0gJ1AbdOhRpymvq2WaXeZNWBlVCUFIXcHrhQLxvCPmbE56Bclt8C2cx0 +pICppn4mSMCsUhgEwGeAwl+9+lZjcbRo7au0817lXsk+BWJ1DpMBG5nO/c8ljDa +9ZgHjvN3iyb9fCsA9NngQic8o3NOYH90rFP0M+cS7HOY016UdOjF7Mk4tjjGJfJ Liv4s2+UtZA3zcodTMjeecEu421wDHp7Nj2NG9DacloVf6ZgRGKbRRLKY+59prIx hcxxCZJDZV3BooVDIkDyWhG4ztPEMBlZFw+qnyGcm1IJciWXjshfNiTQxONZQKxb jQ== =ED52 -----END PGP MESSAGE----- Given the poor communication patterns and lack of retraction of unfounded claims, i'm not currently worried that this is a real attack. I am prepared to take it seriously if Mircea can follow up effectively on either of the challenges here, though. Regards, --dkg From rjh at sixdemonbag.org Thu May 21 18:45:33 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 21 May 2015 12:45:33 -0400 Subject: [Enigmail] Popescu and keys In-Reply-To: <87382pucg7.fsf@alice.fifthhorseman.net> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> Message-ID: <555E0BAD.3090703@sixdemonbag.org> > Which key does he claim to have broken? If Mircea has broken your > encryption-capable subkey (0xB8A6B74C001892C2) then he might only be > able to decrypt messages sent to you, but not sign them. He didn't say. You're correct in that I made an unfounded assumption; thank you for the correction. :) > Given the poor communication patterns and lack of retraction of > unfounded claims, i'm not currently worried that this is a real > attack. I am prepared to take it seriously if Mircea can follow up > effectively on either of the challenges here, though. Likewise. I'm not worried about this, and I hope no one else on these lists is, either. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From mofosyne at gmail.com Thu May 21 17:59:07 2015 From: mofosyne at gmail.com (mofo syne) Date: Fri, 22 May 2015 01:59:07 +1000 Subject: OPENPGP URI PROPOSAL Message-ID: You might see a few copies around. This one is edited and streamlined with some advice from Hasimir to help keep this proposal focused. This is mirrored in here Last updated: 2015-05-22 *=============================OPENPGP URI PROPOSAL=============================## Brief/Objective ####################* This proposal is to provide an alternative to the openpgp block messages, in the form of a uri ( e.g. `http://` ). This would make such messages more web friendly, as well as taking advantage of autolaunching apps to handle such messages. Such links may be embedded within email messages or webclients, or as a 2d barcode on a physical poster. This aims to be flexible and futureproof, by supporting any mix of variables or payload that may be thrown in it's way (e.g. percent encoding, base64, etc... ) *## Schema Description ##* openpgp:// [] [;key:value] [;key::value] <;::payload_data> * `openpgp://` - is the start of the openpgp uri * `;` - is used as a delimiter. * `[;key:value]` - for simple keyvalues: `;name:clark` * `[;key:value]` - `::` - is used to aid visual inspection, since the content would be more of a long complex string, rather than a simple key:value pair - `[;key?length:value]` - safely read in string: `;name?10::clark;kent` - `[;key?encoding:value]` - `;sig!base64::f4h5k34589ht...` * `<;::payload_data>` - payload do not require key value. But it has optional encoding and length (Which may have a default setting based on mode. E.g. public keys are often always encoded in base64 ) - `;::f4h5k34589ht...` - `;!base64::f4h5k34589ht...` - `;!octet?100::8BinaryStream` - `;!json?17::{"key":[1,2,3,4]}` * `$encoding` - is used to define how the string is encoded, e.g. base64,json,1010101 * `?length` - is used to define how many characters to read ahead as a string. Afterwards, it will just keep scanning for the next `;` or end of string. * `#type` this might be needed if we need to declare the type of a variable (undecided if it is needed in this standard proposal) *### Mode keywords ###* So far this is what I thought for gpg keywords for the `` * `pubkey` = public key * `prvkey` = private key * `encmsg` = encrypted message * `sigmsg` = signed message * `fprint` = key fingerprint *### extra thoughts ###* * http://tools.ietf.org/html/rfc1738 - Uniform Resource Locators (URL) * http://tools.ietf.org/html/rfc3986 - Uniform Resource Identifier (URI): Generic Syntax * http://tools.ietf.org/html/rfc3987 - Internationalized Resource Identifiers (IRIs) *# Structure Examples #############* e.g. For pubkey: openpgp://pubkey;version:GnuPG+v2;!base64:: For pubkey (with implied encoding. Default for pubkey mode payload is base64): openpgp://pubkey;version:GnuPG+v2;:: For encrypted msg: openpgp://msg;version:GnuPG+v2;!base64:: or a signed message openpgp://sigmsg;hash:SHA1;sig:;!:: *# Potential Usage ###############* * Embedded in NFC or 2D barcode for physical messages in posters that is able store encrypted messages, public keys, or signed messages. Other than posters, it also allows for easier transferring of openpgp messages via NFC or 2D barcodes between a webbrowser in a cybercafe to a smartphone. * Easier handling of messages in webrowsers via webrowsers plugins that can recognise the uri handler calls. E.g. Clicking on a url will automatically open up a openpgp program that automatically processes the message. *# Uri Mockups ################* Pubkey: openpgp://pubkey;version:GnuPG+v2;!base64::mQENBFVS5CYBCACmDH67cDfC+0ow2FVX4uzsiOfA1OA4ZSJVwVjBQeotgr3a5CWCWSbW+kw3CjlRQXcL4bxTNisGAfrtn78+GkEmS48mb9kAPi084flEBHmgHbzo0TI3az74S3UI3ZkLxuAdfD4G7BuVn7YPzOa3OgD3FW1zZ3EGsHSl3+i0QZZ0fPvi4OkC+w4vDjrkUGR/afy7AzQhYzMA22kf3PTvZMxS0RLJvoRbnyoGjd1aQZPJD4mMziBaySRKEdhAbIrogu2nW0M2aJmwiW1Sgp8PP8bH2PJPgXFKaRTucm3k2IdsxVx0u29VJiSq4ktrYm8cJ3ABfUWbd/4adUFMbqwY2UhBABEBAAG0M0p1c3R3YW50dG9oYXZlZnVuNTYgPGp1c3R3YW50dG9oYXZlZnVuNTZAd2FzdGUuY29tPokBOQQTAQgAIwUCVVLkJgIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEGNU/RWXfXCybfQH/jZLLuWdeqOj/bNFx6OHxNLc8hYKbuje+xtZNP4gagCJboiAxPoWDfrhVQLKfKwR2mslAqQWdLSL1w93C/L1ByzXUz5sXA2YOTGVLXMU0aKQxYg3hBPqyc66F26Rz8mVLnOHGQoGvlVA4CMFNwEpS3lMkxbNyoQLeS1wXJsZN8VmDa5vqzQySCmOuBJ0rDqbwLrYNshPVqdo1G7U0uoTjPTI65+GlKvtXLxqn/R7c/aywqE9qinK/L0uyiQ4itA0er6TwI8d8B1Fw8JvbDmJNx24zHqOjZWL1Osn5o7ZH31AmFH7VFFJWtcYkpgTf2KETZ/PvkPPV/RL0q9FiKcB7725AQ0EVVLkJgEIAMl4rKSFfLXrB3MlwmNZqp66/5ixBm8FN1o3Hj9/xhiHWWZWwmkL3pfWVGI4GvFpOyh26VTv6Hvt54rvaqGYPZsz2jRO8PmVQs8g3CmC21F20jqi1fNu8m50ntrvK6qOK0pC7l7XXXkLwF9ChwxE8ott3WKALMS6+Z8RD0h/2SoNfW80dMLyDr2MzZdEB+dX6FM3YajkVaaIrhesedOsPoJOpPJc/K0BF71YjecesUUJZFdGm5v5UkgPbptuXgRFQWbQcj0kpQT4oxjwUImLYWb86cSJn6Bw7aHD9h/7ZHF5Q/N8s5fsl6lAEPEI2hTTh0SJE5g8qqL5YRfX7QBy1d0AEQEAAYkBHwQYAQgACQUCVVLkJgIbDAAKCRBjVP0Vl31wsnapB/9D0IBTxRNfWz3jsUbcfnI5Vu4V7mBu9B6rO6NfgpMirf2XaPmC13nQjR3WFZqd6JeJ1GPupkhleau1oViVHvKB7rfKOUqt0MNecWuHNu7tGp2q+k0NTEnA8/F5BGj3yxKdWNZ1farQDVnz39Pcj17XZK7R6FXLcQRf/yMjkipp6AAzADMTulsu86JAo4TLix83SsSXEzdID8p0REVRZZCTI8VHxlGjKOJBUu2K6IL5P80NMbEfHqXpxroftQhsuMQPGhlMgzDlWe7Mt+H5i/v3Sa4dKEQ0fW3kX/abF0xo4zDvbsRgoMgC8Z4QBfW29SAWMlSEqgl+yP6S59CPWwJ1=VzYv encmsg: openpgp://encmsg;!base64::hQIMA2gg7mYL/9/3ARAAnICjOZZ2BPY/ly2y8kMN7wvnKKrWiIF8y4is5Az6+irsFc4XlAJ8ieKAQsxE9E8nopRoZySe9L6bPDQPr8dq1kYPN9eFaNkW+E1z0B1iV4c3LrT1iGLsDrNJEODB8zytkYayc75RkuuA3iRkZj5Qco1fiv3DVNlnYRyPkXVQBwVVUPXaSowWHCMCPMS+ZmiNiqNd4ZiN3Dah7mB87mK5ed8rZM03RBtS4QPpR9t3Ku4y1W58FuAeFqf3CrLpDrf/4U3+98RiI1Z3/zsqjblXZ0/uuNDQnFZvgpOZ1q6Ry1Z3N03U94vgvs3XjrIm6raQajBXrvGsQIbgbSEkBldzNA0r0afcTPeaHTaOMcHqGA68b7Ju9yvYVk0BSyVbrW/oK93wT4SAxgq8wCPKlocp+KZx6qofSf7v/SdIKwMRgm2r2X0lTQTggElVG3sc00YcqS2a1kizmLPeyTOjai1Nt3vhySGFO48+SGUXbeMdtMtJEmjk9SFquVHEUkcd1/0X89OWnVn+vDuhtKMvAWhLFGC+m9pXCA6YJxWZwPTtTmFSOdsnYFEEU5J/jpl7Rmtev3AaBsZKRwgQlP24vz4zBzfMatTxLu7KBLeneyRPvzMe16dolYJtBSSFj7R0iXEy5GhKGLuckGWPL9mCzgGT8NSJZVPsrCoAYCo75hEnSEzSTQGJlgriakR505zTMr4YtSDZnNZh9XFwZ2Wy64PwO5DexBgytHIEFQrqULfGoWUMYlIJAzDmkDx7eWcDwyWo5tZ8Uiv0pGJC6iM6krgs=/Kcn fingerprint: openpgp://fprint;name:clark+kent;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 openpgp://fprint;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 Some pontental future json (Not easy to transmit however, due to non uri standard charcters in json ): openpgp:testmode;key!json?17::{"key":[1,2,3,4]} -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at adversary.org Thu May 21 19:10:11 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 03:10:11 +1000 Subject: OPENPGP URI PROPOSAL In-Reply-To: References: Message-ID: <555E1173.1080201@adversary.org> On 22/05/2015 1:59 am, mofo syne wrote: > > You might see a few copies around. This one is edited and > streamlined with some advice from Hasimir to help keep this proposal > focused. For the benefit of the rest of the list, Hasimir is my IRC handle on freenode and a few other places. An /ns info command on freenode will show the key ID for the key I'm signing this message with too should anyone care. Regards, Ben P.S. Yes, the handle is a reference to Dune. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From philip.jackson at nordnet.fr Thu May 21 19:27:55 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Thu, 21 May 2015 19:27:55 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <87h9r7bl7q.fsf@vigenere.g10code.de> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> Message-ID: <555E159B.40606@nordnet.fr> On 20/05/15 12:24, Werner Koch wrote: > gpg tried to verify a key signature and ran into that problem. Of > course it should not abort here. It would be helpful if you can you > figure out which key causes the problem. Maybe the key shown last or > the one which would be shown next. Running with "--debug 64" might give > some hints. Thanks for that Werner. I found the key causing the problem. I compared the output of gpg -k and gpg2 -k and then tried gpg2 --list-sigs on the first key missing from the gpg2 listing. The --list-sigs failed with the same 'Ohhhhh jeeeee..." message. The key ID was 0x6e767393 gpg2 --delete-keys 0x6e767393 also failed and gave the same "Ohhhh jeeee..." message - that surprised me but the same command with gpg worked ok Once that key was eliminated from the public keyring, gpg2 -k listing runs to completion correctly. And also the keyID which enigmail Key Management would not display, now displays correctly. That key was not the one causing the problem. (The problem key had not been used to sign the key which would not display so I don't understand the connection between the two events.) Is it normal that gpg2 would not delete the key causing the problem ? If that is so, then we'll need to keep a copy of gnupg 1.xxx for keyring management. Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Thu May 21 21:21:10 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 21 May 2015 15:21:10 -0400 Subject: OPENPGP URI PROPOSAL In-Reply-To: References: Message-ID: <87pp5tspnd.fsf@alice.fifthhorseman.net> On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: > You might see a few copies around. This one is edited and streamlined with > some advice from Hasimir to help keep this proposal focused. This is > mirrored in here > This proposal appears to be trying to do a lot of different things. I'm not convinced that they are all reasonable goals, or that gnupg-users is the right mailing list to discuss them on. The openpgp at ietf.org is a mailing list where different people discuss the standard in general. The example you give toward the end of the spec (uri handlers in web browsers) is an important example for arguing why something like this is concretely useful. Have you tried to implement this? Can modern web browser handlers work with arbitrary length data? When i try to trigger a local handler for an unknown schema in iceweasel (firefox) i see this message: -------------- The address wasn't understood Iceweasel doesn't know how to open this address, because one of the following protocols (openpgp) isn't associated with any program or is not allowed in this context. You might need to install other software to open this address. -------------- with no option to choose an external handler or anything. Chromium, on the other hand, offers to launch "xdg-open" with that URL as the parameter, which fails because no handler is registered for the scheme in question. Is this the intended mechanism, or something else? > openpgp://pubkey;version:GnuPG+v2;!base64:: There is already a vCard spec for a full pubkey -- though you might actually mean "transferable public key" or OpenPGP certificate: https://tools.ietf.org/html/rfc6350#section-6.8.1 > openpgp://msg;version:GnuPG+v2;!base64:: When is this useful? > openpgp://sigmsg;hash:SHA1;sig:;!:: what about a message that is both signed and encrypted? how should it be represented? > * Embedded in NFC or 2D barcode for physical messages in posters that is > able store encrypted messages, public keys, or signed messages. Other than > posters, it also allows for easier transferring of openpgp messages via NFC > or 2D barcodes between a webbrowser in a cybercafe to a smartphone. These seem more likely to be handled by vCard or some similar approach to me. > openpgp://fprint;name:clark+kent;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 > > openpgp://fprint;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 These fingerprints are only 128 bits long, which matches the OpenPGPv3 fingerprint format. OpenPGPv4 fingerprints are 160 bits long, and any new fingerprint standard might be longer still. Your proposal here doesn't mention any sort of versioning for fingerprints, or take into account other concerns. A large discussion about fingerprint encodings for low-bandwidth transmission can be found here: https://github.com/open-keychain/open-keychain/issues/1281 hth, --dkg From wk at gnupg.org Thu May 21 21:37:59 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 21 May 2015 21:37:59 +0200 Subject: [Enigmail] Popescu and keys In-Reply-To: <87382pucg7.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Thu, 21 May 2015 12:23:20 -0400") References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> Message-ID: <87r3q97mco.fsf@vigenere.g10code.de> On Thu, 21 May 2015 18:23, dkg at fifthhorseman.net said: > At least one of the keys he claimed to have broken is a degraded copy of > one of H. Peter Anvin's actual subkeys, as Hanno B?ck pointed out here: That reminds if of a private discussion I had last autumn. Some guy downloaded most RSA keys from a keyserver and tried to factor 1.9 million moduli. They found 30 keys with a subkey having one of the first 1000 primes as a factor. He asked a few of them and while most used different versions of GnuPG one recalled to have used a commercial PGP tool to create the key in 2007. I looked at 8 of those keys and found that 2 are likely PGP created and 6 are by GPG. | Mail | S | factor | size | keyid | created | |------+---+--------+------+----------+------------| | xxxx | g | 0x3 | 4096 | xxxxxxx7 | 2010-12-28 | | xxxx | p | 0x49a3 | 3001 | xxxxxxx2 | 2007-04-29 | | xxxx | g | 0x1125 | 4096 | 1299816A | 2011-09-22 | | xxxx | g | 0x182d | 2048 | xxxxxxx3 | 2011-09-23 | | xxxx | g | 0x3 | 4096 | xxxxxxxB | 2011-08-09 | | xxxx | g | 0xc29b | 4096 | xxxxxxx0 | 2011-02-02 | | xxxx | g | 0x3cb3 | 2048 | xxxxxxxC | 2012-02-07 | | xxxx | p | 0x1f | 2048 | xxxxxxxF | 2010-01-18 | These are all encryption subkeys. The third key is the one from H. Peter Anvin. I have not found one of the fingerprints given in the said blog posting: gpg removed it while importing the key. It is a bit disturbing that the other subkey listed above has a good key binding signature. I got distracted for some time and a few weeks later the PGP team at Symantec reported back that these are all duplicated subkeys where the other subkey had no small factors. Their thesis is that this happened due to memory corruption while merging a key. They planned to investigate that further using the PGP SDK but, like me, the case was more or less forgotton. Incidentally, I met one of the other guys with a broken subkey at LinuxCon and he told me that some folks complained that they can't encrypt to him. For other this was no problem, though. My conclusion is that there are two issue: - Someone adding broken subkeys to the keyservers with a bad key-binding signature. No problem at all. - About 30 key with a valid key binding but with a partly duplicated subkey where both have a valid key binding signature. Most likely a software bug. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dkg at fifthhorseman.net Thu May 21 21:45:06 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 21 May 2015 15:45:06 -0400 Subject: [Enigmail] Popescu and keys In-Reply-To: <87382pucg7.fsf@alice.fifthhorseman.net> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> Message-ID: <87mw0xsojh.fsf@alice.fifthhorseman.net> On Thu 2015-05-21 12:23:20 -0400, Daniel Kahn Gillmor wrote: > Which key does he claim to have broken? If Mircea has broken your > encryption-capable subkey (0xB8A6B74C001892C2) then he might only be > able to decrypt messages sent to you, but not sign them. > > To provide him with an opportunity to demonstrate this (Hi Mircea!), > i've produced this message, encrypted to rjh's encryption-capable > subkey. > > Mircea, if you can decrypt it, you should find a secret message, signed > by me, which includes within it the message-id of the e-mail i'm > replying to. I've been informed by Mircea offlist that he has no interest in continuing this conversation, so i'm dropping him from CC here. It appears to me that he has nothing concrete to demonstrate, and he has shown an inability to correct factual errors he has already published. Not very impressive :( I think there's nothing interesting to see here, but if i hear anything more substantive, i'll be sure to follow up on this thread to let people know. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From ben at adversary.org Thu May 21 21:52:49 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 05:52:49 +1000 Subject: gpg-agent override to import secret keys in 2.1 Message-ID: <555E3791.6090703@adversary.org> Hello, Does anyone know whether or not there is an override command or option to force -agent to read/import secret keys after the initial migration to version 2.1? The basic scenario here is a primary workstation which the initial migration was performed on and a subsequent decommisioning of another workstation and keys generated on that workstation need to be merged with the primary. Not to mention the inevitable situation of replacing systems and needing to move everything, not just a subset. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Thu May 21 21:55:41 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 21 May 2015 15:55:41 -0400 Subject: OPENPGP URI PROPOSAL In-Reply-To: References: Message-ID: <555E383D.7060106@sixdemonbag.org> > This proposal is to provide an alternative to the openpgp block > messages, in the form of a uri ( e.g. `http://` ). The format of a URI is, generally, "mechanism:address for that mechanism". For instance, email has a URI scheme: mailto:rjh at sixdemonbag.org?subject=URI%20schemes FTP has one, too: ftp://ftp.gnupg.org HTTP has them: http://www.gnupg.org Filesystems have them: file:///Users/rjh/.gnupg/random_seed There's an ISO standard for serial numbers: urn:ISSN:1535-3613 Heck, there's even a URI scheme for Gopher. gopher://wait.people.still.use.gopher? You'll notice that for each of them, the first element in the URI is the protocol by which a network resource should be obtained. Web resources start with "http:" to let people know to use HTTP to obtain them. Mail links start with "mailto:" to let people know they need an email client to obtain the resource (or, in that case, deliver to that resource). Etc. It seems to me that you're confused as to what a URI is. Your proposal actually *delivers content*, as opposed to telling people where they can find/deliver content and what protocol they should use to access it. There may be some good ideas in this proposal, but there seems to be such a misunderstanding of URIs and how they work that I'm not inclined to delve too deeply. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Thu May 21 23:58:33 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 07:58:33 +1000 Subject: [Enigmail] Popescu and keys In-Reply-To: <87r3q97mco.fsf@vigenere.g10code.de> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> Message-ID: <555E5509.4030805@adversary.org> On 22/05/2015 5:37 am, Werner Koch wrote: > > These are all encryption subkeys. The third key is the one from > H. Peter Anvin. I have not found one of the fingerprints given in the > said blog posting: gpg removed it while importing the key. It is a bit > disturbing that the other subkey listed above has a good key binding > signature. > > I got distracted for some time and a few weeks later the PGP team at > Symantec reported back that these are all duplicated subkeys where the > other subkey had no small factors. Their thesis is that this happened > due to memory corruption while merging a key. They planned to > investigate that further using the PGP SDK but, like me, the case was > more or less forgotton. Is it possible that a keyserver running the old, buggy PKS code (v. 0.9.something) mangled these keys? Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From mofosyne at gmail.com Fri May 22 00:29:49 2015 From: mofosyne at gmail.com (mofo syne) Date: Fri, 22 May 2015 08:29:49 +1000 Subject: OPENPGP URI PROPOSAL In-Reply-To: <555E383D.7060106@sixdemonbag.org> References: <555E383D.7060106@sixdemonbag.org> Message-ID: So what are data uri classified as then? https://en.wikipedia.org/wiki/Data_URI_scheme Because this is based off datauri, in terms of structure. So since datauri works, I'm inclined to think that there isn't any technical restriction to including content within a uri context as long as the appropriate handling software is available for the browser to call upon. (Besides the character limits of internet explorer of 2kb. For chrome, it's more like 2MB. stack overflow source ) On Fri, May 22, 2015 at 5:55 AM, Robert J. Hansen wrote: > > This proposal is to provide an alternative to the openpgp block > > messages, in the form of a uri ( e.g. `http://` ). > > The format of a URI is, generally, "mechanism:address for that > mechanism". For instance, email has a URI scheme: > > mailto:rjh at sixdemonbag.org?subject=URI%20schemes > > FTP has one, too: > > ftp://ftp.gnupg.org > > HTTP has them: > > http://www.gnupg.org > > Filesystems have them: > > file:///Users/rjh/.gnupg/random_seed > > There's an ISO standard for serial numbers: > > urn:ISSN:1535-3613 > > Heck, there's even a URI scheme for Gopher. > > gopher://wait.people.still.use.gopher? > > You'll notice that for each of them, the first element in the URI is the > protocol by which a network resource should be obtained. Web resources > start with "http:" to let people know to use HTTP to obtain them. Mail > links start with "mailto:" to let people know they need an email client > to obtain the resource (or, in that case, deliver to that resource). Etc. > > It seems to me that you're confused as to what a URI is. Your proposal > actually *delivers content*, as opposed to telling people where they can > find/deliver content and what protocol they should use to access it. > > There may be some good ideas in this proposal, but there seems to be > such a misunderstanding of URIs and how they work that I'm not inclined > to delve too deeply. > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From vedaal at nym.hush.com Thu May 21 23:14:47 2015 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Thu, 21 May 2015 17:14:47 -0400 Subject: Lower Bound for Primes during GnuPG key generation (was Re: [Enigmail] Popescu and keys) In-Reply-To: <87r3q97mco.fsf@vigenere.g10code.de> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> Message-ID: <20150521211447.7CC3340056@smtp.hushmail.com> On 5/21/2015 at 3:45 PM, "Werner Koch" wrote: >Some guy >downloaded most RSA keys from a keyserver and tried to factor 1.9 >million moduli. They found 30 keys with a subkey having one of the >first 1000 primes as a factor. > I looked at 8 of those keys and > found that 2 are likely PGP created and 6 are by GPG. ===== When GnuPG creates and RSA keypair, is there a minimum *low* for primes it will ignore? (i.e. Will GnuPG reject a prime for key generation if it is one of the first 1000 primes, or first million primes, or any fixed lower level?) And if so, Is it feasible to mount an attack on a keypair by starting with trying successive primes greater than this lower bound, and possibly successfully find *some* GnuPG secret keys? TIA, vedaal From 2014-667rhzu3dc-lists-groups at riseup.net Fri May 22 00:46:04 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Thu, 21 May 2015 23:46:04 +0100 Subject: gpg-agent override to import secret keys in 2.1 In-Reply-To: <555E3791.6090703@adversary.org> References: <555E3791.6090703@adversary.org> Message-ID: <1910498255.20150521234604@my_localhost> Hi On Thursday 21 May 2015 at 8:52:49 PM, in , Ben McGinnes wrote: > Hello, Does anyone know whether or not there is > an override command or option to force -agent to > read/import secret keys after the initial migration to > version 2.1? Doesn't it detect the presence/absence of the file "gpg-v21-migrated"? -- Best regards MFPA To steal ideas from one person is plagiarism; to steal from many is research. From hugo at barrera.io Fri May 22 00:46:52 2015 From: hugo at barrera.io (Hugo Osvaldo Barrera) Date: Thu, 21 May 2015 19:46:52 -0300 Subject: OPENPGP URI PROPOSAL In-Reply-To: <87pp5tspnd.fsf@alice.fifthhorseman.net> References: <87pp5tspnd.fsf@alice.fifthhorseman.net> Message-ID: <20150521224652.GA3954@athena.barrera.io> On 2015-05-21 15:21, Daniel Kahn Gillmor wrote: > On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: > > You might see a few copies around. This one is edited and streamlined with > > some advice from Hasimir to help keep this proposal focused. This is > > mirrored in here > > > > This proposal appears to be trying to do a lot of different things. I'm > not convinced that they are all reasonable goals, or that gnupg-users is > the right mailing list to discuss them on. The openpgp at ietf.org is a > mailing list where different people discuss the standard in general. > > The example you give toward the end of the spec (uri handlers in web > browsers) is an important example for arguing why something like this is > concretely useful. Have you tried to implement this? Can modern web > browser handlers work with arbitrary length data? When i try to trigger > a local handler for an unknown schema in iceweasel (firefox) i see this > message: > Modern browsers can handle this. Some websites embed base64 uri-encoded images of several kb in length and all browsers handle this properly. > -------------- > The address wasn't understood > > Iceweasel doesn't know how to open this address, because one of the following protocols (openpgp) isn't associated with any program or is not allowed in this context. > > You might need to install other software to open this address. > -------------- > > with no option to choose an external handler or anything. > The same happens with several other quite standard protocols. Even some of those listed on rfc3986. This is a firefox issue, IMHO. This is configured via about:preferences#applications, since firefox does not respect OS settings in this aspect at all. > Chromium, on the other hand, offers to launch "xdg-open" with that URL > as the parameter, which fails because no handler is registered for the > scheme in question. Is this the intended mechanism, or something else? > > > openpgp://pubkey;version:GnuPG+v2;!base64:: > That sounds like the expected behaviour if there's no registered handler. The same would happen with things like "mailto:" if you had none. > There is already a vCard spec for a full pubkey -- though you might > actually mean "transferable public key" or OpenPGP certificate: > > https://tools.ietf.org/html/rfc6350#section-6.8.1 > Yeah, this seems to invalidate the strongest use-case for this specification. > > openpgp://msg;version:GnuPG+v2;!base64:: > > When is this useful? > > > openpgp://sigmsg;hash:SHA1;sig:;!:: > > what about a message that is both signed and encrypted? how should it > be represented? > > > * Embedded in NFC or 2D barcode for physical messages in posters that is > > able store encrypted messages, public keys, or signed messages. Other than > > posters, it also allows for easier transferring of openpgp messages via NFC > > or 2D barcodes between a webbrowser in a cybercafe to a smartphone. > > These seem more likely to be handled by vCard or some similar approach > to me. > On some scenarios. But we need some sort of glue to import something from a vCard into gnupg's keyring. I don't think we need a new spec for this though. > > openpgp://fprint;name:clark+kent;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 > > > > openpgp://fprint;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 > > These fingerprints are only 128 bits long, which matches the OpenPGPv3 > fingerprint format. OpenPGPv4 fingerprints are 160 bits long, and any > new fingerprint standard might be longer still. > > Your proposal here doesn't mention any sort of versioning for > fingerprints, or take into account other concerns. > > A large discussion about fingerprint encodings for low-bandwidth > transmission can be found here: > > https://github.com/open-keychain/open-keychain/issues/1281 > > hth, > > --dkg > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Hugo Osvaldo Barrera A: Because we read from top to bottom, left to right. Q: Why should I start my reply below the quoted text? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From jeandavid8 at verizon.net Fri May 22 01:52:00 2015 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Thu, 21 May 2015 19:52:00 -0400 Subject: multiple instances of gpg-agent In-Reply-To: <87oale8ehx.fsf@vigenere.g10code.de> References: <899747200.20150518020254@my_localhost> <5559DD50.9060801@verizon.net> <87vbfobl8w.fsf@vigenere.g10code.de> <555D44DF.2070003@verizon.net> <87oale8ehx.fsf@vigenere.g10code.de> Message-ID: <555E6FA0.7080206@verizon.net> On 05/21/2015 05:30 AM, Werner Koch wrote: > On Thu, 21 May 2015 04:37, jeandavid8 at verizon.net said: > >>> >> --write-env-file "$@{HOME@}/.gpg-agent-info" >> > >> > I tried this and it would not work. No such file or directory. >> > >> > I removed the @ signs and then that part worked. > Sorry, I copied it from the texinfo source and missed these escape > sequences. No harm done. It did not take long to figure it out. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://linuxcounter.net ^^-^^ 19:45:01 up 20 days, 3:36, 2 users, load average: 5.35, 4.96, 4.73 From rjh at sixdemonbag.org Fri May 22 02:18:47 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 21 May 2015 20:18:47 -0400 Subject: OPENPGP URI PROPOSAL In-Reply-To: References: <555E383D.7060106@sixdemonbag.org> Message-ID: <555E75E7.7030608@sixdemonbag.org> > So what are data uri classified as then? Something that's mostly limited to web browsers and a couple of email clients. It's meant for including data in-line in web pages, not as separate documents, and has pretty close to nil adoption in the rest of the ecosystem. Adopting a special OpenPGP data URI scheme just for web browsers seems pretty weird to me. Especially given how difficult it would be to get the browser community to adopt it -- as a general rule, no standard can take off unless Internet Explorer supports it. (XHTML 1.0 and 1.1, may you rest in peace.) If you can get Microsoft to support this, or someone to produce an IE plugin to handle it, then maybe. But otherwise, I think a web-specific data URI for OpenPGP data is DOA. From mofosyne at gmail.com Fri May 22 03:55:34 2015 From: mofosyne at gmail.com (mofo syne) Date: Fri, 22 May 2015 11:55:34 +1000 Subject: OPENPGP URI PROPOSAL In-Reply-To: <555E75E7.7030608@sixdemonbag.org> References: <555E383D.7060106@sixdemonbag.org> <555E75E7.7030608@sixdemonbag.org> Message-ID: > Something that's mostly limited to web browsers and a couple of email clients. It's meant for including data in-line in web pages, not as separate documents, and has pretty close to nil adoption in the rest of the ecosystem. I'm not sure you need to wait for browsers to adopt this standard for it to take off. As Hugo Osvaldo Barrera said, "That sounds like the expected behaviour if there's no registered handler. The same would happen with things like "mailto:" if you had none." in regards to how unknown schemas are treated in browsers. So if you want mailto: to work, then you need to install an email handling program and point the browser to it. > There is already a vCard spec for a full pubkey -- though you might actually mean "transferable public key" or OpenPGP certificate: If there is one that can be embedded in email links, or in a QR code etc, and can supplement pretty much all block formats for openpgp, then I'm all for it. What this uri is essentially, is just an alternative serialization that can hopefully be flexible to handle anything thrown by openpgp at it. If i have to open GPA and then copy and paste the Vcard to GPA, then I would prefer the autolaunching uri over the vcard format. >> openpgp://fprint;name:clark+kent;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 >> >> openpgp://fprint;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 > These fingerprints are only 128 bits long, which matches the OpenPGPv3 fingerprint format. OpenPGPv4 fingerprints are 160 bits long, and any new fingerprint standard might be longer still. > Your proposal here doesn't mention any sort of versioning for fingerprints, or take into account other concerns. Its just a sketch at the moment of a serializing format within a uri container, but if that's an issue, I see no reason why you can't add a version field. Like: openpgp:fprint;version:OpenPGPv3;::43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f: 66:73:a8 (Note: btw I think i agree with that `openpgp://` should be `openpgp:`. It was intially chosen since most auto link recognizers only recognizes when the // is in front of it. Perhaps we can add it in as an optional extra, if people need it to be recognized in plain text by simple URL detecting regexes . On Fri, May 22, 2015 at 10:18 AM, Robert J. Hansen wrote: > > So what are data uri classified as then? > > Something that's mostly limited to web browsers and a couple of email > clients. It's meant for including data in-line in web pages, not as > separate documents, and has pretty close to nil adoption in the rest of > the ecosystem. > > Adopting a special OpenPGP data URI scheme just for web browsers seems > pretty weird to me. Especially given how difficult it would be to get > the browser community to adopt it -- as a general rule, no standard can > take off unless Internet Explorer supports it. (XHTML 1.0 and 1.1, may > you rest in peace.) > > If you can get Microsoft to support this, or someone to produce an IE > plugin to handle it, then maybe. But otherwise, I think a web-specific > data URI for OpenPGP data is DOA. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Fri May 22 08:59:10 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 22 May 2015 08:59:10 +0200 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <20150521211447.7CC3340056@smtp.hushmail.com> (vedaal@nym.hush.com's message of "Thu, 21 May 2015 17:14:47 -0400") References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> Message-ID: <87bnhd6qtd.fsf@vigenere.g10code.de> On Thu, 21 May 2015 23:14, vedaal at nym.hush.com said: > When GnuPG creates and RSA keypair, is there a minimum *low* for > primes it will ignore? Yes. If you create an RSA key you generate two primes of the same size. Libgcrypt as well as GnuPG 1.4 will only consider candidates with the two high bits set so that the final modulus will have the exact size. The primality test works in three steps: 1. The standard sieve algorithm using the primes up to 4999 is used as a quick first check. 2. A Fermat test filters out almost all non-primes. 3. A 5 round Rabin-Miller test is finally used. The first round uses a witness of 2, whereas the next rounds use a random witness. Note that for Elgamal and DSA keys we generate the public prime using Lim and Lee's algorithm. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri May 22 09:00:14 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 22 May 2015 09:00:14 +0200 Subject: [Enigmail] Popescu and keys In-Reply-To: <555E5509.4030805@adversary.org> (Ben McGinnes's message of "Fri, 22 May 2015 07:58:33 +1000") References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <555E5509.4030805@adversary.org> Message-ID: <877fs16qrl.fsf@vigenere.g10code.de> On Thu, 21 May 2015 23:58, ben at adversary.org said: > Is it possible that a keyserver running the old, buggy PKS code > (v. 0.9.something) mangled these keys? Yes, but that won't explain why the key binding signature is valid. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri May 22 09:14:44 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 22 May 2015 09:14:44 +0200 Subject: gpg-agent override to import secret keys in 2.1 In-Reply-To: <555E3791.6090703@adversary.org> (Ben McGinnes's message of "Fri, 22 May 2015 05:52:49 +1000") References: <555E3791.6090703@adversary.org> Message-ID: <87382p6q3f.fsf@vigenere.g10code.de> On Thu, 21 May 2015 21:52, ben at adversary.org said: > Does anyone know whether or not there is an override command > or option to force -agent to read/import secret keys after the initial > migration to version 2.1? If you want to migrate the keys from a secring.gpg again to the 2.1 secret key stoarge, you may either use gpg2 --batch --import secring.gpg oops, of course that should read gpg1 --export-secret-keys | gpg2 --batch --import or you delete the .gpg-v21-migrated file and gpg2 will do it for you. Keys which already exist won't be imported again. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ben at adversary.org Fri May 22 09:26:51 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 17:26:51 +1000 Subject: [Enigmail] Popescu and keys In-Reply-To: <877fs16qrl.fsf@vigenere.g10code.de> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <555E5509.4030805@adversary.org> <877fs16qrl.fsf@vigenere.g10code.de> Message-ID: <555EDA3B.1010609@adversary.org> On 22/05/2015 5:00 pm, Werner Koch wrote: > On Thu, 21 May 2015 23:58, ben at adversary.org said: > >> Is it possible that a keyserver running the old, buggy PKS code >> (v. 0.9.something) mangled these keys? > > Yes, but that won't explain why the key binding signature is valid. Okay, there's clearly some deeply weird stuff happening with those keys, or rather, has happened to them. Has anyone identified the pattern in the screenshots at the top of the list of ~160-170 UIDs? Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Fri May 22 09:30:05 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 17:30:05 +1000 Subject: gpg-agent override to import secret keys in 2.1 In-Reply-To: <87382p6q3f.fsf@vigenere.g10code.de> References: <555E3791.6090703@adversary.org> <87382p6q3f.fsf@vigenere.g10code.de> Message-ID: <555EDAFD.3040402@adversary.org> On 22/05/2015 5:14 pm, Werner Koch wrote: > On Thu, 21 May 2015 21:52, ben at adversary.org said: > >> Does anyone know whether or not there is an override command >> or option to force -agent to read/import secret keys after the initial >> migration to version 2.1? > > If you want to migrate the keys from a secring.gpg again to the 2.1 > secret key stoarge, you may either use > > gpg2 --batch --import secring.gpg > > oops, of course that should read > > gpg1 --export-secret-keys | gpg2 --batch --import > > or you delete the .gpg-v21-migrated file and gpg2 will do it for you. > Keys which already exist won't be imported again. Ah-ha! Brilliant, thanks Werner, this is exactly what I was looking for. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Fri May 22 09:36:11 2015 From: ben at adversary.org (Ben McGinnes) Date: Fri, 22 May 2015 17:36:11 +1000 Subject: OPENPGP URI PROPOSAL In-Reply-To: <87pp5tspnd.fsf@alice.fifthhorseman.net> References: <87pp5tspnd.fsf@alice.fifthhorseman.net> Message-ID: <555EDC6B.5090306@adversary.org> On 22/05/2015 5:21 am, Daniel Kahn Gillmor wrote: > On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: >> You might see a few copies around. This one is edited and streamlined with >> some advice from Hasimir to help keep this proposal focused. This is >> mirrored in here >> > > This proposal appears to be trying to do a lot of different things. I'm > not convinced that they are all reasonable goals, or that gnupg-users is > the right mailing list to discuss them on. The openpgp at ietf.org is a > mailing list where different people discuss the standard in general. Bringing it here is pretty much my fault, I suggested here rather than the IETF list because he's relatively new and had just wandered into #gpg4win to ask about views of a previous draft on reddit. I suggested bringing it here to "kick the tyres" without going straight to full Internet standard level over in IETF-land. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Fri May 22 16:54:02 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 22 May 2015 10:54:02 -0400 Subject: OPENPGP URI PROPOSAL In-Reply-To: <20150521224652.GA3954@athena.barrera.io> References: <87pp5tspnd.fsf@alice.fifthhorseman.net> <20150521224652.GA3954@athena.barrera.io> Message-ID: <871ti8r7cl.fsf@alice.fifthhorseman.net> On Thu 2015-05-21 18:46:52 -0400, Hugo Osvaldo Barrera wrote: > On 2015-05-21 15:21, Daniel Kahn Gillmor wrote: >> The example you give toward the end of the spec (uri handlers in web >> browsers) is an important example for arguing why something like this is >> concretely useful. Have you tried to implement this? Can modern web >> browser handlers work with arbitrary length data? When i try to trigger >> a local handler for an unknown schema in iceweasel (firefox) i see this >> message: > > Modern browsers can handle this. Some websites embed base64 uri-encoded images > of several kb in length and all browsers handle this properly. Hm, i asked "have you tried to implement this?", but it doesn't sound like you have. Maybe it's worth trying to get something working, and then report back with what you've found? >> -------------- >> The address wasn't understood >> >> Iceweasel doesn't know how to open this address, because one of the following protocols (openpgp) isn't associated with any program or is not allowed in this context. >> >> You might need to install other software to open this address. >> -------------- >> >> with no option to choose an external handler or anything. > > The same happens with several other quite standard protocols. Even some of > those listed on rfc3986. This is a firefox issue, IMHO. What is the issue, exactly? Have you or someone else reported it to firefox? How should firefox behave? > This is configured via about:preferences#applications, since firefox does not > respect OS settings in this aspect at all. sure, but about:preferences#applications doesn't show me openpgp: at all, and i see no way to add such a handler. Regards, --dkg From vedaal at nym.hush.com Fri May 22 17:38:36 2015 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Fri, 22 May 2015 11:38:36 -0400 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <87bnhd6qtd.fsf@vigenere.g10code.de> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> Message-ID: <20150522153836.ADD3240411@smtp.hushmail.com> On 5/22/2015 at 3:01 AM, "Werner Koch" wrote: >Yes. If you create an RSA key you generate two primes of the same >size. Libgcrypt as well as GnuPG 1.4 will only consider candidates with >the two high bits set so that the final modulus will have the exact >size. ===== Approximately what interval is meant by 'primes of the same size' ? i.e. for a 4096 RSA key the interval would be [ 2^(2048 + k) - 2^(2048 - k) ] What would the range of k be? n.b. Any interval of primes can be approximated by: n(U)[log(n(U))] - n(L)[log(n(L))] where U is the uppermost prime, and L is the lowermost prime https://primes.utm.edu/howmany.html (The Prime Number Theorem, Consequence Two: The nth prime is about n log n ) So, to give a trivial example, If the interval of primes chosen is from 2^2047 to 2^2049, then this interval is only log(2) [ 2049^2 - 2047^2] = 5678 which is a fairly small number of primes to check, for this type of attack to find the GnuPG keypair. Also, does GnuPG automatically reject twin primes ( p, p+2) , and Sophie-Germain primes (p, 2p+1) ? TIA, vedaal From dkg at fifthhorseman.net Fri May 22 18:03:09 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 22 May 2015 12:03:09 -0400 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <20150522153836.ADD3240411@smtp.hushmail.com> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> <20150522153836.ADD3240411@smtp.hushmail.com> Message-ID: <87egm8ppky.fsf@alice.fifthhorseman.net> On Fri 2015-05-22 11:38:36 -0400, vedaal at nym.hush.com wrote: > https://primes.utm.edu/howmany.html (The Prime Number Theorem, Consequence Two: The nth prime is about n log n ) > > So, to give a trivial example, If the interval of primes chosen is from 2^2047 to 2^2049, then this interval is only > > log(2) [ 2049^2 - 2047^2] = 5678 which is a fairly small number of primes to check, for this type of attack to find the GnuPG keypair. I think you're calculating the wrong thing. That same link points out that the number of primes less than x can be approximated as pi(x) = x/(log(x)-1). Very rough approximation below, dealing with this stuff in integer so i don't have to worry about floating point precision: ------------- #!/usr/bin/python import math def pi(x): return x//(int(math.log(x) - 1)) print(pi(2**2049) - pi(2**2047)) ------------- Produces: 34145667701866559944044383798802377522892758536014431538437128764517106455003913618433496010529759521130797881149503110281852350331307674834631513015472234360367041589931067679100152094894630389610217047672380307383983307748628563937362347485005455333604234204637401603112241209544524188755360669738591593193745235562705749858506233297205248008712262199741471705643342281979549220061203824401583102466100146307704833584671889641794368007460424297084011860069297821103169614694882157095281778056383498229906388753003349920901696154376284354875775139586287926960791086951258972553145862357082919346528294049800053111 That's a lot of primes to choose from! :) > does GnuPG automatically reject twin primes ( p, p+2) , and Sophie-Germain primes (p, 2p+1) ? Why should GnuPG reject these primes? Surely, it wouldn't want to both elements of a pair like that (i.e. for RSA you don't want q = p+2 because it's a trivial test to factor that composite), but is there a reason to reject using a p that meets these categories with some other, unrelated q? --dkg From vedaal at nym.hush.com Fri May 22 18:49:22 2015 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Fri, 22 May 2015 12:49:22 -0400 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <87egm8ppky.fsf@alice.fifthhorseman.net> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> <20150522153836.ADD3240411@smtp.hushmail.com> <87egm8ppky.fsf@alice.fifthhorseman.net> Message-ID: <20150522164922.670AC417F6@smtp.hushmail.com> On 5/22/2015 at 12:03 PM, "Daniel Kahn Gillmor" wrote: >I think you're calculating the wrong thing. That same link points >out >that the number of primes less than x can be approximated as >pi(x) = x/(log(x)-1). > >Very rough approximation below, dealing with this stuff in integer >so i >don't have to worry about floating point precision: > >------------- >#!/usr/bin/python >import math >def pi(x): > return x//(int(math.log(x) - 1)) > >print(pi(2**2049) - pi(2**2047)) > >Produces: > >3414566770186655994404438379880237752289275853601443153843712876451 >7106455003913618433496010529759521130797881149503110281852350331307 >6748346315130154722343603670415899310676791001520948946303896102170 >4767238030738398330774862856393736234748500545533360423420463740160 >3112241209544524188755360669738591593193745235562705749858506233297 >2052480087122621997414717056433422819795492200612038244015831024661 >0014630770483358467188964179436800746042429708401186006929782110316 >9614694882157095281778056383498229906388753003349920901696154376284 >3548757751395862879269607910869512589725531458623570829193465282940 >49800053111 > >That's a lot of primes to choose from! :) ----- Ouch! ;-) my mistake (forgot it's exponential)! even using the n log(n) calculation, the interval is: 2^2049 [ 2049 log 2 ] - 2^2047 [2047 log 2] which is an infeasibly large interval to attack this way. ===== >> does GnuPG automatically reject twin primes ( p, p+2) , and >Sophie-Germain primes (p, 2p+1) ? ----- >Why should GnuPG reject these primes? Surely, it wouldn't want to >both >elements of a pair like that (i.e. for RSA you don't want q = p+2 >because it's a trivial test to factor that composite), but is >there a >reason to reject using a p that meets these categories with some >other, >unrelated q? ----- Sorry, I meant does GnuPG automatically reject the PAIR since they are trivial to factor. Thanks, vedaal From dkg at fifthhorseman.net Fri May 22 19:34:47 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 22 May 2015 13:34:47 -0400 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <20150522164922.670AC417F6@smtp.hushmail.com> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> <20150522153836.ADD3240411@smtp.hushmail.com> <87egm8ppky.fsf@alice.fifthhorseman.net> <20150522164922.670AC417F6@smtp.hushmail.com> Message-ID: <874mn4plc8.fsf@alice.fifthhorseman.net> On Fri 2015-05-22 12:49:22 -0400, vedaal at nym.hush.com wrote: > On 5/22/2015 at 12:03 PM, "Daniel Kahn Gillmor" wrote: [ vedaal wrote: ] >>> does GnuPG automatically reject twin primes ( p, p+2) , and >>> Sophie-Germain primes (p, 2p+1) ? > >> Why should GnuPG reject these primes? Surely, it wouldn't want to >> both elements of a pair like that (i.e. for RSA you don't want q = >> p+2 because it's a trivial test to factor that composite), but is >> there a reason to reject using a p that meets these categories with >> some other, unrelated q? > > Sorry, I meant does GnuPG automatically reject the PAIR since they are > trivial to factor. there's no risk that GnuPG will choose a Sophie-Germain prime with its corresponding safe prime, because as Werner said, it chooses the size of the primes (in bits) and then sets the highest bits to 1. Since the sizes are the same, the S-G/safe pair isn't possible (the safe prime is always 1 bit longer than the S-G prime). That leaves the twin prime case. I don't know whether GnuPG rejects that selection, but the chance of stumbling into a twin prime pair during random prime selection seems staggeringly low to me. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From ben at skyportsystems.com Fri May 22 19:18:40 2015 From: ben at skyportsystems.com (Ben Warren) Date: Fri, 22 May 2015 10:18:40 -0700 Subject: Help with GPG agent forwarding Message-ID: <11F605AA-E822-4CFD-A742-E626AF0F921E@skyportsystems.com> Hi, I?m trying to set things up so that I can sign files on a remote Linux machine using keys on my mac. It looks like the new agent forwarding should fit the bill, and it feels like I?m really close, but missing something critical. Setup details: local machine: * OSX Yosemite * OpenSSH 6.8p1, installed using Homebrew * gpg and gpg-agent v2.1.4 remote machine: * Ubuntu 14.04 * OpenSSH 6.7p1, installed from source * gpg and gpg-agent v2.1.3, installed from source Locally, I start gpg-agent like this: eval $(gpg-agent --daemon --extra-socket=S.gpg-extra-agent) To connect, I use this command line: ssh -R /.gnupg/S.gpg-agent:~/.gnupg/S.gpg-extra-agent It seems that the UNIX socket tunnel is set up: I see the ?S.gpg-agent? socket file appear on the remote machine and neither the SSH client nor server complains. But? I don?t see the key info going through. Local side: $ gpg -k ~/.gnupg/pubring.gpg ----------------------------- pub dsa2048/00D026C4 2010-08-19 [expires: 2015-08-18] uid [ultimate] GPGTools Team uid [ultimate] GPGMail Project Team (Official OpenPGP Key) uid [ultimate] GPGTools Project Team (Official OpenPGP Key) uid [ultimate] [jpeg image of size 5871] sub elg2048/DBCBE671 2010-08-19 [expires: 2015-08-18] < snip my keys > Remote side: $ gpg2 -k $ gpg2 --output myfile.sig --sign myfile.txt gpg: no default secret key: No secret key gpg: signing failed: No secret key I?m a little confused as to where gpg-agent needs to be running, and what config options both for the agent and client need to be set. Please give me ideas as to what may be missing and how I can debug this further. thanks, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3583 bytes Desc: not available URL: From brian at minton.name Fri May 22 20:55:19 2015 From: brian at minton.name (Brian Minton) Date: Fri, 22 May 2015 14:55:19 -0400 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <874mn4plc8.fsf@alice.fifthhorseman.net> References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> <20150522153836.ADD3240411@smtp.hushmail.com> <87egm8ppky.fsf@alice.fifthhorseman.net> <20150522164922.670AC417F6@smtp.hushmail.com> <874mn4plc8.fsf@alice.fifthhorseman.net> Message-ID: There are approximately 2^2038 primes in the 2048-bit space (source, https://www.wolframalpha.com/input/?i=log2%282**2049%2Fln%282**2049%29+-+2**2047%2Fln%282**2047%29+%29 ). Even allowing that the first bit is 1, that makes 2^2037. Given that, the chance of p and q having a difference of 2, at all (never mind actually being twin primes) is probably equal to about 1 in 2^ 2035 (due to the birthday paradox). If my math is wrong, please let me know. On Fri, May 22, 2015 at 1:34 PM, Daniel Kahn Gillmor wrote: > On Fri 2015-05-22 12:49:22 -0400, vedaal at nym.hush.com wrote: > > On 5/22/2015 at 12:03 PM, "Daniel Kahn Gillmor" > wrote: > [ vedaal wrote: ] > >>> does GnuPG automatically reject twin primes ( p, p+2) , and > >>> Sophie-Germain primes (p, 2p+1) ? > > > >> Why should GnuPG reject these primes? Surely, it wouldn't want to > >> both elements of a pair like that (i.e. for RSA you don't want q = > >> p+2 because it's a trivial test to factor that composite), but is > >> there a reason to reject using a p that meets these categories with > >> some other, unrelated q? > > > > Sorry, I meant does GnuPG automatically reject the PAIR since they are > > trivial to factor. > > there's no risk that GnuPG will choose a Sophie-Germain prime with its > corresponding safe prime, because as Werner said, it chooses the size of > the primes (in bits) and then sets the highest bits to 1. Since the > sizes are the same, the S-G/safe pair isn't possible (the safe prime is > always 1 bit longer than the S-G prime). > > That leaves the twin prime case. I don't know whether GnuPG rejects > that selection, but the chance of stumbling into a twin prime pair > during random prime selection seems staggeringly low to me. > > --dkg > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Sat May 23 11:25:33 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 23 May 2015 11:25:33 +0200 Subject: Lower Bound for Primes during GnuPG key generation In-Reply-To: <874mn4plc8.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Fri, 22 May 2015 13:34:47 -0400") References: <555D232C.3010309@sixdemonbag.org> <87382pucg7.fsf@alice.fifthhorseman.net> <87r3q97mco.fsf@vigenere.g10code.de> <20150521211447.7CC3340056@smtp.hushmail.com> <87bnhd6qtd.fsf@vigenere.g10code.de> <20150522153836.ADD3240411@smtp.hushmail.com> <87egm8ppky.fsf@alice.fifthhorseman.net> <20150522164922.670AC417F6@smtp.hushmail.com> <874mn4plc8.fsf@alice.fifthhorseman.net> Message-ID: <87iobj4pde.fsf@vigenere.g10code.de> On Fri, 22 May 2015 19:34, dkg at fifthhorseman.net said: > That leaves the twin prime case. I don't know whether GnuPG rejects > that selection, but the chance of stumbling into a twin prime pair > during random prime selection seems staggeringly low to me. No, it does not. And yes, it is lower than the chance of a hardware failure. IIRC, by the time the RSA patent expired many cryptographers didn't anymore suggest the use of special primes because their advantage are seen as mostly theoretical. The Lim and Lee algorithm for constructing safe primes requires the creation of several smaller primes. This puts more sensitive data into the memory and the unused smaller primes are better discarded after the selection of the two final primes. This would be a waste of resources and thus I used a straightforward method for the (secret) RSA primes. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Sun May 24 02:03:22 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 23 May 2015 20:03:22 -0400 Subject: Prime distribution Message-ID: <5561154A.6060501@sixdemonbag.org> A couple of days ago dkg posted a back of the envelope calculation about the number of 2048-bit primes out there. (Anybody who thinks that's perjorative is crazy. His answer was both quick and pretty accurate. I think he'd agree it was a good BOTEC.) Anyway. The use of pure integer arithmetic gave my inner mathematician the heebie-jeebies, and I had some time while waiting on the car repair shop to give me some news about my rear differential, so... I figured to do it the right way, with logarithms. :) I used the same prime distribution formula dkg did (Euler's n/ln n estimate). Note: due to vagaries of floating-point behavior, this table is not perfectly accurate. And Euler's estimate is just an estimate, anyway. +-------+------------------+------------------+ | Bits | In base-10 | # of primes | +-------+------------------+------------------+ | 512 | 1.341 * 10**154 | 3.778 * 10**151 | | 768 | 1.553 * 10**231 | 2.916 * 10**228 | | 1024 | 1.798 * 10**308 | 2.533 * 10**305 | | 1280 | 2.082 * 10**385 | 2.346 * 10**382 | | 1536 | 2.41 * 10**462 | 2.264 * 10**459 | | 1792 | 2.791 * 10**539 | 2.247 * 10**536 | | 2048 | 3.232 * 10**616 | 2.277 * 10**613 | | 2304 | 3.742 * 10**693 | 2.343 * 10**690 | | 2560 | 4.333 * 10**770 | 2.442 * 10**767 | | 2816 | 5.017 * 10**847 | 2.57 * 10**844 | | 3072 | 5.81 * 10**924 | 2.728 * 10**921 | | 3328 | 6.727 * 10**1001 | 2.916 * 10**998 | | 3584 | 7.789 * 10**1078 | 3.136 * 10**1075 | | 3840 | 9.02 * 10**1155 | 3.389 * 10**1152 | | 4096 | 1.044 * 10**1233 | 3.679 * 10**1229 | +-------+------------------+------------------+ This will hopefully shed some light on what I've always found to be a fascinating question, which is the unreasonable efficiency of the general number field sieve. NIST estimates that a 1024-bit key is about as hard to break as an 80-bit symmetric key, and a 2048-bit key is about as hard to break as a 112-bit key. So going from 1024-bit to 2048-bit makes it about a billion times harder to break by brute force. But when we go from 1024-bit keys to 2048-bit keys, we go from 10**305 possible primes[*] to 10**613 possible primes[**]. There are literally 1,000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000, 000,000 more potential primes. Something like that. I might be off by a couple orders of magnitude. The point is, it's *huge*. And yet despite that, it's only a billion times harder to break. You could easily do a Ph.D. in large number theory just looking into why the GNFS is as curiously effective as it is. I don't have the math to give this problem a serious look. I'm happy just having enough math to be able to appreciate the magnitude of the problem. :) If you want to see the Python code that generated this table, just ask. [*] Kinda-sorta. Technically we should subtract out the number of all 1023-bit primes, but honestly, that's almost a rounding error. Think about it in base-10. If I ask you how many 3-digit numbers there are, you might say 1000. "No," I'd say, "you have to exclude 2-digit and 1-digit numbers. There are 100 of those. There are only 900 3-digit numbers." And then you'd slap me upside the head and tell me to stop being a pedant. 100 is insignificant compared to 1000. Likewise, the number of 1023-bit primes can pretty much be ignored when looking for the number of 1024-bit primes. [**] Kinda-sorta. Kind of odd that when we doubled the number we *more than* doubled the number of primes. Aren't they supposed to get spread out more as the numbers get bigger? This would seem to suggest they got clustered closer. This is one of the reasons why I think I got bit by floating-point error. Or maybe there's a bug in my code. Dunno. Take your pick. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From rex.k at me.com Sun May 24 07:28:32 2015 From: rex.k at me.com (Rex Kneisley) Date: Sat, 23 May 2015 22:28:32 -0700 Subject: Trying to install version 2.1.4 Message-ID: Hello all, I have just done a clean install of Debian 8.0 on an i7-4790K with 16 GB RAM. I am trying to install GNUPG 2.1.4 (I have this thing about wanting the latest version? call me crazy) I have done this before in Debian Wheezy. I install all of the latest libraries (in order), and the install GnuPg 2.1 The problem is that Debian 8.0 (Jessie) comes with GnuPG version 2.0.26 It appears that when I go through the motions of installing 2.1.4, it leaves things untouched. after I?m done: #gpg2 ?version returns: 2.0.26 And then I read that 2.0.26 and 2.1.4 cannot co-exist. OK, so now I am trying to remove 2.0.26 However, when I try to remove it using package manager it wants to also remove a whole host of other software. So I tried using apt-get remove gnupg I get an ominous warning that the following packages will be REMOVED apt apt-listchanges apt-utils gnome gnupg python-reporting... etc. etc. This should NOT be done unless you know exactly what you are doing (which I don?t) apt gnupg (due to apt) 0 upgraded, 0 newly installed , 14 to remove, and 0 not upgraded You are about to do something potentially harmful Type: Yes, do as I say! Question: Will all this stuff reinstall itself when I re-install GnuPG 2.1.4? Is there any way to do a targeted removal of 2.0.26 to make room for 2.1.4 without removing all the other things? Is there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? Any suggestions would be appreciated. Rex Kneisley rex.k at me.com 818-429-7472 Want to keep your emails private? Ask me how. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Signature.jpg Type: image/jpeg Size: 4965 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: Message signed with OpenPGP using GPGMail URL: From guido at dis.tur.bio Sun May 24 10:10:06 2015 From: guido at dis.tur.bio (guido) Date: Sun, 24 May 2015 17:10:06 +0900 Subject: Trying to install version 2.1.4 In-Reply-To: References: Message-ID: <20150524080945.GA23749@localhost.localdomain> On 23/05/2015, Rex Kneisley wrote: > Hello all, Hi, > I have just done a clean install of Debian 8.0 on an i7-4790K with 16 GB RAM. > I am trying to install GNUPG 2.1.4 > (I have this thing about wanting the latest version? call me crazy) > > I have done this before in Debian Wheezy. I install all of the latest libraries (in order), and the install GnuPg 2.1 > The problem is that Debian 8.0 (Jessie) comes with GnuPG version 2.0.26 > > It appears that when I go through the motions of installing 2.1.4, it leaves things untouched. > after I?m done: > #gpg2 ?version > returns: 2.0.26 > And then I read that 2.0.26 and 2.1.4 cannot co-exist. > > OK, so now I am trying to remove 2.0.26 > > However, when I try to remove it using package manager it wants to also remove a whole host of other software. > > So I tried using apt-get remove gnupg > > I get an ominous warning that the following packages will be REMOVED > apt apt-listchanges apt-utils gnome gnupg python-reporting... etc. etc. > This should NOT be done unless you know exactly what you are doing (which I don?t) > apt gnupg (due to apt) > 0 upgraded, 0 newly installed , 14 to remove, and 0 not upgraded > You are about to do something potentially harmful > Type: Yes, do as I say! > > > Question: > Will all this stuff reinstall itself when I re-install GnuPG 2.1.4? > Is there any way to do a targeted removal of 2.0.26 to make room for 2.1.4 without removing all the other things? > Is there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? I don't know how terrible your jessie install will get, but there is a gnupg 2.1 (2.1.3 currently) package in experimental: https://tracker.debian.org/pkg/gnupg2 I know it can be installed in jessie using these steps: https://debian-administration.org/users/dkg/weblog/110 but of course this means mixing two versions, which is less than ideal on a stable system. anyway, you can try that or backport the gnupg 2.1 package for stable https://wiki.debian.org/SimpleBackportCreation This is the only grain of help i can give, salud > Any suggestions would be appreciated. > > Rex Kneisley > rex.k at me.com > 818-429-7472 > Want to keep your emails private? Ask me how. > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 801 bytes Desc: not available URL: From peter at digitalbrains.com Sun May 24 12:58:21 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Sun, 24 May 2015 12:58:21 +0200 Subject: Trying to install version 2.1.4 In-Reply-To: References: Message-ID: <5561AECD.3080901@digitalbrains.com> On 24/05/15 07:28, Rex Kneisley wrote: > It appears that when I go through the motions of installing 2.1.4, it > leaves things untouched. It would be very helpful if you could share the actual commands you entered and their output. This is just an interpretation of what happened, and makes it impossible to give an answer as to what went wrong. By the way, since you say you really want the latest, I assume 2.1.3 from the Debian experimental "distribution" is too old for you? Because that is very easy to install on jessie; it's what I do. > Question: Will all this stuff reinstall itself when I re-install GnuPG > 2.1.4? When it doesn't come from a Debian package but is something you installed locally: the stuff will definitely not be re-installed. In fact, having both the Debian gnupg2 package and your local GnuPG 2.1.4 installed at the same time might give subtle but show stopping issues down the line... In my crystal ball, for instance, I foresee private keys, especially smartcards, stopping to work in some graphical frontends, but not all ;). (Stuff will start to depend on the precise combination of /usr/bin/gpg2 or /usr/local/bin/gpg2 and /usr/bin/gpg-agent or /usr/local/bin/gpg-agent, scdaemon, stuff like that). > Is there any way to do a targeted removal of 2.0.26 to make room for 2.1.4 > without removing all the other things? Well, yes, but it's not recommended. You can fool the package system into thinking that you have the gnupg2 package installed, and install your own, unmanaged instance of 2.1.4. But it's really not recommended. I hesitate to direct you down that path. > Is there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? You can easily upgrade it to 2.1.3 by using the experimental "repository". Come to think of it... you could perhaps make your own .deb package by taking the source for 2.1.3 from experimental and upgrading the source in there to 2.1.4. I think that is actually the best way to go if you take for granted that you really, really want the latest version. Otherwise, I'd stick with experimental. It might also be that the package maintainers (hi dkg!) might soon put 2.1.4 into experimental themselves. So it really depends on how far you want to take this "I need the latest and greatest". HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From antony at blazrsoft.com Sun May 24 18:14:29 2015 From: antony at blazrsoft.com (Antony Prince) Date: Sun, 24 May 2015 12:14:29 -0400 Subject: Trying to install version 2.1.4 In-Reply-To: References: Message-ID: <5561F8E5.7090601@blazrsoft.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 05/24/2015 01:28 AM, Rex Kneisley wrote: > Hello all, > > I have just done a clean install of Debian 8.0 on an i7-4790K with > 16 GB RAM. I am trying to install GNUPG 2.1.4 (I have this thing > about wanting the latest version? call me crazy) > > I have done this before in Debian Wheezy. I install all of the > latest libraries (in order), and the install GnuPg 2.1 The problem > is that Debian 8.0 (Jessie) comes with GnuPG version 2.0.26 > > It appears that when I go through the motions of installing 2.1.4, > it leaves things untouched. after I?m done: #gpg2 ?version > returns: 2.0.26 And then I read that 2.0.26 and 2.1.4 cannot > co-exist. > > OK, so now I am trying to remove 2.0.26 > > However, when I try to remove it using package manager it wants to > also remove a whole host of other software. > > So I tried using apt-get remove gnupg > > I get an ominous warning that the following packages will be > REMOVED apt apt-listchanges apt-utils gnome gnupg > python-reporting... etc. etc. This should NOT be done unless you > know exactly what you are doing (which I don?t) apt gnupg (due to > apt) 0 upgraded, 0 newly installed , 14 to remove, and 0 not > upgraded You are about to do something potentially harmful Type: > Yes, do as I say! > > > Question: Will all this stuff reinstall itself when I re-install > GnuPG 2.1.4? Is there any way to do a targeted removal of 2.0.26 > to make room for 2.1.4 without removing all the other things? Is > there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? > > Any suggestions would be appreciated. > > Rex Kneisley rex.k at me.com 818-429-7472 Want > to keep your emails private? Ask me how. My first reply was off-list. I apologize. In my case, I just left the system default gpg installed. Ubuntu comes with gpg 1.4.x and gives the same warnings when trying to uninstall because it is a dependency of apt. There's no need to uninstall it. Just modify your system path to find the new version first. In my case, I altered /etc/environment so that /usr/local/bin comes before /bin in the PATH. After reading the other replies though, I'm not sure whether this will cause any keyring issues. I haven't experienced any in my case, but I haven't tested it extensively. - -- Hope that helps, Antony Prince -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVYfjYAAoJEK89QIcwGxsZMfsP/jfYehUsu6YJLGqUtCjcV/hs Vz2VjwndzUDLkrtvvyro0rw4WOm/4tIuQlONzzlKTrrDuxLMEGGjOLxU7MbE8SCt GTl5fWGvHvds2U2RpVwwbFjXCIiQKrsEX655hLv9IITAW6MHDXyZC13UTSjSvE0u UVrx0de0pUFxpc6g9Doa1fRNW4GRphu2s06sAbq+lkjfbiXptqaK1XBFe6UXe3c8 Iod4qa6Kq/EO0RlciqnOgcckW1ppa4PTrf5fhGwU5n5/CpACcgt+vVeKM0RYa3iY Cma61el1hBIbmC4nr82LvCzHjEr2MMsj/FJAODXsBV7TVMTo6u4KZ5PE9vuKE8lh tNVTCiAo7hFa17gcl6D4QO9X/lszhlc+D/6It7SqRtOA392f+zzkIrY8ZOejMmwD WGxPRfh8p2K3vmN3N0aWLwhaLCb/Mk93vn6At/Ma8zyNnd4DipJ2tbHn/3K8uNgN f58jlsap7FP82mpj9119yPjNT3zSFzIXDxLhdnpJGStszqY0bPZ69ftjukHbIMZb L2dbt0D96rYElpOqFeqVPmfU5MhlQWJS26a7r6aQTq6fmz5GzZt2QC4jDM7XORzI SoWuUaEd0t2zpXNRGw1HPZwCenO4FACxbCsylZ2iqyUJ/6xVOYxrrQ7iLm34BXlF OHIFTWA3Rwhws9TWix1x =wZAR -----END PGP SIGNATURE----- From peter at digitalbrains.com Sun May 24 19:03:09 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Sun, 24 May 2015 19:03:09 +0200 Subject: Trying to install version 2.1.4 In-Reply-To: <5561F8E5.7090601@blazrsoft.com> References: <5561F8E5.7090601@blazrsoft.com> Message-ID: <5562044D.7040905@digitalbrains.com> On 24/05/15 18:14, Antony Prince wrote: > My first reply was off-list. I apologize. In my case, I just left the > system default gpg installed. Ubuntu comes with gpg 1.4.x and gives the > same warnings when trying to uninstall because it is a dependency of apt. > [...] > After reading the other replies though, I'm not sure whether this will > cause any keyring issues. I haven't experienced any in my case, but I > haven't tested it extensively. GnuPG 1.4.x and GnuPG 2.1.x are co-installable. You will not have any problems with those two installed side-by-side. The issue is that OP can't uninstall the gnupg2 package without it removing other packages (like graphical frontends for GnuPG, I suppose). So he's facing the situation that he can't install GnuPG 2.0.26 and GnuPG 2.1.4 side-by-side. If he were to install 2.1.3 from the experimental gnupg2 package, that would /replace/ 2.0.26 and satisfy the dependencies of the packages that would be removed by removing the gnupg2 package. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From george at cmtytech.org Sun May 24 18:35:27 2015 From: george at cmtytech.org (George Lee) Date: Sun, 24 May 2015 12:35:27 -0400 Subject: Random Seed for Generating PGP Keys Message-ID: Hello, I'm interested in seeing if rather than relying on the built-in software to generate randomness when creating a PGP key, if it is possible to configure GnuPG to use a manually entered random seed. That way I could generate a seed using coins, dice, my magic cauldron, etc. Is this possible to do? How much entropy in a seed would I need? I also imagine that folks might say the software is very good at generating random numbers. Feel free to share more details why, e.g. how many bits of entropy are provided and how to make sure they're truly random. But it would still be helpful to know if the above customization is possible. Thank you! - George -------------- next part -------------- An HTML attachment was scrubbed... URL: From keastes at gmail.com Sun May 24 23:11:48 2015 From: keastes at gmail.com (kendrick eastes) Date: Sun, 24 May 2015 15:11:48 -0600 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: On Sun, May 24, 2015 at 10:35 AM, George Lee wrote: > Hello, > > I'm interested in seeing if rather than relying on the built-in software > to generate randomness when creating a PGP key, if it is possible to > configure GnuPG to use a manually entered random seed. That way I could > generate a seed using coins, dice, my magic cauldron, etc. > > Is this possible to do? How much entropy in a seed would I need? > > I also imagine that folks might say the software is very good at > generating random numbers. Feel free to share more details why, e.g. how > many bits of entropy are provided and how to make sure they're truly > random. But it would still be helpful to know if the above customization is > possible. > > Thank you! > > - George > > would it not be more reliable and simpler to use a HWRNG to generate entropy? https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators has a list of commercially available generators, and i know i have seen at least 2 homebrew designs that had source and HW schematics released. > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jeandavid8 at verizon.net Mon May 25 13:48:16 2015 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 25 May 2015 07:48:16 -0400 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <55630C00.2020808@verizon.net> On 05/24/2015 05:11 PM, kendrick eastes wrote: > > On Sun, May 24, 2015 at 10:35 AM, George Lee > wrote: > > Hello, > > I'm interested in seeing if rather than relying on the built-in > software to generate randomness when creating a PGP key, if it is > possible to configure GnuPG to use a manually entered random seed. > That way I could generate a seed using coins, dice, my magic > cauldron, etc. > > Is this possible to do? How much entropy in a seed would I need? > > I also imagine that folks might say the software is very good at > generating random numbers. Feel free to share more details why, e.g. > how many bits of entropy are provided and how to make sure they're > truly random. But it would still be helpful to know if the above > customization is possible. > > Thank you! > > - George > > > > would it not be more reliable and simpler to use a HWRNG to generate > entropy? In theory, no software random number generator can generate truly random numbers, since they will repeat. They function they generate is cyclic, just as sin(t) is cyclic, though their period is much greater. But once you use an algorithm to generate random numbers, you have sinned. If you used a good HwRNG. > > https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators > has a list of commercially available generators, and i know i have seen > at least 2 homebrew designs that had source and HW schematics released. > This article would have been more useful if the author had subjected these random number generator to the usual mathematical tests for randomness. Here is what was, at the time it was written, a very good paper on software random number generators. Almost 50 years old now. I have not kept up with the field, so I do not know how much progress, if any, has been made since. https://dl.acm.org/citation.cfm?id=321379 I remember in the past when I needed a random number generator, I made plots on a crt where one random number was used as the x-coordinate and the next one was used as the y-coordinate of a plotted point. I expected to see a mess of noise, but there were, instead, stripes. Turns out there was a bug in the RNG I was using. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://linuxcounter.net ^^-^^ 07:35:01 up 23 days, 15:26, 2 users, load average: 4.22, 4.37, 4.69 From gniibe at fsij.org Wed May 27 04:46:57 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 27 May 2015 11:46:57 +0900 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <55653021.40102@fsij.org> On 05/25/2015 01:35 AM, George Lee wrote: > I'm interested in seeing if rather than relying on the built-in software to > generate randomness when creating a PGP key, if it is possible to configure > GnuPG to use a manually entered random seed. That way I could generate a > seed using coins, dice, my magic cauldron, etc. Well, in my I HWRNG implementation (named NeuG), I don't use coins or dice. The source is sampling of analog inputs by A/D converter (the inputs itself doesn't matter much). When you generate a key on Gnuk Token, it goes directly from NeuG. Actually, I thought similar thing. Here is a post of mine in September, 2013: http://lists.gnupg.org/pipermail/gnupg-devel/2013-September/027900.html At that time, I considered that I could control more reliably with a specific "raw" interface to feed entropy to an application directly. But, currently, I think that it is rather good for GnuPG/libgcyrpt not to have such an interface but just use system /dev/random (if available). When we are using GNU/Linux system or some UNIXen, it goes like this with HWRNG (with GCRY_RNG_TYPE_STANDARD configuration): HWRNG --> /dev/random --> CSPRNG [of GnuPG/libgcrypt] --> GPG key Note that within HWRNG design itself, thre is usually CSPRNG component to remove bias from its entropy source. Further, it's also there in the design of system /dev/random. Thus, it is common to have many components of CRRNG in sequence, which sounds pretty much redundant. After all, the problem to solve here is: we want the random number sequence under *none*'s control, so, it would be OK to have another redundant CSPRNG or two. That's my opinion. BTW, now, my HWRNG is available in US, too. Please visit: http://shop.fsf.org/category/gnu-gear/ -- From gniibe at fsij.org Wed May 27 05:08:56 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 27 May 2015 12:08:56 +0900 Subject: Random Seed for Generating PGP Keys In-Reply-To: <55630C00.2020808@verizon.net> References: <55630C00.2020808@verizon.net> Message-ID: <55653548.7040707@fsij.org> On 05/25/2015 08:48 PM, Jean-David Beyer wrote: >> https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators >> has a list of commercially available generators, and i know i have seen >> at least 2 homebrew designs that had source and HW schematics released. >> > > This article would have been more useful if the author had subjected > these random number generator to the usual mathematical tests for > randomness. Modern RNGs (HWRNG or Pseudo RNG) are (usually) tested heavily by empirical statistical testing. Famous free software are: TestU01: http://www.iro.umontreal.ca/~simardr/testu01/tu01.html PractRand: http://pracrand.sourceforge.net/ Well, Dieharder is available in Debian, but it is somewhat older than those two. Statistical testing is not sufficient to make sure the random number sequence is under none's control or none's knowledge. I believe that free software for the firmware and reproducible hardware design are also important requirements for HWRNG. Unfortunately, I banned out from Wikipedia when I added a link to gniibe.org in the page of HWRNG (the reason was: the link URL included the string of my login name), so, I cannot edit the page any more. Lessen was: Wikipedia is(was) not friendly to DIY hardware/software people to link there useful information. -- From rex.k at me.com Wed May 27 06:22:34 2015 From: rex.k at me.com (Rex Kneisley) Date: Tue, 26 May 2015 21:22:34 -0700 Subject: installing version 2.1.4 in Debian 8.0 (Jessie) In-Reply-To: References: Message-ID: Thank you for all of the thoughtful replies. I think i will try the experimental version within Debian. This sounds like the most stable and strait-forward way to use the latest (close enough) version in Debian 8.0. As a follow up. Since, version 1.4 is also installed, my assumption is that using "gpg" on the command line invokes 1.4, and using "gpg2" on the command line invokes 2.x. Is my assumption correct? If so, is there any way to make the command "gpg" invoke version 2.x? It is a bit tedious to add the 2 on every command to ensure I am invoking version 2.x Rex Sent from my iPad > On May 26, 2015, at 7:41 PM, gnupg-users-request at gnupg.org wrote: > > Send Gnupg-users mailing list submissions to > gnupg-users at gnupg.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.gnupg.org/mailman/listinfo/gnupg-users > or, via email, send a message with subject or body 'help' to > gnupg-users-request at gnupg.org > > You can reach the person managing the list at > gnupg-users-owner at gnupg.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Gnupg-users digest..." > > > Today's Topics: > > 1. Re: Trying to install version 2.1.4 (Peter Lebbing) > 2. Re: Trying to install version 2.1.4 (Antony Prince) > 3. Re: Trying to install version 2.1.4 (Peter Lebbing) > 4. Random Seed for Generating PGP Keys (George Lee) > 5. Re: Random Seed for Generating PGP Keys (kendrick eastes) > 6. Re: Random Seed for Generating PGP Keys (Jean-David Beyer) > 7. Re: Random Seed for Generating PGP Keys (NIIBE Yutaka) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 24 May 2015 12:58:21 +0200 > From: Peter Lebbing > To: Rex Kneisley , gnupg-users at gnupg.org > Subject: Re: Trying to install version 2.1.4 > Message-ID: <5561AECD.3080901 at digitalbrains.com> > Content-Type: text/plain; charset=utf-8 > >> On 24/05/15 07:28, Rex Kneisley wrote: >> It appears that when I go through the motions of installing 2.1.4, it >> leaves things untouched. > > It would be very helpful if you could share the actual commands you entered > and their output. This is just an interpretation of what happened, and makes > it impossible to give an answer as to what went wrong. > > By the way, since you say you really want the latest, I assume 2.1.3 from the > Debian experimental "distribution" is too old for you? Because that is very > easy to install on jessie; it's what I do. > >> Question: Will all this stuff reinstall itself when I re-install GnuPG >> 2.1.4? > > When it doesn't come from a Debian package but is something you installed > locally: the stuff will definitely not be re-installed. > > In fact, having both the Debian gnupg2 package and your local GnuPG 2.1.4 > installed at the same time might give subtle but show stopping issues down the > line... In my crystal ball, for instance, I foresee private keys, especially > smartcards, stopping to work in some graphical frontends, but not all ;). > (Stuff will start to depend on the precise combination of /usr/bin/gpg2 or > /usr/local/bin/gpg2 and /usr/bin/gpg-agent or /usr/local/bin/gpg-agent, > scdaemon, stuff like that). > >> Is there any way to do a targeted removal of 2.0.26 to make room for 2.1.4 >> without removing all the other things? > > Well, yes, but it's not recommended. You can fool the package system into > thinking that you have the gnupg2 package installed, and install your own, > unmanaged instance of 2.1.4. But it's really not recommended. I hesitate to > direct you down that path. > >> Is there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? > > You can easily upgrade it to 2.1.3 by using the experimental "repository". > > Come to think of it... you could perhaps make your own .deb package by taking > the source for 2.1.3 from experimental and upgrading the source in there to > 2.1.4. I think that is actually the best way to go if you take for granted > that you really, really want the latest version. Otherwise, I'd stick with > experimental. > > It might also be that the package maintainers (hi dkg!) might soon put 2.1.4 > into experimental themselves. So it really depends on how far you want to take > this "I need the latest and greatest". > > HTH, > > Peter. > > -- > I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. > You can send me encrypted mail if you want some privacy. > My key is available at > > > > ------------------------------ > > Message: 2 > Date: Sun, 24 May 2015 12:14:29 -0400 > From: Antony Prince > To: gnupg-users at gnupg.org > Subject: Re: Trying to install version 2.1.4 > Message-ID: <5561F8E5.7090601 at blazrsoft.com> > Content-Type: text/plain; charset=windows-1252 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > >> On 05/24/2015 01:28 AM, Rex Kneisley wrote: >> Hello all, >> >> I have just done a clean install of Debian 8.0 on an i7-4790K with >> 16 GB RAM. I am trying to install GNUPG 2.1.4 (I have this thing >> about wanting the latest version? call me crazy) >> >> I have done this before in Debian Wheezy. I install all of the >> latest libraries (in order), and the install GnuPg 2.1 The problem >> is that Debian 8.0 (Jessie) comes with GnuPG version 2.0.26 >> >> It appears that when I go through the motions of installing 2.1.4, >> it leaves things untouched. after I?m done: #gpg2 ?version >> returns: 2.0.26 And then I read that 2.0.26 and 2.1.4 cannot >> co-exist. >> >> OK, so now I am trying to remove 2.0.26 >> >> However, when I try to remove it using package manager it wants to >> also remove a whole host of other software. >> >> So I tried using apt-get remove gnupg >> >> I get an ominous warning that the following packages will be >> REMOVED apt apt-listchanges apt-utils gnome gnupg >> python-reporting... etc. etc. This should NOT be done unless you >> know exactly what you are doing (which I don?t) apt gnupg (due to >> apt) 0 upgraded, 0 newly installed , 14 to remove, and 0 not >> upgraded You are about to do something potentially harmful Type: >> Yes, do as I say! >> >> >> Question: Will all this stuff reinstall itself when I re-install >> GnuPG 2.1.4? Is there any way to do a targeted removal of 2.0.26 >> to make room for 2.1.4 without removing all the other things? Is >> there a way to UPGRADE from 2.0.26 to the latest version (2.1.4)? >> >> Any suggestions would be appreciated. >> >> Rex Kneisley rex.k at me.com 818-429-7472 Want >> to keep your emails private? Ask me how. > > My first reply was off-list. I apologize. In my case, I just left the > system default gpg installed. Ubuntu comes with gpg 1.4.x and gives > the same warnings when trying to uninstall because it is a dependency > of apt. There's no need to uninstall it. Just modify your system path > to find the new version first. In my case, I altered /etc/environment > so that /usr/local/bin comes before /bin in the PATH. After reading > the other replies though, I'm not sure whether this will cause any > keyring issues. I haven't experienced any in my case, but I haven't > tested it extensively. > > - -- > Hope that helps, > Antony Prince > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJVYfjYAAoJEK89QIcwGxsZMfsP/jfYehUsu6YJLGqUtCjcV/hs > Vz2VjwndzUDLkrtvvyro0rw4WOm/4tIuQlONzzlKTrrDuxLMEGGjOLxU7MbE8SCt > GTl5fWGvHvds2U2RpVwwbFjXCIiQKrsEX655hLv9IITAW6MHDXyZC13UTSjSvE0u > UVrx0de0pUFxpc6g9Doa1fRNW4GRphu2s06sAbq+lkjfbiXptqaK1XBFe6UXe3c8 > Iod4qa6Kq/EO0RlciqnOgcckW1ppa4PTrf5fhGwU5n5/CpACcgt+vVeKM0RYa3iY > Cma61el1hBIbmC4nr82LvCzHjEr2MMsj/FJAODXsBV7TVMTo6u4KZ5PE9vuKE8lh > tNVTCiAo7hFa17gcl6D4QO9X/lszhlc+D/6It7SqRtOA392f+zzkIrY8ZOejMmwD > WGxPRfh8p2K3vmN3N0aWLwhaLCb/Mk93vn6At/Ma8zyNnd4DipJ2tbHn/3K8uNgN > f58jlsap7FP82mpj9119yPjNT3zSFzIXDxLhdnpJGStszqY0bPZ69ftjukHbIMZb > L2dbt0D96rYElpOqFeqVPmfU5MhlQWJS26a7r6aQTq6fmz5GzZt2QC4jDM7XORzI > SoWuUaEd0t2zpXNRGw1HPZwCenO4FACxbCsylZ2iqyUJ/6xVOYxrrQ7iLm34BXlF > OHIFTWA3Rwhws9TWix1x > =wZAR > -----END PGP SIGNATURE----- > > > > ------------------------------ > > Message: 3 > Date: Sun, 24 May 2015 19:03:09 +0200 > From: Peter Lebbing > To: Antony Prince , gnupg-users at gnupg.org > Subject: Re: Trying to install version 2.1.4 > Message-ID: <5562044D.7040905 at digitalbrains.com> > Content-Type: text/plain; charset=utf-8 > >> On 24/05/15 18:14, Antony Prince wrote: >> My first reply was off-list. I apologize. In my case, I just left the >> system default gpg installed. Ubuntu comes with gpg 1.4.x and gives the >> same warnings when trying to uninstall because it is a dependency of apt. > >> [...] > >> After reading the other replies though, I'm not sure whether this will >> cause any keyring issues. I haven't experienced any in my case, but I >> haven't tested it extensively. > > GnuPG 1.4.x and GnuPG 2.1.x are co-installable. You will not have any problems > with those two installed side-by-side. > > The issue is that OP can't uninstall the gnupg2 package without it removing > other packages (like graphical frontends for GnuPG, I suppose). So he's facing > the situation that he can't install GnuPG 2.0.26 and GnuPG 2.1.4 side-by-side. > > If he were to install 2.1.3 from the experimental gnupg2 package, that would > /replace/ 2.0.26 and satisfy the dependencies of the packages that would be > removed by removing the gnupg2 package. > > HTH, > > Peter. > > -- > I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. > You can send me encrypted mail if you want some privacy. > My key is available at > > > > ------------------------------ > > Message: 4 > Date: Sun, 24 May 2015 12:35:27 -0400 > From: George Lee > To: gnupg-users at gnupg.org > Subject: Random Seed for Generating PGP Keys > Message-ID: > > Content-Type: text/plain; charset="utf-8" > > Hello, > > I'm interested in seeing if rather than relying on the built-in software to > generate randomness when creating a PGP key, if it is possible to configure > GnuPG to use a manually entered random seed. That way I could generate a > seed using coins, dice, my magic cauldron, etc. > > Is this possible to do? How much entropy in a seed would I need? > > I also imagine that folks might say the software is very good at generating > random numbers. Feel free to share more details why, e.g. how many bits of > entropy are provided and how to make sure they're truly random. But it > would still be helpful to know if the above customization is possible. > > Thank you! > > - George > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > > ------------------------------ > > Message: 5 > Date: Sun, 24 May 2015 15:11:48 -0600 > From: kendrick eastes > To: George Lee > Cc: gnupg-users at gnupg.org > Subject: Re: Random Seed for Generating PGP Keys > Message-ID: > > Content-Type: text/plain; charset="utf-8" > >> On Sun, May 24, 2015 at 10:35 AM, George Lee wrote: >> >> Hello, >> >> I'm interested in seeing if rather than relying on the built-in software >> to generate randomness when creating a PGP key, if it is possible to >> configure GnuPG to use a manually entered random seed. That way I could >> generate a seed using coins, dice, my magic cauldron, etc. >> >> Is this possible to do? How much entropy in a seed would I need? >> >> I also imagine that folks might say the software is very good at >> generating random numbers. Feel free to share more details why, e.g. how >> many bits of entropy are provided and how to make sure they're truly >> random. But it would still be helpful to know if the above customization is >> possible. >> >> Thank you! >> >> - George > > would it not be more reliable and simpler to use a HWRNG to generate > entropy? > > https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators > has a list of commercially available generators, and i know i have seen at > least 2 homebrew designs that had source and HW schematics released. > >> _______________________________________________ >> Gnupg-users mailing list >> Gnupg-users at gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-users > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > > ------------------------------ > > Message: 6 > Date: Mon, 25 May 2015 07:48:16 -0400 > From: Jean-David Beyer > To: gnupg-users at gnupg.org > Subject: Re: Random Seed for Generating PGP Keys > Message-ID: <55630C00.2020808 at verizon.net> > Content-Type: text/plain; charset=windows-1252 > >> On 05/24/2015 05:11 PM, kendrick eastes wrote: >> >> On Sun, May 24, 2015 at 10:35 AM, George Lee > > wrote: >> >> Hello, >> >> I'm interested in seeing if rather than relying on the built-in >> software to generate randomness when creating a PGP key, if it is >> possible to configure GnuPG to use a manually entered random seed. >> That way I could generate a seed using coins, dice, my magic >> cauldron, etc. >> >> Is this possible to do? How much entropy in a seed would I need? >> >> I also imagine that folks might say the software is very good at >> generating random numbers. Feel free to share more details why, e.g. >> how many bits of entropy are provided and how to make sure they're >> truly random. But it would still be helpful to know if the above >> customization is possible. >> >> Thank you! >> >> - George >> >> >> >> would it not be more reliable and simpler to use a HWRNG to generate >> entropy? > > In theory, no software random number generator can generate truly random > numbers, since they will repeat. They function they generate is cyclic, > just as sin(t) is cyclic, though their period is much greater. But once > you use an algorithm to generate random numbers, you have sinned. > > If you used a good HwRNG. >> >> https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators >> has a list of commercially available generators, and i know i have seen >> at least 2 homebrew designs that had source and HW schematics released. > > This article would have been more useful if the author had subjected > these random number generator to the usual mathematical tests for > randomness. > > Here is what was, at the time it was written, a very good paper on > software random number generators. Almost 50 years old now. I have not > kept up with the field, so I do not know how much progress, if any, has > been made since. > > https://dl.acm.org/citation.cfm?id=321379 > > I remember in the past when I needed a random number generator, I made > plots on a crt where one random number was used as the x-coordinate and > the next one was used as the y-coordinate of a plotted point. I expected > to see a mess of noise, but there were, instead, stripes. Turns out > there was a bug in the RNG I was using. > > > -- > .~. Jean-David Beyer Registered Linux User 85642. > /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. > /( )\ Shrewsbury, New Jersey http://linuxcounter.net > ^^-^^ 07:35:01 up 23 days, 15:26, 2 users, load average: 4.22, 4.37, 4.69 > > > > ------------------------------ > > Message: 7 > Date: Wed, 27 May 2015 11:46:57 +0900 > From: NIIBE Yutaka > To: George Lee > Cc: gnupg-users at gnupg.org > Subject: Re: Random Seed for Generating PGP Keys > Message-ID: <55653021.40102 at fsij.org> > Content-Type: text/plain; charset=windows-1252 > >> On 05/25/2015 01:35 AM, George Lee wrote: >> I'm interested in seeing if rather than relying on the built-in software to >> generate randomness when creating a PGP key, if it is possible to configure >> GnuPG to use a manually entered random seed. That way I could generate a >> seed using coins, dice, my magic cauldron, etc. > > Well, in my I HWRNG implementation (named NeuG), I don't use coins or > dice. The source is sampling of analog inputs by A/D converter (the > inputs itself doesn't matter much). When you generate a key on Gnuk > Token, it goes directly from NeuG. > > Actually, I thought similar thing. Here is a post of mine in > September, 2013: > > http://lists.gnupg.org/pipermail/gnupg-devel/2013-September/027900.html > > At that time, I considered that I could control more reliably with a > specific "raw" interface to feed entropy to an application directly. > But, currently, I think that it is rather good for GnuPG/libgcyrpt not > to have such an interface but just use system /dev/random (if > available). > > When we are using GNU/Linux system or some UNIXen, it goes like this > with HWRNG (with GCRY_RNG_TYPE_STANDARD configuration): > > HWRNG --> /dev/random --> CSPRNG [of GnuPG/libgcrypt] --> GPG key > > Note that within HWRNG design itself, thre is usually CSPRNG component > to remove bias from its entropy source. Further, it's also there in > the design of system /dev/random. > > Thus, it is common to have many components of CRRNG in sequence, which > sounds pretty much redundant. > > After all, the problem to solve here is: we want the random number > sequence under *none*'s control, so, it would be OK to have another > redundant CSPRNG or two. That's my opinion. > > BTW, now, my HWRNG is available in US, too. Please visit: > > http://shop.fsf.org/category/gnu-gear/ > -- > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > > ------------------------------ > > End of Gnupg-users Digest, Vol 140, Issue 21 > ******************************************** From gniibe at fsij.org Wed May 27 10:36:00 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 27 May 2015 17:36:00 +0900 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <555E159B.40606@nordnet.fr> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> Message-ID: <556581F0.3090006@fsij.org> On 05/22/2015 02:27 AM, Philip Jackson wrote: > The key ID was 0x6e767393 It seems for me that this key has subkey of ECC, and that's the cause of your trouble. I think that we need to implement some compatibility feature in GnuPG 2.0 (and 1.4). Last month, I did a fix, but I think that more is needed. g10: fix cmp_public_key and cmp_secret_keys. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=43429c7869152f301157e4b24790b3801dce0f0a I'll look into detail. -- From peter at digitalbrains.com Wed May 27 12:03:00 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 27 May 2015 12:03:00 +0200 Subject: installing version 2.1.4 in Debian 8.0 (Jessie) In-Reply-To: References: Message-ID: <55659654.4020209@digitalbrains.com> On 27/05/15 06:22, Rex Kneisley wrote: > As a follow up. Since, version 1.4 is also installed, my assumption > is that using "gpg" on the command line invokes 1.4, and using "gpg2" > on the command line invokes 2.x. Is my assumption correct? Yes. > If so, is there any way to make the command "gpg" invoke version 2.x? > It is a bit tedious to add the 2 on every command to ensure I am > invoking version 2.x I wouldn't recommend it, since you might change it for scripts and programs as well as for yourself, and the programs will expect GnuPG 1.4. It might in some cases matter. If you find adding the 2 tedious, you could make a symlink titled "g" or "gp"... that way, you save a letter instead of having to type one extra, and there is no chance that any script or program that executes "gpg" expecting 1.4 will accidentally pick your symlink. And the safest place anyway for such a symlink would be in $HOME/bin, since this will keep it out of sight of programs that just use the system-wide $PATH. $ cd $ mkdir bin $ cd bin $ ln -s /usr/bin/gpg2 gp I think your .profile likely already contains the following: # set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH="$HOME/bin:$PATH" fi And in that case, you need to log out and log back in and the directory will be added to your $PATH. Under X, you probably need to log out of the whole X session, not just start a new terminal. >> On May 26, 2015, at 7:41 PM, gnupg-users-request at gnupg.org wrote: >> >> Send Gnupg-users mailing list submissions to gnupg-users at gnupg.org >> [...] Could you please trim your quotes? And unfortunately, by replying to the digest, you break threading of the conversation. People that use a threading mail viewer see all conversations on the mailing list grouped by individual conversation. When you reply to the digest, this appears as a new conversation rather than a follow-up to the existing conversation. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From philip.jackson at nordnet.fr Wed May 27 13:53:15 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Wed, 27 May 2015 13:53:15 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <556581F0.3090006@fsij.org> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> <556581F0.3090006@fsij.org> Message-ID: <5565B02B.6060206@nordnet.fr> On 27/05/15 10:36, NIIBE Yutaka wrote: > On 05/22/2015 02:27 AM, Philip Jackson wrote: >> The key ID was 0x6e767393 > > It seems for me that this key has subkey of ECC, and that's the cause > of your trouble. You're right - this key has an ECC subkey for signing. I've imported this key into another pc using Deb8, gnupg 2.1.3, Icedove and enigmail 1.8.2 and it doesn't cause any problem on that setup. I tried to re-import it into the original desktop system to see if the problem recurred. (I should have done that before writing the last mail, to confirm fault). With the original desktop : gpg 1.4.16 and gpg2 2.0.22, Thunderbird with enigmail 1.8.2 : - enigmail filed to import the key - gpg2 failed with the message gpg2 --recv-keys 0x6e767393 gpg: requesting key 0x6E767393 from hkp server pool.sks-keyservers.net Version: SKS 1.1.5 gpg: armour header: Comment: Hostname: sks.alpha-labs.net gpg: armour header: gpg: can't handle public key algorithm 19 gpg: pub 4096R/0x2A234ABC6E767393 2013-10-08 Jacky Alcin? gpg: key 0x2A234ABC6E767393: removed multiple subkey binding gpg: can't handle public key algorithm 22 gpg: can't handle public key algorithm 18 gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame Aborted (core dumped) - gpg imported it ok - gpg -k runs to complete listing showing the problem key as the last one in the listing (which it is) -gpg2 -k runs listing but stops just before the problem key which it does not list and gives this same message : gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame Aborted (core dumped) - enigmail will not list this key I have other keys in my public keyring which also have ECC subkeys and these do not cause any difficulty either with enigmail or gpg2.0.22 So far it is only key 0x6e767393 which causes the problem. Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Wed May 27 15:05:29 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 27 May 2015 22:05:29 +0900 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <5565B02B.6060206@nordnet.fr> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> <556581F0.3090006@fsij.org> <5565B02B.6060206@nordnet.fr> Message-ID: <5565C119.2050004@fsij.org> Hello, Thank you for more information. On 05/27/2015 08:53 PM, Philip Jackson wrote: > I tried to re-import it into the original desktop system to see if the problem > recurred. (I should have done that before writing the last mail, to confirm > fault). With the original desktop : gpg 1.4.16 and gpg2 2.0.22, Thunderbird with > enigmail 1.8.2 : [...] > gpg: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame > Aborted (core dumped) I think that 2.0.22 has this problem. I checked 2.0 series commit logs. I think that It was handled by the commit: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6286d01ba33b963be30fbb4fba6f35f1b05acd17 commit 1f842011f611625c8a5fd852d5a2b4bd13e4b563 Author: Werner Koch Date: Fri Oct 4 18:01:40 2013 +0200 gpg: Kludge not to bail out on ECC if build with Libgcrypt 1.6. * g10/misc.c (print_pubkey_algo_note): Map the algo. (openpgp_pk_test_algo, openpgp_pk_test_algo2): Ditto. (pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig) (pubkey_get_nenc): Return 0 for ECC algorithms. -- Libgcrypt 1.6 features algorithm 18 (generic ECC). Because of the missing mapping and no real support for the OpenPGP ECC format, this led to parsing errors of ECC packets. We better better explicitly tell gpg that we ECC is not supported. Signed-off-by: Werner Koch It was done soon after 2.0.22. I think that 2.0.23 or later doesn't have this issue. The signature check is just skipped as unknown algo. > I have other keys in my public keyring which also have ECC subkeys > and these do not cause any difficulty either with enigmail or > gpg2.0.22 I think that it occurs because it has SHA512 signature. I guess that other keys with ECC subkeys in your keyring has SHA256 signature. -- From george at cmtytech.org Wed May 27 15:18:04 2015 From: george at cmtytech.org (George Lee) Date: Wed, 27 May 2015 09:18:04 -0400 Subject: Random Seed for Generating PGP Keys Message-ID: Hi, > I know that a CSPRNG is supposed to make this cryptographically secure Also, I may be wrong here -- it seems that CSPRNG sometimes refers to libgcrypt's "Continuously Seeded" and other times refers to "Cryptographically Secure." Peace, community, justice, - George -------------- next part -------------- An HTML attachment was scrubbed... URL: From philip.jackson at nordnet.fr Wed May 27 15:24:10 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Wed, 27 May 2015 15:24:10 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <5565C119.2050004@fsij.org> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> <556581F0.3090006@fsij.org> <5565B02B.6060206@nordnet.fr> <5565C119.2050004@fsij.org> Message-ID: <5565C57A.8040608@nordnet.fr> On 27/05/15 15:05, NIIBE Yutaka wrote: > It was done soon after 2.0.22. I think that 2.0.23 or later doesn't > have this issue. The signature check is just skipped as unknown algo. One of the problems with using linux distribution packages. The latest for Ubuntu 1404 is 2.0.22-3ubuntu1.3 which I have. Ubuntu 1404 is the current LongTermSupport version. One of the standard advice replies given on this list is to stick to the official packages but these move like the wheels of eternity. Ubuntu's latest active development version is Wily Werewolf and that will have 2.0.26 - so it might take a decade or so before gnupg2.1.xxx gets into the loop. Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From george at cmtytech.org Wed May 27 15:14:40 2015 From: george at cmtytech.org (George Lee) Date: Wed, 27 May 2015 09:14:40 -0400 Subject: Random Seed for Generating PGP Keys Message-ID: Hi, I'm not trying to generate multiple random numbers, but just generate a PGP key one time in a way that is very hard to crack by basing it on a one-time seed generated manually in a reliably random way. With software, there's risks that the sequence of numbers generated isn't fully random and that someone could cut use information about the software or other numbers it generates, to better guess any single number it generates. I know that a CSPRNG is supposed to make this cryptographically secure, but (and correct me if I'm wrong) it seems that some one-time offline truly random process (like rolling a thousand non-biased coins by a no-biased person) is guaranteed to be more random than any HWRNG or software RNG that might actually have correlations you're not aware of. It also seems less susceptible to somebody using knowledge of the software or number-generating process to better crack what numbers you used. (1) Is there a way to seed the random number generators used by GnuPG with a one-time manually entered seed? (2) Is there a way to seed any of the random number generators people have mentioned in this thread, with a one-time manually entered seed? (3) Is there a way to have GnuPG use a different random number generator like he ones people mentioned on this thread? (4) Of the random number generators mentioned in this thread, which are cryptographically secure? Peace, community, justice, - George -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Wed May 27 16:29:01 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 27 May 2015 10:29:01 -0400 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <5565D4AD.2070805@sixdemonbag.org> > number it generates. I know that a CSPRNG is supposed to make this > cryptographically secure, but (and correct me if I'm wrong) it seems > that some one-time offline truly random process (like rolling a > thousand non-biased coins by a no-biased person) is guaranteed to be > more random than any HWRNG or software RNG that might actually have > correlations you're not aware of. This is not true. A flipped coin has a very slight bias for the side that was up when it was flipped. Dice have subtle irregularities that predispose them towards certain numbers and away from others. Not even quantum effects are truly random -- although the underlying effect may be, the measuring apparatus by which we monitor the event will always introduce hidden bias. People have even managed to show bias in Geiger counters (!!). Software has problems, yes. So too do manual processes. And generally speaking, competently-designed hardware or software solutions beat the living daylights out of manual processes. You can demonstrate the bias of a flipped coin with nothing more than a couple of very boring days spent flipping coins and some pen-and-paper work; demonstrating bias in, say, an ANSIX9.17 RNG takes quite a lot more. > (1) Is there a way to seed the random number generators used by > GnuPG with a one-time manually entered seed? Not really, no. > (2) Is there a way to seed any of the random number generators > people have mentioned in this thread, with a one-time manually > entered seed? Sure. Most CSPRNGs permit you to specify the initial seed. > (3) Is there a way to have GnuPG use a different random number > generator like he ones people mentioned on this thread? Not unless you hack the source. > (4) Of the random number generators mentioned in this thread, which > are cryptographically secure? Can't be answered. Whenever talking about cryptographically secure PRNGs, you have to specify the operating assumptions. Even something with a proof of security attached (like Blum Blum Shub) you have to specify the assumptions involved. For instance, with Blum Blum Shub the assumption is "the Integer Factorization Problem is intractable." From rjh at sixdemonbag.org Wed May 27 16:30:38 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 27 May 2015 10:30:38 -0400 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <5565D50E.5070904@sixdemonbag.org> > Also, I may be wrong here -- it seems that CSPRNG sometimes refers > to libgcrypt's "Continuously Seeded" and other times refers to > "Cryptographically Secure." It's an unfortunate ambiguity, yes. "Cryptographically secure" is a misnomer at best: it tends to lead people into thinking it means the RNG cannot be broken, when in reality it just means we don't know how to do it yet. From wk at gnupg.org Wed May 27 18:25:46 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 27 May 2015 18:25:46 +0200 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <5565C57A.8040608@nordnet.fr> (Philip Jackson's message of "Wed, 27 May 2015 15:24:10 +0200") References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> <556581F0.3090006@fsij.org> <5565B02B.6060206@nordnet.fr> <5565C119.2050004@fsij.org> <5565C57A.8040608@nordnet.fr> Message-ID: <878uca0yyd.fsf@vigenere.g10code.de> On Wed, 27 May 2015 15:24, philip.jackson at nordnet.fr said: > One of the problems with using linux distribution packages. The latest for > Ubuntu 1404 is 2.0.22-3ubuntu1.3 which I have. Ubuntu 1404 is the current > LongTermSupport version. I would expect that a LTS version fixes critical bugs. What you see might soon be a problem for many more people, thus this should be fixed by Ubuntu. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From flapflap at riseup.net Wed May 27 21:17:35 2015 From: flapflap at riseup.net (flapflap) Date: Wed, 27 May 2015 19:17:35 +0000 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <5566184F.8020005@riseup.net> George Lee: > I'm not trying to generate multiple random numbers, but just generate a PGP > key one time in a way that is very hard to crack by basing it on a one-time > seed generated manually in a reliably random way. I might be wrong here, but as I understand it you need way more often random numbers than you seem to expect. The random number is not only needed for your - for example - RSA OpenPGP key certificate. You also need random numbers for the AES session keys that are actually used to encrypt a file or an email. If you had a perfectly random RSA key and used it to encrypt AES session keys for emails, but every session key turned out to be 0x00 for all the messages (because your RNG is buggy/backdoored), and your advisary nows this, they simply can use the known session key 0x00 and don't care for your RSA key. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From toralf.foerster at gmx.de Wed May 27 16:22:59 2015 From: toralf.foerster at gmx.de (=?UTF-8?B?VG9yYWxmIEbDtnJzdGVy?=) Date: Wed, 27 May 2015 16:22:59 +0200 Subject: https://www.gnupg.org/download/index.en.html#dirmngr contains a typo : "Dirmngr >is< an optional tool>s<" Message-ID: <5565D343.1030408@gmx.de> ;) -- Toralf pgp key: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 0076 E94E From dkg at fifthhorseman.net Wed May 27 22:41:25 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 27 May 2015 16:41:25 -0400 Subject: Random Seed for Generating PGP Keys In-Reply-To: <55653548.7040707@fsij.org> References: <55630C00.2020808@verizon.net> <55653548.7040707@fsij.org> Message-ID: <87vbfdhhxm.fsf@alice.fifthhorseman.net> On Tue 2015-05-26 23:08:56 -0400, NIIBE Yutaka wrote: > Lessen was: Wikipedia is(was) not friendly to DIY hardware/software > people to link there useful information. Wikipedia sees itself as not a place to publish original research, and they frown on self-linking to avoid . However, i think NeuG is clearly a valuable reference for people trying to understand HWRNGs, and my linking to it is not a self-link. So i've added a citation there: https://en.wikipedia.org/w/index.php?title=Hardware_random_number_generator&action=historysubmit&type=revision&diff=664323918&oldid=663284657 Thanks for your work on this, gniibe! --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From gniibe at fsij.org Thu May 28 03:12:06 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 28 May 2015 10:12:06 +0900 Subject: Random Seed for Generating PGP Keys In-Reply-To: References: Message-ID: <55666B66.5030404@fsij.org> Hello, On 05/27/2015 10:14 PM, George Lee wrote: > I'm not trying to generate multiple random numbers, but just generate a PGP > key one time in a way that is very hard to crack by basing it on a one-time > seed generated manually in a reliably random way. I'd understand your point. I interpret it as: you would like to control your computing, especially around cryptography, specifically your PGP key. I also would understand your (a kind of) frustration not being able to get direct answer. People say different opinions. I think that more knobs for finer control/tuning doesn't work well here (the risk of bad configuration would be huge), and that would be a reason why GnuPG/libgcrypt has an interface to replace its random generation process by an external input. > I know that a CSPRNG is supposed to make this cryptographically > secure, but (and correct me if I'm wrong) it seems that some one-time > offline truly random process (like rolling a thousand non-biased coins by a > no-biased person) is guaranteed to be more random than any HWRNG or > software RNG that might actually have correlations you're not aware of. I think that modern HWRNG implementations should be more than "rolling a thousand non-biased coins by a no-biased person". The generation speed of HWRNG is far better than an experiment by a person, and it is (usually) tested by modern empirical statistical testing. Modern empirical statistical testing checks/requires Giga bytes of random number sequence, at least, or Tera bytes. I don't think it is practical for an experiment by a person to ask generating even Mega bytes of sequence to test. I think that if your point is bias of correlations, no person can beat modern HWRNG. > also seems less susceptible to somebody using knowledge of the software or > number-generating process to better crack what numbers you used. Right. The question here is the likeliness of back door(s). Even if the sequence is tested by modern empirical statistical testing by Tera bytes and it says no bias and no correlations, it is possible someone else has (more) knowledge than a user and can guess the sequence (forward or backward). > (1) Is there a way to seed the random number generators used by GnuPG with > a one-time manually entered seed? Although I don't recommend to do it, you can modify the file: .gnupg/random_seed (the binary file). Alternatively, you can feed to /dev/random to stir the system random pool. Then, you can indirectly feed your entropy for the generation of GPG key. In my Debian GNU/Linux, I can do: $ cat > /dev/random Hello, ... ^D In this way, I can enter anything (say, the result of coin experiment in any encoding, in any language, in any format) to stir the system random pool. No, this doesn't increase the value of /proc/sys/kernel/random/entropy_avail, just we can stir. If you would like better control of it, please see the manual of random(4) to write a program using ioctl with RNDADDENTROPY. Then, you can increase /proc/sys/kernel/random/entropy_avail. Besides, there is a file /var/lib/random-seed (in my Debian). You can edit this file (by root) if you really would like to do so. The reason why I don't recommend modifying /var/lib/random-seed or .gnupg/random_seed directly is that there will be more chance to make errors for the modification (than getting better result). > (2) Is there a way to seed any of the random number generators people have > mentioned in this thread, with a one-time manually entered seed? I don't know any HWRNG products with manually entered seed, but in the standard document, it is addressed that keyed hash/encryption can be used (instead of normal hash/encryption) as conditioning component. (Conditioning component is the component to remove bias). So, in theory, it is possible to add such a feature. > (3) Is there a way to have GnuPG use a different random number generator > like he ones people mentioned on this thread? No, I don't think so. Alternatively, you can feed to /dev/random from any random number generator. If you don't want to use /dev/random and GnuPG implementation to generate GPG key, I think that it is still possible to write a small program to generate OpenPGP key. > (4) Of the random number generators mentioned in this thread, which are > cryptographically secure? Do you mean something like: A PRBG that passes the next-bit test (possibly under some plausible but un-proved mathematical assumption such as the intractability of factoring integers) is called a cryptographically secure pseudorandom bit generator (CSPRBG). in Chapter 5, Pseudorandom Bits and Sequences of HAC [0]? Please note that it is for Psudorandom generator, but we can consider similar criteria. Any modern HWRNG, system's /dev/random, or the structure of GnuPG's random generation process all use similar component to prevent possible attacks to guess its random number sequence. [0] Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996. http://cacr.uwaterloo.ca/hac/ -- From dkg at fifthhorseman.net Thu May 28 04:40:44 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 27 May 2015 22:40:44 -0400 Subject: Trying to install version 2.1.4 In-Reply-To: <5561AECD.3080901@digitalbrains.com> References: <5561AECD.3080901@digitalbrains.com> Message-ID: <87a8wpfmqb.fsf@alice.fifthhorseman.net> On Sun 2015-05-24 06:58:21 -0400, Peter Lebbing wrote: > It might also be that the package maintainers (hi dkg!) might soon put 2.1.4 > into experimental themselves. So it really depends on how far you want to take > this "I need the latest and greatest". Sorry, i'm aware of this but terribly behind on a lot of other projects. I do hope to get to it "real soon now", but i don't know how long that will take. --dkg From dkg at fifthhorseman.net Thu May 28 07:45:03 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 28 May 2015 01:45:03 -0400 Subject: Trying to install version 2.1.4 In-Reply-To: <87a8wpfmqb.fsf@alice.fifthhorseman.net> References: <5561AECD.3080901@digitalbrains.com> <87a8wpfmqb.fsf@alice.fifthhorseman.net> Message-ID: <87h9qxdzmo.fsf@alice.fifthhorseman.net> On Wed 2015-05-27 22:40:44 -0400, Daniel Kahn Gillmor wrote: > On Sun 2015-05-24 06:58:21 -0400, Peter Lebbing wrote: >> It might also be that the package maintainers (hi dkg!) might soon put 2.1.4 >> into experimental themselves. So it really depends on how far you want to take >> this "I need the latest and greatest". > > Sorry, i'm aware of this but terribly behind on a lot of other > projects. I do hope to get to it "real soon now", but i don't know how > long that will take. OK, i've uploaded 2.1.4 to debian/experimental. I wanted to upload it to debian/unstable, but we have more planning to do before i make that move, and it seemed faster to just get 2.1.4 in place. please let me know if you have any problems with the 2.1.4 package from experimental once it hits the repositories (hopefully within a day). happy hacking, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From rex.k at me.com Thu May 28 08:02:02 2015 From: rex.k at me.com (Rex Kneisley) Date: Wed, 27 May 2015 23:02:02 -0700 Subject: Trying to install version 2.1.4 In-Reply-To: <87h9qxdzmo.fsf@alice.fifthhorseman.net> References: <5561AECD.3080901@digitalbrains.com> <87a8wpfmqb.fsf@alice.fifthhorseman.net> <87h9qxdzmo.fsf@alice.fifthhorseman.net> Message-ID: Successfully installed Gpg2 experimental. I was pleasantly surprised to find that I was at 2.1.4 when I ran a version check from the command line. Also installed GPA. Imported my private key successfully. Can still see all the public keys I Imported using 2.0.26. Seems to be running fine so far. I will continue to experiment. Thank you for all of your hard work. Rex Sent from my iPad > On May 27, 2015, at 10:45 PM, Daniel Kahn Gillmor wrote: > >> On Wed 2015-05-27 22:40:44 -0400, Daniel Kahn Gillmor wrote: >>> On Sun 2015-05-24 06:58:21 -0400, Peter Lebbing wrote: >>> It might also be that the package maintainers (hi dkg!) might soon put 2.1.4 >>> into experimental themselves. So it really depends on how far you want to take >>> this "I need the latest and greatest". >> >> Sorry, i'm aware of this but terribly behind on a lot of other >> projects. I do hope to get to it "real soon now", but i don't know how >> long that will take. > > OK, i've uploaded 2.1.4 to debian/experimental. I wanted to upload it > to debian/unstable, but we have more planning to do before i make that > move, and it seemed faster to just get 2.1.4 in place. > > please let me know if you have any problems with the 2.1.4 package from > experimental once it hits the repositories (hopefully within a day). > > happy hacking, > > --dkg From philip.jackson at nordnet.fr Thu May 28 12:44:08 2015 From: philip.jackson at nordnet.fr (Philip Jackson) Date: Thu, 28 May 2015 12:44:08 +0200 Subject: error computing keygrip Message-ID: <5566F178.6060609@nordnet.fr> Using gnupg 2.1.3 on an old portable with Debian Jessie. gpg -K lists all private keys gpg2 -K lists all private keys and follows this with eight identical lines of "gpg: error computing keygrip" 'gpg2 -K myname' lists all private keys without any error messages gpg2 --with-keygrip -K lists all private keys with their keygrips followed by the 8 lines of error messages. Again, qualifying the command line instruction by adding the username at the end gets the keygrips printed without the error messages. So it doesn't look like gnupg has any real problem with the computation of keygrips. I fear I may have done something which introduced this error when I decided to test the use of my smartcard on the portable. I removed the secring and pubring and the files which indicated that 2.1.3 had already carried out the migration. I copied across from my desktop machine the secring with the smartcard stubs, an updated pubring and updated trustdb and then set 2.1.3 going again. The smartcard seems to work fine on the portable. And so does 2.1.3 except for the 'error calculating keygrip' messages under restricted circumstances. Any ideas about what might have gone wrong and why adding the username gets the same job done without any error messages ? Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Fri May 29 03:26:34 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 29 May 2015 10:26:34 +0900 Subject: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame In-Reply-To: <878uca0yyd.fsf@vigenere.g10code.de> References: <5559E06F.5030603@nordnet.fr> <87r3qcbl44.fsf@vigenere.g10code.de> <555BA89C.4080303@nordnet.fr> <87h9r7bl7q.fsf@vigenere.g10code.de> <555E159B.40606@nordnet.fr> <556581F0.3090006@fsij.org> <5565B02B.6060206@nordnet.fr> <5565C119.2050004@fsij.org> <5565C57A.8040608@nordnet.fr> <878uca0yyd.fsf@vigenere.g10code.de> Message-ID: <5567C04A.7060908@fsij.org> On 05/28/2015 01:25 AM, Werner Koch wrote: > On Wed, 27 May 2015 15:24, philip.jackson at nordnet.fr said: > >> One of the problems with using linux distribution packages. The latest for >> Ubuntu 1404 is 2.0.22-3ubuntu1.3 which I have. Ubuntu 1404 is the current >> LongTermSupport version. > > I would expect that a LTS version fixes critical bugs. What you see > might soon be a problem for many more people, thus this should be fixed > by Ubuntu. While I'm learning Debian package management by examples, dkg kindly opened the bug in Debian BTS: https://bugs.debian.org/787139 (I didn't have an idea to open a bug in Debian BTS. Well, I am learning, since I have been not-so-active in Debian.) I believe that fix will be included in Ubuntu LTS too, eventually, since Debian and Ubuntu share packaging and information. -- From kljohann at gmail.com Thu May 28 22:24:41 2015 From: kljohann at gmail.com (=?UTF-8?Q?Johann_Kl=C3=A4hn?=) Date: Thu, 28 May 2015 22:24:41 +0200 Subject: OpenPGP card: ERR 100663351 Invalid value Message-ID: Hello, I just tried to set up an OpenPGP that I had lying around for a while. However, none of the admin commands seem to work (`name', `passwd', `lang', `sex', `url'). For example when using `gpg2 --debug-level=guru --card-edit': (gpg (GnuPG) 2.1.4, libgcrypt 1.6.3) ,---- | gpg/card> admin | Admin commands are allowed | | gpg/card> name | Cardholder's surname: K | Cardholder's given name: J | gpg: DBG: chan_4 -> SCD SETATTR DISP-NAME K< END | gpg: DBG: chan_4 <- ERR 100663351 Invalid value | gpg: error setting Name: Invalid value `---- Do you have any pointers as to what could be wrong? I get the same results after perfoming a `factory-reset' (which looks like it succeeded, see below). Please CC me, as I'm not subscribed to the list. Thanks, Johann ,---- | Really do a factory reset? (enter "yes") yes | gpg: DBG: chan_4 -> SCD RESET | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD SERIALNO undefined | gpg: DBG: chan_4 <- S SERIALNO FF7F00 0 | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD APDU 00A4040006D27600012401 | gpg: DBG: chan_4 <- [ 44 20 90 00 ] | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD APDU 00200081084040404040404040 | gpg: DBG: chan_4 <- D i | gpg: DBG: chan_4 <- OK | [...] | gpg: DBG: chan_4 -> SCD APDU 00200083084040404040404040 | gpg: DBG: chan_4 <- D i | gpg: DBG: chan_4 <- OK | [...] | gpg: DBG: chan_4 -> SCD APDU 00e60000 | gpg: DBG: chan_4 <- [ 44 20 90 00 ] | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD RESET | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD SERIALNO undefined | gpg: DBG: chan_4 <- S SERIALNO FF7F00 0 | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD APDU 00A4040006D27600012401 | gpg: DBG: chan_4 <- D b | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD APDU 00440000 | gpg: DBG: chan_4 <- [ 44 20 90 00 ] | gpg: DBG: chan_4 <- OK | gpg: DBG: chan_4 -> SCD RESET | gpg: DBG: chan_4 <- OK `---- From mofosyne at gmail.com Fri May 29 13:44:09 2015 From: mofosyne at gmail.com (mofo syne) Date: Fri, 29 May 2015 21:44:09 +1000 Subject: OpenPGP card: ERR 100663351 Invalid value In-Reply-To: References: Message-ID: If you want to reset your openpgp card (v2.0), this might help http://briankhuu.com/blog/self/2015/02/28/openpgp-card-v2.0-factory-reset.html On Fri, May 29, 2015 at 6:24 AM, Johann Kl?hn wrote: > Hello, > > I just tried to set up an OpenPGP that I had lying around for a > while. However, none of the admin commands seem to work (`name', > `passwd', `lang', `sex', `url'). For example when using `gpg2 > --debug-level=guru --card-edit': (gpg (GnuPG) 2.1.4, libgcrypt 1.6.3) > > ,---- > | gpg/card> admin > | Admin commands are allowed > | > | gpg/card> name > | Cardholder's surname: K > | Cardholder's given name: J > | gpg: DBG: chan_4 -> SCD SETATTR DISP-NAME K< | gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 11360 > | gpg: DBG: chan_4 -> END > | gpg: DBG: chan_4 <- ERR 100663351 Invalid value > | gpg: error setting Name: Invalid value > `---- > > Do you have any pointers as to what could be wrong? > I get the same results after perfoming a `factory-reset' (which looks > like it succeeded, see below). > > Please CC me, as I'm not subscribed to the list. > > Thanks, Johann > > > > ,---- > | Really do a factory reset? (enter "yes") yes > | gpg: DBG: chan_4 -> SCD RESET > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD SERIALNO undefined > | gpg: DBG: chan_4 <- S SERIALNO FF7F00 0 > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD APDU 00A4040006D27600012401 > | gpg: DBG: chan_4 <- [ 44 20 90 00 ] > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD APDU 00200081084040404040404040 > | gpg: DBG: chan_4 <- D i > | gpg: DBG: chan_4 <- OK > | [...] > | gpg: DBG: chan_4 -> SCD APDU 00200083084040404040404040 > | gpg: DBG: chan_4 <- D i > | gpg: DBG: chan_4 <- OK > | [...] > | gpg: DBG: chan_4 -> SCD APDU 00e60000 > | gpg: DBG: chan_4 <- [ 44 20 90 00 ] > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD RESET > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD SERIALNO undefined > | gpg: DBG: chan_4 <- S SERIALNO FF7F00 0 > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD APDU 00A4040006D27600012401 > | gpg: DBG: chan_4 <- D b > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD APDU 00440000 > | gpg: DBG: chan_4 <- [ 44 20 90 00 ] > | gpg: DBG: chan_4 <- OK > | gpg: DBG: chan_4 -> SCD RESET > | gpg: DBG: chan_4 <- OK > `---- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Fri May 29 14:55:29 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 29 May 2015 21:55:29 +0900 Subject: OpenPGP card: ERR 100663351 Invalid value In-Reply-To: References: Message-ID: <556861C1.5090606@fsij.org> On 05/29/2015 05:24 AM, Johann Kl?hn wrote: > ,---- > | gpg/card> admin > | Admin commands are allowed > | > | gpg/card> name > | Cardholder's surname: K > | Cardholder's given name: J > | gpg: DBG: chan_4 -> SCD SETATTR DISP-NAME K< | gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 11360 > | gpg: DBG: chan_4 -> END > | gpg: DBG: chan_4 <- ERR 100663351 Invalid value > | gpg: error setting Name: Invalid value > `---- > > Do you have any pointers as to what could be wrong? For some reason, invocation of "pinentry" seems to be failed. To change name, lang, sex, url or passwd, SCDaemon requires pinentry program to input pass phrase, but there is some problem around pinentry. Could you please check your installation? -- From kljohann at gmail.com Fri May 29 15:27:15 2015 From: kljohann at gmail.com (=?UTF-8?Q?Johann_Kl=C3=A4hn?=) Date: Fri, 29 May 2015 15:27:15 +0200 Subject: OpenPGP card: ERR 100663351 Invalid value In-Reply-To: <556861C1.5090606@fsij.org> References: <556861C1.5090606@fsij.org> Message-ID: I have an external card reader with a pin pad (CHERRY ST-2000 USB), so that is what I use. If I enter a wrong PIN the pin retry counter is reduced, so I guess it's working? Regarding the link to the reset code, I think `factory-reset` already sends the exact same instructions to the card. On Fri, May 29, 2015 at 2:55 PM, NIIBE Yutaka wrote: > On 05/29/2015 05:24 AM, Johann Kl?hn wrote: >> ,---- >> | gpg/card> admin >> | Admin commands are allowed >> | >> | gpg/card> name >> | Cardholder's surname: K >> | Cardholder's given name: J >> | gpg: DBG: chan_4 -> SCD SETATTR DISP-NAME K<> | gpg: DBG: chan_4 <- INQUIRE PINENTRY_LAUNCHED 11360 >> | gpg: DBG: chan_4 -> END >> | gpg: DBG: chan_4 <- ERR 100663351 Invalid value >> | gpg: error setting Name: Invalid value >> `---- >> >> Do you have any pointers as to what could be wrong? > > For some reason, invocation of "pinentry" seems to be failed. > > To change name, lang, sex, url or passwd, SCDaemon requires pinentry > program to input pass phrase, but there is some problem around > pinentry. > > Could you please check your installation? > -- From peter at digitalbrains.com Sat May 30 11:57:29 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 30 May 2015 11:57:29 +0200 Subject: Trying to install version 2.1.4 In-Reply-To: <87a8wpfmqb.fsf@alice.fifthhorseman.net> References: <5561AECD.3080901@digitalbrains.com> <87a8wpfmqb.fsf@alice.fifthhorseman.net> Message-ID: <55698989.1090507@digitalbrains.com> On 28/05/15 04:40, Daniel Kahn Gillmor wrote: > Sorry, i'm aware of this but terribly behind on a lot of other > projects. I hope you didn't interpret my message as pressuring you to package the latest version, because it was in no way intended to be! I simply factually noted it wasn't unlikely that it would be packaged soon, and as I suspected you might be reading that message, it was just a cheerful shout out or something equally silly. Cheers, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From the2nd at otpme.org Sat May 30 14:25:18 2015 From: the2nd at otpme.org (the2nd at otpme.org) Date: Sat, 30 May 2015 14:25:18 +0200 Subject: gpg-agent: error accessing card: Conflicting use Message-ID: Hi, i have a problem with gpg-agent when using it with a yubikey neo. after some time gpg-agent refuses to sign any data and so any ssh login with my key stored on the yubikey will fail. the gpg-agent log shows the following messages: 2015-05-30 13:49:36 gpg-agent[3600] error accessing card: Conflicting use 2015-05-30 13:49:36 gpg-agent[3600] smartcard signing failed: Conflicting use 2015-05-30 13:49:38 gpg-agent[3600] error getting default authentication keyID of card: Conflicting use the command to start gpg-agent on KDE login is: eval "$(/usr/bin/gpg-agent --daemon --enable-ssh-support --log-file ~/.gnupg/gpg-agent.log)" i haven't found the exact circumstances when it happens but its more likely to happen when the yubikey was plugged off and re-inserted, but it also happens without pull off from time to time. a restart of gpg-agent fixes the issue. it also often happens after i've pressed the yubikey button to generate an OTP but not always. gnupg version is 2.0.27-r1 running on sabayon linux. when using the same yubikey on my ubuntu 14.04 notebook at work i never had this problem. thanks for any help. regards the2nd From dkg at fifthhorseman.net Sun May 31 05:04:36 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 30 May 2015 23:04:36 -0400 Subject: Trying to install version 2.1.4 In-Reply-To: <55698989.1090507@digitalbrains.com> References: <5561AECD.3080901@digitalbrains.com> <87a8wpfmqb.fsf@alice.fifthhorseman.net> <55698989.1090507@digitalbrains.com> Message-ID: <87y4k58n23.fsf@alice.fifthhorseman.net> On Sat 2015-05-30 05:57:29 -0400, Peter Lebbing wrote: > On 28/05/15 04:40, Daniel Kahn Gillmor wrote: >> Sorry, i'm aware of this but terribly behind on a lot of other >> projects. > > I hope you didn't interpret my message as pressuring you to package the > latest version, because it was in no way intended to be! I simply > factually noted it wasn't unlikely that it would be packaged soon, and > as I suspected you might be reading that message, it was just a cheerful > shout out or something equally silly. No offense taken, and it turned out to be a useful nudge for me anyway -- it help me set aside some longer-term plans that i'd been blocking on and just get the release out to people via experimental, which i think was the right thing to do. The release to experimental certainly won't cause any problems for the longer-term plans anyway :) Thanks for the shout out, --dkg