New keyserver at keys.openpgp.org - what's your take?
Mirimir
mirimir at riseup.net
Tue Jul 2 04:44:04 CEST 2019
On 07/01/2019 07:29 AM, David wrote:
<SNIP>
> My take on all this is that I have had to disable Enigmail because it's
> screwed - I was not able to send mail and all the settings in enigmail
> were lots of ???????????? so I have been infected :(
>
> David
Damn. But all is likely not lost.
If you can open Enigmail Preferences, go to the Keyserver tab, and
specify only keys.openpgp.org as the keyserver. That way, if you manage
to fix gpg, Enigmail won't break it again. Also see "100% CPU usage
endles loop of gpg --list-keys" <https://dev.gnupg.org/T3972> for
background.
About hardening and fixing gpg, see
<https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f> at
Mitigations and Repairs. Also see
<https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html>.
You'll very likely need to use gpg in terminal. I suspect that GPA may
be just as wedged as Enigmail.
Maybe someone could post a step-by-step guide for fixing gpg. For people
who don't commonly use it in terminal. I suppose that I could import one
of the poisoned keys in a fresh VM, and explore how to fix it. But I'm
sure that someone reading this could just dash it out.
More information about the Gnupg-users
mailing list