patching GnuPG to shuddup was: Re: Signatures and GnuPG and PGP 6.8.X

Larry Rosenman ler@lerctr.org
Mon, 23 Oct 2000 14:41:50 -0500 


:-)


We've all done it (missed a FAQ...)

No Problem.

LER


-----Original Message-----
From: Armin Hartinger [mailto:armin@pctechware.com]
Sent: Monday, October 23, 2000 2:39 PM
To: Larry Rosenman
Cc: Caleb Land; gnupg-users@gnupg.org
Subject: Re: patching GnuPG to shuddup was: Re: Signatures and GnuPG and
PGP 6.8.X


YESSSS!!!!! That worked! How embarrassing. I really missed the FAQ. I was
looking through the manual, readme files etc... but that one I missed.
Someone
put a <FONT SIZE="+7"> around that FAQ-link please ;-)

That's a HUGE relieve!

Thanx Larry!

Larry Rosenman wrote:


> >From the doc/FAQ file:

>

> 6. PROBLEMS and ERROR MESSAGES

>

> 6.1) Why do I get "gpg: Warning: using insecure memory!"

>

>     On many systems this program should be installed as

>     setuid(root). This is necessary to lock memory pages.  Locking

>     memory pages prevents the operating system from writing memory pages

>     to disk and thereby keeping your secret keys really secret. If you

>     get no warning message about insecure memory your operating system

>     supports locking without being root. The program drops root

>     privileges as soon as locked memory is allocated.

>

>     If you can't or don't want to install GnuPG setuid(root), you can

>     use the option "--no-secmem-warning" or put

>     no-secmem-warning  in your ~/.gnupg/options file.

>

> -----Original Message-----

> From: Armin Hartinger [mailto:armin@pctechware.com]

> Sent: Monday, October 23, 2000 2:27 PM

> To: Larry Rosenman

> Cc: Caleb Land; gnupg-users@gnupg.org

> Subject: Re: patching GnuPG to shuddup was: Re: Signatures and GnuPG and

> PGP 6.8.X

>

> The platform is actually FreeBSD. It's my webhost on which I just have a

> little useraccount. and

> ... I don't really follow what you are trying to say below.

> Would going in into the C-source and just commenting out the offending

> message out - work?

>

> Just wondering...

>

> -Armin

>

> Larry Rosenman wrote:

>

> > On what platform?  On Linux, I believe, the gpg binary needs to be

> > setuid root.  On UnixWare, add filepriv -f plock /path/to/gpg

> >

> > Larry

> >

> > * Armin Hartinger <armin@pctechware.com> [001023 13:58]:

> > > How to patch gnupg to not complain? It messes up php-scripts of mine

> this way. (complaining

> > > about insecure memory)

> > > -Armin

> > >

> > > Caleb Land wrote:

> > >

> > > > Hello,

> > > >         I'm using GnuPG 1.0.4 (patched to not complain about

> > > > deprecated algorithms), and a friend of mine is using the newest

> > > > freeware PGP program (6.8.something).  When I encrypt a file and

sign

> > > > it and send it to him, he can decrypt it, but his program reads that

> > > > it is a bad signature.

> > > >         Now, I tried both attaching the file\ and using mutt to

> > > > encrypt and sign it, and I tried doing:

> > > >

> > > > ---output---

> > > >

> > > > [caleb@deepthought caleb]$ gpg --armor --sign --recipient "Brian R.

> Boyce" --encrypt test.c

> > > > gpg: Warning: using insecure memory!

> > > >

> > > > You need a passphrase to unlock the secret key for

> > > > user: "Caleb Land (RedHatDude) <bokonon@rochester.rr.com>"

> > > > 1024-bit DSA key, ID 29402314, created 2000-10-18

> > > >

> > > > ---/output---

> > > >

> > > >         He can decrypt the file fine, but it reads that my signature

> > > > is bad.  I moved my private/public keypair to a windows box with the

> > > > newest version of freeware PGP, and sent him a file which I

encrypted

> > > > and signed, and all went well.  It both decrypted and the signature

> > > > checked out okay.

> > > >         I hope that this is enough information.  Unfortunately, I am

> > > > fairly new to this stuff, so I don't understand it too well.

> > > >

> > > >         One more thing:  I get a message which I don't understand

when

> > > > I try to decrypt files sent by him to me:

> > > >

> > > > ---output---

> > > >

> > > > [caleb@deepthought caleb]$ gpg --decrypt DTF-802.pdf.asc >

DTF-802.pdf

> > > > gpg: Warning: using insecure memory!

> > > >

> > > > You need a passphrase to unlock the secret key for

> > > > user: "Caleb Land (RedHatDude) <bokonon@rochester.rr.com>"

> > > > 1024-bit ELG-E key, ID 0E85FED7, created 2000-10-18 (main key ID

> > > > 29402314)

> > > >

> > > > gpg: encrypted with 3072-bit ELG-E key, ID AA4D2A27, created

> > > > 2000-10-16

> > > >       "Brian R. Boyce <Veritas@rochester.rr.com>"

> > > > gpg: no secret key for decryption available

> > > > gpg: Signature made Mon Oct 23 12:09:06 2000 EDT using DSA key ID

> > > > 752A64A7

> > > > gpg: Good signature from "Brian R. Boyce <Veritas@rochester.rr.com>"

> > > >

> > > > ---/output---

> > > >

> > > >         What does "gpg: no secret key for decryption available"

mean?

> > > > The file decrypts fine, but I have no idea what the error (warning

or

> > > > neither?) message means.

> > > >

> > > > --

> > > > Sincerely,

> > > > Caleb Land

> > > > (bokonon@rochester.rr.com)

> > > >

> > > > --

> > > > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail

> > > > with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org

> > >

> > > --

> > > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail

> > > with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org

> >

> > --

> > Larry Rosenman                      http://www.lerctr.org/~ler

> > Phone: +1 972-414-9812 (voice) Internet: ler@lerctr.org

> > US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

>

> --

> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail

> with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org


-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org