Problem with Key Protection
Mon Nov 18 20:14:02 2002
Thank you Bob! Your hint was the critical piece to the solution of our
problem. However I came up to another strange thing, but we solved that:
The "official" windows version of GnuPG (1.2.0 and 1.2.1) do not support
the new protection as well - at least we weren't able to do that; so we
couldn't change our passphrase to apply the old protection.
However most "gpg-newbies" are using Windows, so we tried the
Cygwin-gpg-version which really works! We built a batch file for that,
copied the corresponding cygwin-dlls and the gpg executable into a
downloadable archive and this seems to work.
If anyone somehow runs into similar problems, he/she can download our
Bob Mathews wrote:
> On Friday 15 November 2002 05:56, Daniel Luebke wrote:
> gpg: Protection algorithm 254 is not supported
> gpg: signature failed: Unknown encryption algorithm
> Does anyone has a solution for that?
> Algorithm 254 is used with the new SHA-1 protected secret key format,
> was introduced in gpg 1.0.7. To turn it off for compatibility with
> 1.0.6, use
> --simple-sk-checksum when generating the key or changing the passphrase.
> The new format is meant to defend against the vulnerability described
> Is this a really big issue? Probably not. Anyone who can modify your
> key ring on disk can probably also trojan your copy of gpg and steal
> your key
> that way. Better safe than sorry, though.
> -bob mathews
Gnupg-users mailing list