GnuPG (GPG) Problem

John Clizbe JPClizbe at comcast.net
Fri Aug 25 09:41:11 CEST 2006


Bo Berglund wrote:
> On Sat, 19 Aug 2006 16:46:07 +0200, Ismael Valladolid Torres
> <ivalladolidt at terra.es> wrote:
> 
>>John Clizbe escribe:
>>> Just copy the keyring files.
>>
>>I store my private keyring and a public keyring containing only my
>>public key on a pendrive, then in your gpg.conf:
>>
>>keyring /path/to/pendrive/pubring.gpg
>>secret-keyring /path/to/pendrive/secring.gpg

You should also move the trustdb to the pendrive. First copy it then add the
following line to gpg.conf:

--trustdb-name /path/to/pendrive/trustdb.gpg

>>
> 
> I wonder about the gpg.conf file:
> Is it used at all in Windows?

Yes.

> I looked at my own one at "C:\Documents and
> Settings\<username>\Application Data\gnupg" and found only commented
> out lines there. The word keyring appeared only twice and this was in
> descriptive text, not in a setting.

The default in the registry is %APPDATA%\GnuPG. That expands to
C:\Documents and Settings\<username>\Application Data\GnuPG". You should
probably store gpg.conf on your pen drive and choose one of the methods below
for overriding the default - that way, you are taking the complete environment
with you on the pen drive.

There are three ways of changing it. In increasing priority
1) Use Regedit.exe, navigate to the key HKCU\Software\Gnu\GnuPG and change the
   HomeDir value

2) set the environment variable GNUPGHOME

3) include --homedir /path/to/pendrive/ on the commnd line each time you
   invoke gpg

This totally portable environment is the approach used by the GPG2GO project.
See http://www.angelfire.com/mb2/mbgpg2go/tp.html

That sounds like a template gpg.conf. I know one like that ships with the Cygwin
implementation.

You may wish to check out the page http://enigmail.mozdev.org/gpgconf.html
It contains a sample gpg.conf for windows you may download to your PC:
http://enigmail.mozdev.org/gpg.conf

Its contents are:
+++++
default-recipient-self
keyserver random.sks.keyserver.penguin.de
default-cert-check-level 3
keyserver-options auto-key-retrieve include-revoked include-subkeys
no-mangle-dos-filenames
no-secmem-warning

# If you installed idea.dll, uncomment the following line
# load-extension Lib\idea
+++++

Here's mine
+++++
comment "When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG"
comment "Be part of the £33t ECHELON -- Use Strong Encryption."
comment "It's YOUR right - for the time being."
#
# SKS keyserver
keyserver minsky.surfnet.nl
#
# The option lines are one line only. They tend to wrap.
#
keyserver-options auto-key-retrieve include-subkeys include-revoked
repair-pks-subkey-bug import-clean-sigs import-clean-uids export-clean-sigs
export-clean-uids
#
import-options import-local-sigs repair-pks-subkey-bug import-clean-sigs
import-clean-uids
#
export-options include-local-sigs export-clean-sigs export-clean-uids
allow-non-selfsigned-uid
#
# Not always needed, since self-builts have IDEA hardwired into the binary
#load-extension Lib\idea
#
no-default-keyring
keyring	pubring.gpg
primary-keyring	pubring.gpg
secret-keyring	O:\GnuPG\secring.gpg
#
default-key 0x608D2A10
default-recipient-self
encrypt-to 0x18BB373A
#
bzip2-compress-level 9
compress-level 9
#
no-greeting
no-secmem-warning
armor
no-mangle-dos-filenames
no-auto-check-trustdb	# done by cron/scheduled tasks
expert
enable-dsa2
+++++

-- 
John P. Clizbe                   Inet:   JPClizbe(a)comcast DOT nyet
Golden Bear Networks             PGP/GPG KeyID: 0x608D2A10
"Be who you are and say what you feel because those who mind don't matter
and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 662 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060825/3e0ce951/signature-0001.pgp


More information about the Gnupg-users mailing list