Problems attemoting to use GPG with a USB watch
Adam Cripps
kabads at gmail.com
Tue Jan 4 09:20:13 CET 2005
On Mon, 3 Jan 2005 11:50:00 -0500, Eric S. Raymond
<esr at snark.thyrsus.com> wrote:
> I got a DiskGO USB watch for Christmas. I put it on my wishlist
> with the goal of moving my GPG keyring onto it, using GNUPGHOME
> to direct gpg to look there. The idea, of course, is to avoid having
> clear copies of my secret key live on computers that might be breached
> while I'm not around.
>
> I'm using Fedora Core 3, which automounts the watch as a USB storage
> device accessible through the SCSI layer. It gets mouunted as
> /media/usbdisk. I My keyring lives in a directory on the watch
> named gpg (without leading period). Thuism, when the watch is
> mounted, the keyring is accessible as /media/usbdisk/gpg.
>
> The last line of this listing shows that the watch is mounted as a
> SCSI filesystem:
>
> esr at snark:~/svn/gpsd/trunk$ df
> Filesystem 1K-blocks Used Available Use% Mounted on
> /dev/sda2 15583200 8321808 6469792 57% /
> /dev/sda1 101086 16596 79271 18% /boot
> none 517036 0 517036 0% /dev/shm
> /dev/sdb5 17639188 14717996 2025172 88% /home
> minx:/home 25964096 15494624 9150560 63% /nfs/minx/home
> minx:/usr/local 25964096 15494624 9150560 63% /nfs/minx/local
> grelber:/home 115377664 85171136 24345632 78% /nfs/grelber/home
> grelber:/usr/local 37848096 7250720 28674784 21% /nfs/grelber/local
> /dev/sdc1 127456 318 127138 1% /media/usbdisk
>
> This listing shows that the files are accessible and permissions
> are correct:
>
> /media/usbdisk:
> total 2
> drwx------ 2 esr esr 2048 Jan 3 11:28 gpg
>
> /media/usbdisk/gpg:
> total 316
> -rwxr-xr-x 1 esr esr 18 Mar 12 1999 pgp.cfg
> -rwxr-xr-x 1 esr esr 157532 Mar 1 2000 pubring.bak
> -rwxr-xr-x 1 esr esr 157532 Mar 7 2000 pubring.pkr
> -rwxr-xr-x 1 esr esr 512 Mar 7 2000 randseed.bin
> -rwxr-xr-x 1 esr esr 1769 Jan 14 2000 secring.bak
> -rwxr-xr-x 1 esr esr 1769 Jan 14 2000 secring.skr
>
> I then put GNUPGHOME=/media/usbdisk/gpg; export GNUPGHOME in
> my .bash_profile.
>
> Unfortunately, this seems not to work. Here are the messages I
> get when trying to use the keyring on the watch:
>
> gpg: lock not made: link() failed: Operation not permitted
> gpg: can't lock `/media/usbdisk/gpg/secring.gpg'
> gpg: DBG: oops, `/media/usbdisk/gpg/secring.gpg.lock' is not locked
> gpg: keyblock resource `/media/usbdisk/gpg/secring.gpg': general error
> gpg: lock not made: link() failed: Operation not permitted
> gpg: can't lock `/media/usbdisk/gpg/pubring.gpg'
> gpg: DBG: oops, `/media/usbdisk/gpg/pubring.gpg.lock' is not locked
> gpg: keyblock resource `/media/usbdisk/gpg/pubring.gpg': general error
> gpg: encrypted with ELG-E key, ID 5E995ED4
> gpg: decryption failed: secret key not available
>
> Any suggestions?
> --
> <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
>
> Let us hope our weapons are never needed --but do not forget what
> the common people knew when they demanded the Bill of Rights: An
> armed citizenry is the first defense, the best defense, and the
> final defense against tyranny.
> If guns are outlawed, only the government will have guns. Only
> the police, the secret police, the military, the hired servants of
> our rulers. Only the government -- and a few outlaws. I intend to
> be among the outlaws.
> -- Edward Abbey, "Abbey's Road", 1979
>
Eric,
instead of setting $GNUPGHOME, have you tried just setting
'secret keyring /path/to/secring.gpg'
in your gpg.conf file? I did this the other day (with a similar
present) and it works fine for me.
Adam
--
http://www.monkeez.org
GPG key: 7111B833
More information about the Gnupg-users
mailing list