From gniibe at fsij.org Thu Nov 9 01:58:12 2023 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 09 Nov 2023 09:58:12 +0900 Subject: libgcrypt 1.10.2 compile on AIX POWER In-Reply-To: <970069812.12433.1697462722695@email.df.eu> References: <1291647865.5178.1697457730690@email.df.eu> <970069812.12433.1697462722695@email.df.eu> Message-ID: <87y1f7eo9n.fsf@akagi.fsij.org> Hello, Frank Lindner wrote: > For 1.10.2 I now run into the following: >>---- start ---< > /opt/freeware/bin/bash ../libtool --tag=CC --mode=link cc > -I/opt/freeware/include -qmaxmem=16384 -qlanglvl=extc99 -DSYSV > -D_AIX -D_AIX32 -D_AIX41 -D_AIX43 -D_AIX51 -D_AIX52 -D_AIX53 > -D_AIX61 -D_AIX71 -D_AIX72 -D_ALL_SOURCE -DFUNCPROTO=15 -O2 > -I/opt/freeware/include -no-install -L/opt/freeware/lib64 > -L/opt/freeware/lib > -Wl,-blibpath:/opt/freeware/lib64:/opt/freeware/lib:/usr/lib:/lib > -Wl,-bmaxdata:0x80000000 -o hashtest hashtest.o > ../src/libgcrypt.la ../compat/libcompat.la -L/opt/freeware/lib > -lgpg-error -lpthread (line is wrapped by me) IIUC, you manually supplied LDFLAGS (at configure or make), which doesn't work well in this particular case (since LDFLAGS has a precedence over locally specified ../src, compiler finds **installed** version of libgcrypt, instead of currently building one). Please check gpgrt-config from libgpg-error is installed correctly. Possibly, in your case, it might be /opt/freeware/bin. Then, make sure /opt/freeware/bin in PATH, and run configure. This way, configure script should find correct value for -L, by gpgrt-config (no need to manually supply LDFLAGS). -- From dan.list at brilhante.top Fri Nov 10 09:47:52 2023 From: dan.list at brilhante.top (Daniel Cerqueira) Date: Fri, 10 Nov 2023 08:47:52 +0000 Subject: How to send a signed git patch Message-ID: <874jhu0zbb.fsf@brilhante.top> Hi everyone. I want to send my po translation of GnuPG. Werner told me to send a signed git patch to a list. So, I signed my git commit with my GnuPG key. And when I do `git format-patch master` the created patch does not have this signature. How can I create a git patch with a GnuPG signature? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 832 bytes Desc: not available URL: From mcr at sandelman.ca Fri Nov 10 14:09:01 2023 From: mcr at sandelman.ca (Michael Richardson) Date: Fri, 10 Nov 2023 14:09:01 +0100 Subject: How to send a signed git patch In-Reply-To: <874jhu0zbb.fsf@brilhante.top> References: <874jhu0zbb.fsf@brilhante.top> Message-ID: <3737517.1699621741@dyas> Daniel Cerqueira via Gnupg-users wrote: > I want to send my po translation of GnuPG. > Werner told me to send a signed git patch to a list. > So, I signed my git commit with my GnuPG key. And when I do `git > format-patch master` the created patch does not have this signature. I think: include that patch in an email (not an attachment), and sign it. A signed git commit does not get transfered by email, alas. You'd have to use git:// or https:// or.. to transfer the git signature. > How can I create a git patch with a GnuPG signature? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 658 bytes Desc: not available URL: From dan.list at brilhante.top Fri Nov 10 14:32:24 2023 From: dan.list at brilhante.top (Daniel Cerqueira) Date: Fri, 10 Nov 2023 13:32:24 +0000 Subject: How to avoid weird mestage on file deciphering Message-ID: <878r75zqc7.fsf@brilhante.top> Hi. I am trying to do a script that has `gpg --decrypt`. This is what I am getting: LC_ALL=C gpg --decrypt ~/file.gpg gpg: encrypted with RSA key, ID 0x0000000000000000 gpg: anonymous recipient; trying secret key 0x2D3C49A28079BBBD ... gpg: anonymous recipient; trying secret key 0xB8A344FF3684F216 ... gpg: anonymous recipient; trying secret key 0x60E8A97AEB2F2DB9 ... gpg: okay, we are the anonymous recipient. asdf I want to avoid all the messages and only output "asdf" (the content of the file). How can I do this with gpg? I have tried some variations, but I always get this "gpg: anonumous recipient" message (that I want to avoid). My key is on a Yubikey. Don't know if this matters for this issue. Thanks. From verbuecheln at posteo.de Fri Nov 10 14:48:04 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Fri, 10 Nov 2023 13:48:04 +0000 Subject: How to avoid weird mestage on file deciphering In-Reply-To: <878r75zqc7.fsf@brilhante.top> References: <878r75zqc7.fsf@brilhante.top> Message-ID: <4fbbf31c98c410078ac99884cab3afdc8a045e84.camel@posteo.de> Notifications, warnings and errors are sent to stderr (rather than stdout), so the solution for bash would be: $ gpg --decrypt file.txt.gpg 2> /dev/null Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From jcb62281 at gmail.com Sat Nov 11 03:48:18 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Fri, 10 Nov 2023 20:48:18 -0600 Subject: How to send a signed git patch In-Reply-To: <874jhu0zbb.fsf@brilhante.top> References: <874jhu0zbb.fsf@brilhante.top> Message-ID: <654EEB72.5030403@gmail.com> Daniel Cerqueira via Gnupg-users wrote: > Hi everyone. > > I want to send my po translation of GnuPG. > > Werner told me to send a signed git patch to a list. > > So, I signed my git commit with my GnuPG key. And when I do > `git format-patch master` the created patch does not have this signature. > > How can I create a git patch with a GnuPG signature? > You would have to sign the output of `git format-patch` separately. Git signatures are stored in tag objects which refer to the signed commit. An exported patch is only part of a commit and therefore does not carry the commit ID, which is what Git signs, if I recall correctly. Another option would be to attach a Git bundle to an email, generated using `git bundle create origin/master..SIGNED-TAG-FOR-PATCH` although this would be less easily reviewed. -- Jacob From jsbiff at weldingengineering.com Sun Nov 12 15:50:07 2023 From: jsbiff at weldingengineering.com (Jeff Schmidt) Date: Sun, 12 Nov 2023 09:50:07 -0500 Subject: gnupg 'signing server'? Looking for advice on key management/security Message-ID: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> Hi, ?? So, I want to start using Gnupg more to sign things. Right now, in addition to GnuPG having access to my private key, to use signing/encryption in my email client, requires allowing the openpgp implementation in the email client to access my private key. Which, I think I'm OK with as it's a local client, but, I got to thinking about the problem of access to the private key. Of course, the whole premise of public key encryption is that your private key is a closely guarded secret. Which raises the question, how does one USE the private key, without risking exposing it. There are multiple problems, it seems to me, and I'm sure as I'm about 20 years late to the party, that others have identified these and more, so I wonder if I can get recommendations to articles/blog posts online, or books, or any wisdom the subscribers of this list can impart. But, the problems that have occurred to me: * Even if one only uses the key locally on one or two 'trusted' devices, there is still the problem of multiplying how many different apps might have access to your private key - and the more apps, the more points of potential failure/leakage of your key. Any app that has been maliciously trojaned by some bad actor, could steal your private key, and transmit it to some third party, or even allow a third party to simply sign or encrypt data using the local app, that isn't yours, as if it came from you. * The problem gets worse when you think about things like online services - if you are using an online email or messaging provider, or photo sharing service, document/file sharing service, online social media service, it seems like it would be a really bad idea to upload your private key to those services and trust them with that. Now, maybe you might use subkeys are a sort of partial solution to that - generating service-specific and revocable subkeys for each specific service, and never providing the master private key, but that still presents a risk that any of those subkeys might be stolen. * Using a strong password to encrypt and protect the private key, while a good idea, doesn't really solve the problem, because at some point, to use the private key, you have to provide the password so it can be decrypted to be used, and every time you provide the password, it presents an opportunity for the key to be stolen. It seems to me that maybe the best way to resolve many of these risks, at least, to reduce the 'surface area' of the risk, is to only have ONE app (ideally, gnupg) that EVER accesses the private key, and that ALL other requests to encrypt or sign data be brokered through a 'gnupg server' running on my trusted device, where connections to the server are encrypted, and when I want data to be signed or encrypted with my private key, whatever app I'm using to originate the data connects to gnupg and requests signing or encryption as a service from the server. Then, gnupg could present the data to me for verification that no man-in-the-middle or malicious app has altered the data before submitting it for signing/encryption, then I provide my password just to gnupg, which would sign or encrypt the payload and pass it back to the original app or web service. Is there an easy way to use gnupg like this? It would be lovely if, for example, when I'm posting on a social media platform, if I could configure the social media app to connect to my local 'gnupg server' and have all my posts and shared photos/videos signed. Of course, this would require support in those third party apps to have the necessary code to make that connection to gnupg, but, as a starting point, I'm not clear if there is even any standard protocol for such a service, or if gnupg implements it? -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_0x566331566E95AC02.asc Type: application/pgp-keys Size: 677 bytes Desc: OpenPGP public key URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 236 bytes Desc: OpenPGP digital signature URL: From dan.list at brilhante.top Sun Nov 12 20:21:44 2023 From: dan.list at brilhante.top (Daniel Cerqueira) Date: Sun, 12 Nov 2023 19:21:44 +0000 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> (Jeff Schmidt's message of "Sun, 12 Nov 2023 09:50:07 -0500") References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> Message-ID: <87a5rird4n.fsf@brilhante.top> Jeff Schmidt writes: > Hi, > > ?? So, I want to start using Gnupg more to sign things. Right now, in > addition to GnuPG having access to my private key, to use > signing/encryption in my email client, requires allowing the openpgp > implementation in the email client to access my private key. Which, I > think I'm OK with as it's a local client, but, I got to thinking about > the problem of access to the private key. > > Of course, the whole premise of public key encryption is that your > private key is a closely guarded secret. Which raises the question, > how does one USE the private key, without risking exposing it. > > There are multiple problems, it seems to me, and I'm sure as I'm about > 20 years late to the party, that others have identified these and > more, so I wonder if I can get recommendations to articles/blog posts > online, or books, or any wisdom the subscribers of this list can > impart. > > But, the problems that have occurred to me: > > * Even if one only uses the key locally on one or two 'trusted' > devices, there is still the problem of multiplying how many > different apps might have access to your private key - and the more > apps, the more points of potential failure/leakage of your key. Any > app that has been maliciously trojaned by some bad actor, could > steal your private key, and transmit it to some third party, or even > allow a third party to simply sign or encrypt data using the local > app, that isn't yours, as if it came from you. > > * The problem gets worse when you think about things like online > services - if you are using an online email or messaging provider, > or photo sharing service, document/file sharing service, online > social media service, it seems like it would be a really bad idea to > upload your private key to those services and trust them with that. > Now, maybe you might use subkeys are a sort of partial solution to > that - generating service-specific and revocable subkeys for each > specific service, and never providing the master private key, but > that still presents a risk that any of those subkeys might be > stolen. > > * Using a strong password to encrypt and protect the private key, > while a good idea, doesn't really solve the problem, because at some > point, to use the private key, you have to provide the password so > it can be decrypted to be used, and every time you provide the > password, it presents an opportunity for the key to be stolen. > > It seems to me that maybe the best way to resolve many of these risks, > at least, to reduce the 'surface area' of the risk, is to only have > ONE app (ideally, gnupg) that EVER accesses the private key, and that > ALL other requests to encrypt or sign data be brokered through a > 'gnupg server' running on my trusted device, where connections to the > server are encrypted, and when I want data to be signed or encrypted > with my private key, whatever app I'm using to originate the data > connects to gnupg and requests signing or encryption as a service from > the server. Then, gnupg could present the data to me for verification > that no man-in-the-middle or malicious app has altered the data before > submitting it for signing/encryption, then I provide my password just > to gnupg, which would sign or encrypt the payload and pass it back to > the original app or web service. > > Is there an easy way to use gnupg like this? It would be lovely if, > for example, when I'm posting on a social media platform, if I could > configure the social media app to connect to my local 'gnupg server' > and have all my posts and shared photos/videos signed. Of course, this > would require support in those third party apps to have the necessary > code to make that connection to gnupg, but, as a starting point, I'm > not clear if there is even any standard protocol for such a service, > or if gnupg implements it? You may want to consider using an OpenPGP smartcard (for example, a Yubikey). Seems that you are a good fit. Using a OpenPGP smartcard, the private key never leaves the smartcard. The smartcard can also be used on a smartphone that has NFC support. Cheers From jcb62281 at gmail.com Mon Nov 13 02:46:42 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Sun, 12 Nov 2023 19:46:42 -0600 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <87a5rird4n.fsf@brilhante.top> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> Message-ID: <65518002.5050809@gmail.com> Daniel Cerqueira via Gnupg-users wrote: > Jeff Schmidt writes: > > [...] > You may want to consider using an OpenPGP smartcard (for example, a > Yubikey). Seems that you are a good fit. > > Using a OpenPGP smartcard, the private key never leaves the smartcard. > The smartcard can also be used on a smartphone that has NFC support. > The problem here is that, while the key never leaves the smartcard, the /entire/ device that accesses the smartcard must be trusted, as a backdoor on the device could steal plaintext or submit extra items for signing. A PIN does not solve the problem, since the PIN is entered on the device, which could be backdoored to store the PIN and submit it along with Mallory's messages for the smartcard to sign---and the card will sign it, since the PIN checks out... Smartcards make silently duplicating the key difficult (supposedly infeasible) but do not solve the general problems with network-connected devices. -- Jacob From verbuecheln at posteo.de Mon Nov 13 07:09:14 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Mon, 13 Nov 2023 06:09:14 +0000 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <65518002.5050809@gmail.com> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> Message-ID: On Sun, 2023-11-12 at 19:46 -0600, Jacob Bachmeyer wrote: > A PIN does not solve the problem, since the PIN is entered on > the device, which could be backdoored to store the PIN That's why card readers with pinpads were invented, and GnuPG also supports that: https://www.gnupg.org/howtos/card-howto/en/ch02s02.html Other ideas to improve isolation: * If you trust your Linux distribution in general but not every single desktop app, you can use a separate Linux user for sensitive activities. * You can use GnuPG Agent Forwarding via SSH to sign a file on a less trusted server from a more trusted client. This way your PIN is entered on the more trusted client machine. Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From wk at gnupg.org Sun Nov 12 20:41:28 2023 From: wk at gnupg.org (Werner Koch) Date: Sun, 12 Nov 2023 20:41:28 +0100 Subject: How to avoid weird mestage on file deciphering In-Reply-To: <4fbbf31c98c410078ac99884cab3afdc8a045e84.camel@posteo.de> ("Stephan =?utf-8?Q?Verb=C3=BCcheln?= via Gnupg-users"'s message of "Fri, 10 Nov 2023 13:48:04 +0000") References: <878r75zqc7.fsf@brilhante.top> <4fbbf31c98c410078ac99884cab3afdc8a045e84.camel@posteo.de> Message-ID: <87bkbyiwt3.fsf@jacob.g10code.de> On Fri, 10 Nov 2023 13:48, Stephan Verb?cheln said: > Notifications, warnings and errors are sent to stderr (rather than > stdout), so the solution for bash would be: > > $ gpg --decrypt file.txt.gpg 2> /dev/null Or to suppress the specific diagnostics mentioned but still show important error message use gpg -q ... or gpg --quiet ... Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From Alexander at Leidinger.net Mon Nov 13 09:04:26 2023 From: Alexander at Leidinger.net (Alexander Leidinger) Date: Mon, 13 Nov 2023 09:04:26 +0100 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> Message-ID: <25c690ecf3787e4d88ff5f938c242f7d@Leidinger.net> Am 2023-11-13 07:09, schrieb Stephan Verb?cheln via Gnupg-users: > On Sun, 2023-11-12 at 19:46 -0600, Jacob Bachmeyer wrote: >> A PIN does not solve the problem, since the PIN is entered on >> the device, which could be backdoored to store the PIN > > That's why card readers with pinpads were invented, and GnuPG also > supports that: > https://www.gnupg.org/howtos/card-howto/en/ch02s02.html > > Other ideas to improve isolation: > * If you trust your Linux distribution in general but not every single > desktop app, you can use a separate Linux user for sensitive > activities. > * You can use GnuPG Agent Forwarding via SSH to sign a file on a less > trusted server from a more trusted client. This way your PIN is entered > on the more trusted client machine. What can you sign? Non-complete answer: - git commits - files - emails How can you sign emails? Non-complete answer: - webmail interface - MUA with pgp support From which systems can you use such email signatures? Non-complete answer: - Android - iOS - Windows - MacOS - Linux - FreeBSD - your TV (e.g. if it has a web browser) Yubikey or similar and agent forwarding can't be used when I am not at home and access my webmail interface (I want to have a big screen for certain emails), typically this is not supported by a webmail interface. Agent forwarding can't be used for this use case too. I'm interested to hear about a Android App which supports yubikeys, but this is curiosity, as it doesn't help with the above case of a webmail interface. Right now, there is no solution which allows an android app, a webmail interface from the work-PC and a MUA or webmail interface on/from your PC at home (no matter which OS) to use _1_ central location of your private key (so far you may be able to have it stored in your webmail solution, and on your yubikey for apps/git/files but the last part depends on something which is able to forward it to remote locations, which doesn't work if you need to use a web-interface based ssh gateway solution instead of direct ssh access). Feel free to prove me wrong, I would love to have a solution for this. Note, while looking up something related, I found an old German overview about the email-apps situation from the authors of GPG for the German ministry of information security: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Studien/OpenPGP/openpgpandroid.pdf?__blob=publicationFile&v=2 I have fast-read some parts and it looks like the situation hasn't really changed in the last 8 years. If you think about it (I just invested 1 minute), you would need: - some server with your private key which is reachable from everywhere - a safe authentication possibility to it - a remote signing protocol - support in all apps/MUAs/... One could argue, that you put OIDC in front of gnupg-agent on a network socket and you have covered the 3 first items (but I would bet it is not as simple as that). Then it would be simply support in all the apps/MUAs/... (webmail interfaces which use gnupg-agent already, would be simple to convert if gnupg-agent would have a proxy feature which would connect to the remote agent). Bye, Alexander. -- http://www.Leidinger.net Alexander at Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild at FreeBSD.org : PGP 0x8F31830F9F2772BF -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: From verbuecheln at posteo.de Mon Nov 13 10:29:40 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Mon, 13 Nov 2023 09:29:40 +0000 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <25c690ecf3787e4d88ff5f938c242f7d@Leidinger.net> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <25c690ecf3787e4d88ff5f938c242f7d@Leidinger.net> Message-ID: <52ac17585c279d2b68666c883ac38195c9168eb2.camel@posteo.de> His original post was about signing files, not reading encrypted mails. Of course, everything gets complicated when you want to read the same mails from many devices. What would be the point of such a server? Having a server like that appears dangerous to me. How is it protecting the key better than a smartcard? The smartcard is convenient for precisely that scenario, you can carry it in your pocket and use it on any device. And the Agent Forwarding allows you to use the key on servers without physical access. On Mon, 2023-11-13 at 09:04 +0100, Alexander Leidinger wrote: > I'm interested to hear about a Android App which supports yubikeys I rarely read (encrypted) mails on my phone. However, K-9 Mail plus OpenKeychain (each available in Google Play and F-Droid) support Yubikey (and probably any other OpenPGP smartcard) via both USB and NFC on my Samsung phone. https://docs.k9mail.app/en/6.400/security/pgp/ I do not like webmail, but as far as I know there are various browser addons for PGP in webmail. https://mailvelope.com/ Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From juergen at bruckner.email Mon Nov 13 11:40:42 2023 From: juergen at bruckner.email (Juergen M. Bruckner) Date: Mon, 13 Nov 2023 11:40:42 +0100 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <25c690ecf3787e4d88ff5f938c242f7d@Leidinger.net> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <25c690ecf3787e4d88ff5f938c242f7d@Leidinger.net> Message-ID: <9b1027e5-3157-46fe-b59e-9478e2655b24@bruckner.email> Hello Alexander, Am 13.11.23 um 09:04 schrieb Alexander Leidinger via Gnupg-users: > I'm interested to hear about a Android App which supports yubikeys, but > this is curiosity, as it doesn't help with the above case of a webmail > interface. As far I know 'Openkeychain' supports OpenPGP smartcards (Yubikey and Nitrokey) via USB and NFC. best regards Juergen -- /?\ No | \ / HTML | Juergen Bruckner X in | juergen at bruckner.email / \ Mail | -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3482 bytes Desc: Kryptografische S/MIME-Signatur URL: From dan.list at brilhante.top Mon Nov 13 12:46:19 2023 From: dan.list at brilhante.top (Daniel Cerqueira) Date: Mon, 13 Nov 2023 11:46:19 +0000 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <65518002.5050809@gmail.com> (Jacob Bachmeyer's message of "Sun, 12 Nov 2023 19:46:42 -0600") References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> Message-ID: <87pm0dq3jo.fsf@brilhante.top> Jacob Bachmeyer writes: > The problem here is that, while the key never leaves the smartcard, > the /entire/ device that accesses the smartcard must be trusted, as a > backdoor on the device could steal plaintext or submit extra items for > signing. A PIN does not solve the problem, since the PIN is entered > on the device, which could be backdoored to store the PIN and submit > it along with Mallory's messages for the smartcard to sign---and the > card will sign it, since the PIN checks out... > > Smartcards make silently duplicating the key difficult (supposedly > infeasible) but do not solve the general problems with > network-connected devices. If you don't trust pinentry, maybe you should also not trust gnupg. They are from the same project (gnupg.org). I believe is best for you not to use gnupg and pinentry, until you review it. From jcb62281 at gmail.com Tue Nov 14 05:23:16 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Mon, 13 Nov 2023 22:23:16 -0600 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <87pm0dq3jo.fsf@brilhante.top> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <87pm0dq3jo.fsf@brilhante.top> Message-ID: <6552F634.7050705@gmail.com> Daniel Cerqueira wrote: > Jacob Bachmeyer writes: > > >> The problem here is that, while the key never leaves the smartcard, >> the /entire/ device that accesses the smartcard must be trusted, as a >> backdoor on the device could steal plaintext or submit extra items for >> signing. A PIN does not solve the problem, since the PIN is entered >> on the device, which could be backdoored to store the PIN and submit >> it along with Mallory's messages for the smartcard to sign---and the >> card will sign it, since the PIN checks out... >> >> Smartcards make silently duplicating the key difficult (supposedly >> infeasible) but do not solve the general problems with >> network-connected devices. >> > > If you don't trust pinentry, maybe you should also not trust gnupg. They > are from the same project (gnupg.org). > > I believe is best for you not to use gnupg and pinentry, until you > review it. My point is that smartcards do not magically increase security beyond the private key wrapping encryption built in to GPG, and provide little actual security benefit unless less-common steps (such as using a card reader with its own PIN pad) are taken. (The convenience of being able to simply move the card between devices may be useful for some users.) The issue here is not GPG or its associated pinentry program or any question of their integrity. The issue is the possibility of the computer being tampered while I am away from it, or potentially, via the network, right under my nose. (Consider the overall security of the typical Android device.) So far, smartcards do not seem to provide any better protection in this case than GPG's own security features. Such tampering would enable the theft of the GPG key passphrase or card PIN in either case. In other words, the same attacks that can effectively break GPG's built in security also effectively break a smartcard by enabling the unauthorized use of the key on the card. That is ignoring the additional risk that few if any smartcards use Free firmware, and are, by design, nearly impossible to verify. A secret backdoor on the smartcard cannot be categorically ruled out, although such a violation of trust would be expected to effectively remove the card's manufacturer from the market should it come to light. -- Jacob From hfollmann at itcfollmann.com Tue Nov 14 07:12:20 2023 From: hfollmann at itcfollmann.com (Henning Follmann) Date: Tue, 14 Nov 2023 01:12:20 -0500 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <6552F634.7050705@gmail.com> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <87pm0dq3jo.fsf@brilhante.top> <6552F634.7050705@gmail.com> Message-ID: On Mon, Nov 13, 2023 at 10:23:16PM -0600, Jacob Bachmeyer via Gnupg-users wrote: > Daniel Cerqueira wrote: > > Jacob Bachmeyer writes: > > > [...] > My point is that smartcards do not magically increase security beyond the > private key wrapping encryption built in to GPG, and provide little actual > security benefit unless less-common steps (such as using a card reader with > its own PIN pad) are taken. (The convenience of being able to simply move > the card between devices may be useful for some users.) > > The issue here is not GPG or its associated pinentry program or any question > of their integrity. The issue is the possibility of the computer being > tampered while I am away from it, or potentially, via the network, right > under my nose. (Consider the overall security of the typical Android > device.) So far, smartcards do not seem to provide any better protection in > this case than GPG's own security features. Such tampering would enable the Yes it does. The key can't be copied and taken away from the device. This is an advantage. > theft of the GPG key passphrase or card PIN in either case. In other words, > the same attacks that can effectively break GPG's built in security also > effectively break a smartcard by enabling the unauthorized use of the key on > the card. > > That is ignoring the additional risk that few if any smartcards use Free > firmware, and are, by design, nearly impossible to verify. A secret > backdoor on the smartcard cannot be categorically ruled out, although such a > violation of trust would be expected to effectively remove the card's > manufacturer from the market should it come to light. nitrokey publishes its card firmware and it can be updated and independently audited. There is also the OpenPGP card. IIRC the firmware is also available. Yubikey does not publish the key firmware but they have an independent auditing process in place IIRC. -H -- Henning Follmann | hfollmann at itcfollmann.com From jcb62281 at gmail.com Wed Nov 15 03:52:07 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Tue, 14 Nov 2023 20:52:07 -0600 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <87pm0dq3jo.fsf@brilhante.top> <6552F634.7050705@gmail.com> Message-ID: <65543257.4000905@gmail.com> Henning Follmann wrote: > On Mon, Nov 13, 2023 at 10:23:16PM -0600, Jacob Bachmeyer via Gnupg-users wrote: > >> Daniel Cerqueira wrote: >> >>> Jacob Bachmeyer writes: >>> > [...] > > > Yes it does. The key can't be copied and taken away from the device. This > is an advantage. > It is an advantage that is not relevant to network-connected general-purpose computing devices. In both cases, the key is secure when not in use. An encrypted private key is useless without the passphrase and a card is useless without the PIN. In both cases the key can be further secured by physical isolation, storing the encrypted key on removable media or keeping the card out of the reader when not in use. In both cases a "smash and grab" attack yields nothing of value, either an encrypted key or nothing at all (smartcard or removable media). That means an intelligent attacker will attempt to place persistent malware to backdoor the device. While the theft of both encrypted key and passphrase enables Mallory to forge signatures at his leisure, persistent malware could just as easily submit Mallory's messages to the smartcard for signing after locally stealing the PIN and simply waiting for the unsuspecting user to insert the card (or bring the token into NFC range... how many people would put phone and token into the same pocket without a second thought?). Once the conditions necessary for an attacker to break GPG's built in private key security are met, the use of a smartcard is merely an inconvenience to an attacker. In both cases, the attacker must wait for the key to be unlocked to produce a legitimate signature and can then, having stolen the authentication token (passphrase or PIN) used to unlock the key, produce additional (illegitimate) signatures. The smartcard adds the minor inconvenience of having to wait for the user to insert the card, but this does not actually raise the bar for a successful attack, which is the forging of at least one signature, after which the key must be revoked. Note that assuring the integrity of the device at all times that the card is connected generalizes to "at all times the key is used" for the GPG built in security case. (If the integrity of the device is assured, then there can be no malware waiting to steal the passphrase and store it for later.) If this condition is met, no attack can succeed in either case. If this condition is not met, Mallory will eventually be able to forge a signature. Therefore, smartcards do not actually provide additional security in the typical PGP usage. Where smartcards are useful is protocols that require an untrusted or marginally trusted device that does not belong to the user to be able to produce a signature with the user's key for a short period of time but not afterwards. Modern payment card systems supposedly are an example of this, but the EMV protocol has several less-secure legacy modes that may or may not still be in use. (I do not know if the magstripe emulation mode has actually been phased out, for example.) >> [...] >> >> That is ignoring the additional risk that few if any smartcards use Free >> firmware, and are, by design, nearly impossible to verify. A secret >> backdoor on the smartcard cannot be categorically ruled out, although such a >> violation of trust would be expected to effectively remove the card's >> manufacturer from the market should it come to light. >> > > nitrokey publishes its card firmware and it can be updated and > independently audited. > There is also the OpenPGP card. IIRC the firmware is also available. > > Yubikey does not publish the key firmware but they have an independent > auditing process in place IIRC. > Those are improvements in the field since I had last checked, although those are still two suppliers out of an entire industry. Thank you for that information. -- Jacob From wk at gnupg.org Wed Nov 15 11:03:08 2023 From: wk at gnupg.org (Werner Koch) Date: Wed, 15 Nov 2023 11:03:08 +0100 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <65543257.4000905@gmail.com> (Jacob Bachmeyer via Gnupg-users's message of "Tue, 14 Nov 2023 20:52:07 -0600") References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <87pm0dq3jo.fsf@brilhante.top> <6552F634.7050705@gmail.com> <65543257.4000905@gmail.com> Message-ID: <87cywbgwpv.fsf@jacob.g10code.de> On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said: > succeed in either case. If this condition is not met, Mallory will > eventually be able to forge a signature. Therefore, smartcards do not > actually provide additional security in the typical PGP usage. In all environments you have the advantage that you don't need to re-deploy your public keys after a compromise of your signing box. Sure, there are signatures on software/data out there which are not legitimate but this is not different from the easier attack of modifying the software/data before doing the signature. Further, by inserting the smartcard only when required you limit the exposure time of the key and hinder attackers to do a lot of illegitimate signatures or decryption. The OpenPGP cards feature a signature counter which can give you a hint on whether it was used by something else than you. It is not a perfect solution but raises the hurdle for the attacker. By using the smartcard on different machines you can even avoid malware which fakes the displaying of the signature counter. For a policy POV having the key material securely locked away is also an advantage - even if the data can be decrypted/signed using a smartcard by malware. The security of the key material and the ability to use the key material are different topics in a security policy. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From jcb62281 at gmail.com Thu Nov 16 06:18:40 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Wed, 15 Nov 2023 23:18:40 -0600 Subject: gnupg 'signing server'? Looking for advice on key management/security In-Reply-To: <87cywbgwpv.fsf@jacob.g10code.de> References: <4a79afa9-5c28-4b78-812a-7070145efbbb@weldingengineering.com> <87a5rird4n.fsf@brilhante.top> <65518002.5050809@gmail.com> <87pm0dq3jo.fsf@brilhante.top> <6552F634.7050705@gmail.com> <65543257.4000905@gmail.com> <87cywbgwpv.fsf@jacob.g10code.de> Message-ID: <6555A630.7020103@gmail.com> Werner Koch wrote: > On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said: > >> succeed in either case. If this condition is not met, Mallory will >> eventually be able to forge a signature. Therefore, smartcards do not >> actually provide additional security in the typical PGP usage. >> > > In all environments you have the advantage that you don't need to > re-deploy your public keys after a compromise of your signing box. > Sure, there are signatures on software/data out there which are not > legitimate but this is not different from the easier attack of modifying > the software/data before doing the signature. > This can vary with policy; I consider the known existence of an illegitimate signature to require the revocation of the signing key. The easier attack you mention requires the same condition as breaking GPG's built in security or abusing the user's smartcard: Mallory must plant persistent malware on the device that would have an opportunity to modify the item to be signed before GPG reads it and builds the signature. > Further, by inserting the smartcard only when required you limit the > exposure time of the key and hinder attackers to do a lot of > illegitimate signatures or decryption. > Yes; that is the "physical isolation" I mentioned as a further layer of security. > The OpenPGP cards feature a signature counter which can give you a hint > on whether it was used by something else than you. It is not a perfect > solution but raises the hurdle for the attacker. By using the smartcard > on different machines you can even avoid malware which fakes the > displaying of the signature counter. > The convenience of easily using multiple machines is one of the use cases for smartcards. While I do not believe that it further /increases/ security, using a smartcard if keys are used on multiple machines certainly /preserves/ security while increasing convenience. On a related note, the easier attack you mention of modifying the item to be signed would evade checks of the signature counter, since only the authorized signing event occurred, but the item signed had been tampered and was not the item the user intended to sign. > For a policy POV having the key material securely locked away is also an > advantage - even if the data can be decrypted/signed using a smartcard > by malware. The security of the key material and the ability to use the > key material are different topics in a security policy. Fair enough, although in my security model, the ability for an attacker to use the key material is the critical failure; insecurity of the key material implies that failure but the illegitimate use is the problem. -- Jacob From herbert at gojira.at Thu Nov 16 11:55:54 2023 From: herbert at gojira.at (Herbert J. Skuhra) Date: Thu, 16 Nov 2023 11:55:54 +0100 Subject: epg-encrypt-string in Emacs seems to be incompatible with GnuPG 2.4.1 on macOS, 2.4.0 works In-Reply-To: References: Message-ID: <87r0kqx8zp.wl-herbert@gojira.at> On Sat, 20 May 2023 02:38:15 +0200, Robert Irelan wrote: > > I'm not sure what info will be most useful for debugging this, but the > `epg-encrypt-string` function seems not to work with GnuPG 2.4.1 on > macOS, while GnuPG 2.4.0 works (both on x86_64, macOS 13.3.1, Macports > used to install both). > > This is the command line that seems to hang with 2.4.1: > > ``` > /opt/local/bin/gpg2 --no-tty --status-fd 1 --yes > --enable-progress-filter --command-fd 0 --output > /var/folders/gc/73c5zcp918z9dssx8k1sybh00000gn/T/epg-output2zVC4K > --pinentry-mode ask --decrypt -- > /var/folders/gc/73c5zcp918z9dssx8k1sybh00000gn/T/epg-inputMnF1UG > ``` > > No settings in common.conf, gpg-agent.conf, or gpg.conf seem to affect > this hanging command. Let me know what info I can provide to help > debug this further This issue (bug id: T6481) is obviously fixed on master (commit 2f872fa68c6576724b9dabee9fb0844266f55d0d): https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2f872fa68c6576724b9dabee9fb0844266f55d0d Will this be merged to STABLE-BRANCH-2-4 and part of the next release (2.4.4?)? Thanks. -- Herbert From gniibe at fsij.org Fri Nov 17 00:44:45 2023 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 17 Nov 2023 08:44:45 +0900 Subject: epg-encrypt-string in Emacs seems to be incompatible with GnuPG 2.4.1 on macOS, 2.4.0 works In-Reply-To: <87r0kqx8zp.wl-herbert@gojira.at> References: <87r0kqx8zp.wl-herbert@gojira.at> Message-ID: <87wmuhfeky.fsf@akagi.fsij.org> Hello, I'm sorry that I didn't have time yesterday. "Herbert J. Skuhra" wrote: > This issue (bug id: T6481) is obviously fixed on master (commit > 2f872fa68c6576724b9dabee9fb0844266f55d0d): > > https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2f872fa68c6576724b9dabee9fb0844266f55d0d > > Will this be merged to STABLE-BRANCH-2-4 and part of the next release > (2.4.4?)? Yes. It's pushed now. If you see any regressions due to this patch, please let us know. -- From felix.klee at inka.de Mon Nov 20 09:24:32 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Mon, 20 Nov 2023 16:24:32 +0800 Subject: Cannot export SSH public key Message-ID: I added an authentication key to my existing key . $ gpg --edit-key --expert yubikey at f76.eu > addkey I selected: 8: RSA (set your own capabilities) S: disable sign capability E: disable encrypt capability A: enable authenticate capability 4096: key size 0: expiry (never) However, I cannot export it for SSH: $ gpg --list-keys --keyid-format SHORT yubikey at f76.eu pub rsa4096/1B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/FBA5B1E5 2023-11-20 [A] $ gpg --export-ssh-key FBA5B1E5 gpg: key "FBA5B1E5" not found: Unusable public key gpg: export as ssh key failed: Unusable public key GnuPG version: $ gpg --version gpg (GnuPG) 2.2.27 libgcrypt 1.9.4 Copyright (C) 2021 Free Software Foundation, Inc. License GNU GPL-3.0-or-later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/felix/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 What?s wrong here? From kloecker at kde.org Mon Nov 20 17:36:29 2023 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Mon, 20 Nov 2023 17:36:29 +0100 Subject: Cannot export SSH public key In-Reply-To: References: Message-ID: <12329793.O9o76ZdvQC@daneel> On Montag, 20. November 2023 09:24:32 CET Felix E. Klee wrote: > $ gpg --list-keys --keyid-format SHORT yubikey at f76.eu > pub rsa4096/1B6ED589 2023-06-29 [SC] > 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 > uid [ultimate] Felix E. Klee (YubiKey) > sub rsa4096/D2E31736 2023-06-29 [E] > sub rsa4096/FBA5B1E5 2023-11-20 [A] > > $ gpg --export-ssh-key FBA5B1E5 > gpg: key "FBA5B1E5" not found: Unusable public key > gpg: export as ssh key failed: Unusable public key Try $ gpg --export-ssh-key FBA5B1E5! (note the exclamation mark which indicates a subkey to gpg) or $ gpg --export-ssh-key 1B6ED589 (which makes gpg export the latest valid subkey which has an authentication capability) Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From alec at alec.pl Tue Nov 21 12:05:39 2023 From: alec at alec.pl (Aleksander Machniak) Date: Tue, 21 Nov 2023 12:05:39 +0100 Subject: NO_SECKEY difference between 2.2 and 2.3 Message-ID: <9564dbe1-059d-4084-a9c0-15a46141e61c@alec.pl> I just noticed a difference on how NO_SECKEY status is used between 2.2.x and 2.3.3. When I do --decrypt on an encrypted email message (having only recipient's private+public key in the keyring): - v2.2 outputs one NO_SECKEY line referring the recipient's key - v2.3 outputs two NO_SECKEY lines referring both recipient's and sender's keys. Is this expected behavior change? -- Aleksander Machniak Kolab Groupware Developer [https://kolab.org] Roundcube Webmail Developer [https://roundcube.net] ---------------------------------------------------- PGP: 19359DC1 # Blog: https://kolabian.wordpress.com From kloecker at kde.org Tue Nov 21 14:59:44 2023 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Tue, 21 Nov 2023 14:59:44 +0100 Subject: NO_SECKEY difference between 2.2 and 2.3 In-Reply-To: <9564dbe1-059d-4084-a9c0-15a46141e61c@alec.pl> References: <9564dbe1-059d-4084-a9c0-15a46141e61c@alec.pl> Message-ID: <5733125.DvuYhMxLoT@daneel> On Dienstag, 21. November 2023 12:05:39 CET Aleksander Machniak wrote: > I just noticed a difference on how NO_SECKEY status is used between > 2.2.x and 2.3.3. > > When I do --decrypt on an encrypted email message (having only > recipient's private+public key in the keyring): > - v2.2 outputs one NO_SECKEY line referring the recipient's key Referring to the recipient's key? I understood that you do have the recipient's key but that you lack the sender's key. > - v2.3 outputs two NO_SECKEY lines referring both recipient's and > sender's keys. > > Is this expected behavior change? Maybe not, but 2.3.3 is more than 2 years old. Current is 2.4.3. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From alec at alec.pl Tue Nov 21 15:28:46 2023 From: alec at alec.pl (Aleksander Machniak) Date: Tue, 21 Nov 2023 15:28:46 +0100 Subject: NO_SECKEY difference between 2.2 and 2.3 In-Reply-To: <5733125.DvuYhMxLoT@daneel> References: <9564dbe1-059d-4084-a9c0-15a46141e61c@alec.pl> <5733125.DvuYhMxLoT@daneel> Message-ID: On 21.11.2023 14:59, Ingo Kl?cker wrote: >> When I do --decrypt on an encrypted email message (having only >> recipient's private+public key in the keyring): >> - v2.2 outputs one NO_SECKEY line referring the recipient's key > > Referring to the recipient's key? I understood that you do have the > recipient's key but that you lack the sender's key. Yes, that's right. I don't need a sender's key to decrypt a message. >> - v2.3 outputs two NO_SECKEY lines referring both recipient's and >> sender's keys. >> >> Is this expected behavior change? > > Maybe not, but 2.3.3 is more than 2 years old. Current is 2.4.3. That's what I have on Alma Linux 9 by default. I'll take a look for an update. -- Aleksander Machniak Kolab Groupware Developer [https://kolab.org] Roundcube Webmail Developer [https://roundcube.net] ---------------------------------------------------- PGP: 19359DC1 # Blog: https://kolabian.wordpress.com From bernhard at intevation.de Wed Nov 22 09:18:11 2023 From: bernhard at intevation.de (Bernhard Reiter) Date: Wed, 22 Nov 2023 09:18:11 +0100 Subject: NO_SECKEY difference between 2.2 and 2.3 In-Reply-To: References: <9564dbe1-059d-4084-a9c0-15a46141e61c@alec.pl> <5733125.DvuYhMxLoT@daneel> Message-ID: <202311220918.11512.bernhard@intevation.de> Am Dienstag 21 November 2023 15:28:46 schrieb Aleksander Machniak: > >> - v2.3 outputs two NO_SECKEY lines referring both recipient's and > >> sender's keys. Potentially the sender has encrypted the message for themselves, this would explain why there are two potential decryption keys that you both do not have. Try an additional -v to see more about the message structure. Maybe v2.3 is just more informative here. -- https://intevation.de/~bernhard ? +49 541 33 508 3-3 Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: This is a digitally signed message part. URL: From felix.klee at inka.de Wed Nov 22 12:39:30 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Wed, 22 Nov 2023 19:39:30 +0800 Subject: Cannot export SSH public key In-Reply-To: <12329793.O9o76ZdvQC@daneel> References: <12329793.O9o76ZdvQC@daneel> Message-ID: On Tue, Nov 21, 2023 at 12:38?AM Ingo Kl?cker wrote: > $ gpg --export-ssh-key 1B6ED589 Thanks, this worked! I then added the key on the remote system to: ~/.ssh/authorized_keys However, I could not log in. SSH reports: Permission denied (publickey). I then tried exporting the key using `ssh-add`: ssh-add -L >~/.ssh/id_rsa.pub If I add this key to `authorized_keys`, I can log in, after unlocking my Yubikey with a PIN. Great! Or not, read on. Now it gets a bit weird: Apparently the key exported by `ssh-add` is not tied to my authentication key! I noticed this because I replaced the authentication key. They key exported by `ssh-add` did not change. I can still log in using that key. So I assume that key is based on the my signature key `1B6ED589`: $ gpg --list-keys --keyid-format SHORT yubikey at f76.eu pub rsa4096/1B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make that work? From wk at gnupg.org Wed Nov 22 13:57:03 2023 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Nov 2023 13:57:03 +0100 Subject: Cannot export SSH public key In-Reply-To: (Felix E. Klee's message of "Wed, 22 Nov 2023 19:39:30 +0800") References: <12329793.O9o76ZdvQC@daneel> Message-ID: <874jhedjz4.fsf@jacob.g10code.de> On Wed, 22 Nov 2023 19:39, Felix E. Klee said: > However, I could not log in. SSH reports: > > Permission denied (publickey). You need to make sure that the gpg-agent is running and the SSH_AUTH_SOCK envvar is set correctly. Here is the snippet from by ~/.bashrc --8<---------------cut here---------------start------------->8--- # Setup information required by GnuPG and ssh. We use the # standard socket in GnuPG's homedir, thus there is no need for an # environment variable. We reset any left over envvar. # SSH_AGENT_PID should not be set either because it is only used # to kill ssh-agent (option -k) but we don't want this to kill # gpg-agent. Because ssh does not know about GnuPG's homedir we # need to set its envvar to the standard gpg-agent. GPG_TTY needs # to be set to the current TTY. The extra test is used to avoid # setting SSH_AUTH_SOCK if gpg-agent has been started with a # shell on the command line (often used for testing). unset GPG_AGENT_INFO unset SSH_AGENT_PID if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" fi export GPG_TTY=$(tty) --8<---------------cut here---------------end--------------->8--- In case you are switching to a different X server etc, you may need to run gpg-connect-agent updatestartuptty /bye once. This will also make sure that the agent is launched. Although gpg-agent by default creates the socket for the ssh-agent protocol, some distros have a pecularity that they look into ~/.gnupg/gpg-agent.conf and check whether there is a "enable-ssh-support" option set. If not they don't set the envvar (as above) or do their necessary systemd stuff to create the socket. > I then tried exporting the key using `ssh-add`: > > ssh-add -L >~/.ssh/id_rsa.pub ssh-add should have connected to gpg-agent and exported the ssh public keys it knows. You don't need to put this into id_rsa.pub. I use > Now it gets a bit weird: Apparently the key exported by `ssh-add` is not > tied to my authentication key! I noticed this because I replaced the > authentication key. They key exported by `ssh-add` did not change. I can What is in your ~/.gnupg/sshcontrol file? It should list the keygrips of the keys to be used for ssh. gpg -k --with-keygrip yubikey at f76.eu Instead of putting this into sshcontrol you may also put them into the private-keys-v1.d/.key file with a line: Use-for-ssh: yes FWIW, you may also use Label: My pink token to have a nicer prompt. > Should I better use the authentication key exported by GPG for SSH? But > how to make that work? gpg --export-ssh-key Adds a comment with the keyid - is that one correct? Does it match what you see with ssh-add -L (or ssh-add -l)? Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: openpgp-digital-signature.asc Type: application/pgp-signature Size: 247 bytes Desc: not available URL: From felix at f76.eu Wed Nov 22 09:17:44 2023 From: felix at f76.eu (Felix E. Klee) Date: Wed, 22 Nov 2023 16:17:44 +0800 Subject: Cannot export SSH public key In-Reply-To: <12329793.O9o76ZdvQC@daneel> References: <12329793.O9o76ZdvQC@daneel> Message-ID: On Tue, Nov 21, 2023 at 12:38?AM Ingo Kl?cker wrote: > $ gpg --export-ssh-key 1B6ED589 Thanks, this worked! I then added the key on the remote system to: ~/.ssh/authorized_keys However, I could not log in. SSH reports: Permission denied (publickey). I then tried exporting the key using `ssh-add`: ssh-add -L >~/.ssh/id_rsa.pub If I add this key to `authorized_keys`, I can log in, after unlocking my Yubikey with a PIN. Great! Or not, read on. Now it gets a bit weird: Apparently the key exported by `ssh-add` is not tied to my authentication key! I noticed this because I replaced the authentication key. They key exported by `ssh-add` did not change. I can still log in using that key. So I assume that key is based on the my signature key `1B6ED589`: $ gpg --list-keys --keyid-format SHORT yubikey at f76.eu pub rsa4096/1B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/D2E31736 2023-06-29 [E] sub rsa4096/877CC64B 2023-11-22 [A] Should I better use the authentication key exported by GPG for SSH? But how to make that work? From felix.klee at inka.de Thu Nov 23 03:17:04 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Thu, 23 Nov 2023 10:17:04 +0800 Subject: Cannot export SSH public key In-Reply-To: <874jhedjz4.fsf@jacob.g10code.de> References: <12329793.O9o76ZdvQC@daneel> <874jhedjz4.fsf@jacob.g10code.de> Message-ID: On Wed, Nov 22, 2023 at 8:57?PM Werner Koch wrote: > Here is the snippet from by ~/.bashrc I have a similar config. Thank you for the detailed explanation! Only the following line does not work right after autologin (default with Ubuntu / WSL2), seems like something is not ready yet. gpg-connect-agent updatestartuptty /bye > What is in your ~/.gnupg/sshcontrol file? It?s empty, with only comments at the top. I left it that way, and proceeded as follows: > Instead of putting this into sshcontrol you may also put them into the > private-keys-v1.d/.key file with a line: > > Use-for-ssh: yes I added that to 0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key, which is my master key. But it still doesn?t work, see below. Should I add a file with the authentication key instead? > gpg --export-ssh-key > > Adds a comment with the keyid - is that one correct? Does it match what > you see with > > ssh-add -L Output: $ gpg -k --with-keygrip yubikey at f76.eu pub rsa4096 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096 2023-06-29 [E] Keygrip = 07D6164F019D2EDF59C650992CF93776B2DD17F2 sub rsa4096 2023-11-22 [A] Keygrip = 9C67E5BBB72EF0BF2625792F8F134CE4FD961FF5 $ gpg --export-ssh-key yubikey at f76.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1jJSXxnM4iR3F16Yd5FEjrOo6sbGF rkvVVoqUt9iyL5Z+Lz1ElpyUoKcGRRtU8NNueI8RpJT7ipIxubMiefDHVU7FRhk809jQ vlTu8YDezdIZ0BWJ3W9+CCCQkD9JNmr5LsUnqD5KKUP4v0rwN6zLsXARGjpv1Jj61vJe o3+B9CGpe8cIFvbdVw7QEi5t1hW9ghRrHDREXhIYkc51rzK4htBBdlX7E4yFuiuPZC/2 Q2lUelBrHP+bwgC+GzliHUIseuGAGEpSjJadtuSC2gUZbgv7PN6jM7WzaSdJ22spoFlP XoIimu4hSOpEgK/txOuB+ge3MrpXEQPYW1tN0nD1RZF39uGbGdQrk9s6MARbZ+1APTJh H6oi9fPfOp7EEkmZsm1ojwGoIN+RoYQ23KMVqI915SNn5CaRySQNenVyAJ7Skl2Q3bdK ENW7lkGFXZ/DxpA8dQITZGBJEGhVppj2Pfp4uANDcdqUUGCN3i0srmkb7XaNn3U9qyIB KEgnFupkNfMVB48AQu1PYxoEoO/zIyTVlPn0iSAl64zA27u5RXlikEbx0ePvPSYuMTL4 ZaDk2vNvKNmPvXBi6dZvXIPx2ROrqBrLMNx19EHDVSSVT+R3Qf1f/4TwRdHPb6ZliSFv FF6eygY40y5whHNy7Q8zxrj5Py56Cp+Alus3jr6UNw== openpgp:0x877CC64B $ ssh-add -L ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpsX4nQnLh3SJDdIDkdX0DFY4c2uFu 6QJRPrXyub32Ae5SX+3rQnhj/7U8PGFG5LbRT8NVHMyxmoXAHda3wZ1Za3mTC8oWUPSz dIlSgB7HrVNvmP0fvk0b1V9BOkBJrV6RMMNLEssiD9PCiI95z1+uEbxr9tZAJO/lDYnU jhEK6PykBhQiJISHpWnWmE0qj+84wQ+/cEPJYnt4tgqLuFH+COFGBVuN6DDi6ubbDlCy 693UqQjWSNi1A34JmUKFOw5Kt0It3Qj3nNVdm8/hRiVZ84qPVbF1Vvp0gZ9k1sFg+3O9 LZYo0vZ73gLMx6AjO1A+Cqcef/e6O+aT+CVgINQ6oaDMyKtHkD7caflg8nPrmiVASxTe nn51W3Uiu1wksrtEH2HCUcLXpMWKNTjjwpUUTSmMy4m069K5SENsjzsMsHiN2cTxdNu5 CufP1Q3XtGI4VCdW5ql0vgZMCPHIuXHLyFpz9scc2I68B8YnoMzzH0CDyLpjudBRlup+ BZD1g2xlCWB9f+43Oy+Ibf5wAW8/gjk5ly6fhQwB712GTHXNKpPl2ymXgtP2v0K48TE7 OsIfR0sBk2LbwuXr2tLB1WYgrNYs8YY83u/HC6RWHskrcIRq75ahcdeTu8Ukdz1VhAdL sk25F529lMjW0CgshB9xvFxCwFzcGMmHniuMjoFN6Q== cardno:18 698 015 $ ssh-add -l 4096 SHA256:Pun8mwtl04HFOK8Z1LbCRZ/oQLgZDpkgNHU5/E1MM8I cardno:18 69 8 015 (RSA) As you see, the public keys are different. `ssh-add -L` does not add the key ID. So I?ve no idea what is going on. The key exported by `ssh-add -L` works. I get asked for the PIN, the Yubikey blinks, and then I?m in: $ ssh user at example.com [user at example ~]$ The key exported by `gpg --export-ssh-key yubikey at f76.eu` does not work: $ ssh user at example.com user at example.com: Permission denied (publickey). As it works with the key exported with `ssh-add -L`, maybe I should not complain. However what confuses me is that the output of `ssh-add -L` does not change after I replaced the authentication subkey. Can you explain why the output of `ssh-add -L` did not change? Also why is it not the same as the output from `gpg --export-ssh-key yubikey at f76.eu`? (Background: I replaced the authentication subkey because the first time I added it, I forgot to make a backup of the updated secret key.) From verbuecheln at posteo.de Thu Nov 23 07:19:37 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Thu, 23 Nov 2023 06:19:37 +0000 Subject: Cannot export SSH public key In-Reply-To: References: <12329793.O9o76ZdvQC@daneel> <874jhedjz4.fsf@jacob.g10code.de> Message-ID: <2f37ba49338c0858e9dfbb6f8396d202d2091ac0.camel@posteo.de> Another convenient way is to use ?~/.config/ssh?. This allows different configurations per host without changing your global environment. Example: Host gitlab.com HostName gitlab.com User git IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From dan.list at brilhante.top Thu Nov 23 22:09:23 2023 From: dan.list at brilhante.top (Daniel Cerqueira) Date: Thu, 23 Nov 2023 21:09:23 +0000 Subject: Learning about authentication Message-ID: <87msv42n3w.fsf@brilhante.top> I want to know a bit, on how authentication and authorization works in GnuPG. I know that for encryption, GnuPG creates a session key with the public key, that is then used with symmetric encryption. For decryption, the private key is used to recover that session key, in which then, the ciphertext get's symmetrically decrypted, using that session key. I know that for signing, a hash of the content is produced, that, afterwards, gets encrypted with the private key. For verification, the public key is used to recover the original hash, and then that gets compared with the content hashing. I don't understand how authentication and authorization works. Can someone clarify this for me? Thanks. From felix.klee at inka.de Fri Nov 24 09:09:29 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Fri, 24 Nov 2023 16:09:29 +0800 Subject: Cannot export SSH public key In-Reply-To: <2f37ba49338c0858e9dfbb6f8396d202d2091ac0.camel@posteo.de> References: <12329793.O9o76ZdvQC@daneel> <874jhedjz4.fsf@jacob.g10code.de> <2f37ba49338c0858e9dfbb6f8396d202d2091ac0.camel@posteo.de> Message-ID: On Thu, Nov 23, 2023 at 2:19?PM Stephan Verb?cheln via Gnupg-users wrote: > Host gitlab.com > HostName gitlab.com > User git > IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh Thanks, that works. Even the variable is expanded. In addition, I need: gpg-connect-agent updatestartuptty /bye From gniibe at fsij.org Sat Nov 25 02:19:39 2023 From: gniibe at fsij.org (NIIBE Yutaka) Date: Sat, 25 Nov 2023 10:19:39 +0900 Subject: Learning about authentication In-Reply-To: <87msv42n3w.fsf@brilhante.top> References: <87msv42n3w.fsf@brilhante.top> Message-ID: <87a5r2634k.fsf@akagi.fsij.org> Hello, Daniel Cerqueira wrote: > I want to know a bit, on how authentication and authorization works in > GnuPG. Do you mean authentication subkey in GnuPG? It's basically user-defined; It's up to user how it is used. Usually, it means use with OpenSSH. For example, I have an authentication subkey as my OpenPGP key. I use it with GnuPG, when I accesss git repo with OpenSSH. SSH authentication is done by OpenSSH and ssh-agent emulation of gpg-agent. It means that the key is under control of GnuPG, actually. (Other possible use case is use with Scute for X.509 client certificate authentication, together with Web browser. This is not that common/popular, though.) FYI, I wrote this ten years ago: Using GPG's authentication key for SSH access: https://www.gniibe.org/memo/software/ssh/using-gpgkey-for-ssh.html Hope this helps, -- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: not available URL: From rjmx at rjmx.net Sat Nov 25 04:15:28 2023 From: rjmx at rjmx.net (Ron Murray) Date: Sat, 25 Nov 2023 03:15:28 +0000 Subject: Problems with [Q]GpgME and Qt6 Message-ID: <80ce2a923d8e6.ef451379bc9b@rjmx.net> (Crossposting to Qt Forum) I have an app that works fine in Qt5. I use QGpgME to encrypt/decrypt messages and handle key usage. I'm trying to upgrade the app to Qt6, and, naturally, expected problems, but this one beats me. Here, for example, is the code I use to retrieve my secret key list: QGpgME::KeyListJob *job = QGpgME::openpgp()->keyListJob(false, false, false); // Prepare result vector std::vector keys; // Execute it synchronously GpgME::KeyListResult result = job->exec(QStringList() << QStringLiteral(""), // No pattern: get all true, keys); // Only secret keys delete job; Now, this is straight out of the "t-keylist.cpp" test file that comes with the GpgME source. It works perfectly well under Qt5. but under Qt6, it segfaults at the "job->exec" line. Anyone have a clue why it crashes under Qt6? Thanks, -- Ron Murray > PGP Fingerprint: 4D99 70E3 2317 334B 141E 7B63 12F7 E865 B5E2 E761 -------------- next part -------------- An HTML attachment was scrubbed... URL: From t.schneider at getgoogleoff.me Sat Nov 25 10:02:22 2023 From: t.schneider at getgoogleoff.me (Thomas) Date: Sat, 25 Nov 2023 10:02:22 +0100 Subject: No SSH public key authentication using smartcard Message-ID: Hello, I'm trying to configure a solution for this use case: SSH??? ??? ??? ??? ? SSH Client??? ??? ??? ??? ---->??? Jumphost??? ---->??? Server (Windows 11)??? ??? ???? ????? (Linux)?? ??? ??? ?? (Linux) I connect a Nitrokey security-token (that is comparable to Yubikey) with OpenPGP keys to my client. And I want to use this Nitrokey for SSH login to remote servers. For this I installed GPG4Win on my client and configured file gpg-agent.conf: enable-ssh-support To Enable support for PuTTY enable-putty-support To Enable support for the native Microsoft OpenSSH binaries (requires gpg 2.4.0 / Gpg4win 4.1.0 or higher) enable-win32-openssh-support use-standard-socket default-cache-ttl 600 max-cache-ttl 7200 Then I? (re-) start the gpg-agent and try to SSH into the Jumphost using command ssh in Windows PowerShell. Here I get a popup window where I must enter the PIN previously set on Nitrokey. After this I'm connected to the jumphost (Linux). Now I want to connect to the server using command ssh , however I need to enter a password. This means public key authentication fails. And I think this fails because SSH agent forwarding is not working. Can you please advise how to SSH agent forwarding in my setup correctly? THX Thomas From verbuecheln at posteo.de Sat Nov 25 12:30:45 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Sat, 25 Nov 2023 11:30:45 +0000 Subject: No SSH public key authentication using smartcard In-Reply-To: References: Message-ID: Coincidentally, I have a similar setup. Fortunately, you do *not* need Agent Forwarding for authentication via jump hosts. The entry for your host (in ?~/.ssh/config?) for this host should look something like this: Host myalias HostName myserver.com ProxyJump jumpserver.net IdentityAgent %d/.gnupg/S.gpg-agent.ssh There may be some Windows-specific pitfalls. Perhaps you have to be careful with the line breaks (Unix versus Windows convention) in the configuration files. Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From t.schneider at disroot.org Sat Nov 25 13:24:31 2023 From: t.schneider at disroot.org (Thomas Schneider) Date: Sat, 25 Nov 2023 13:24:31 +0100 Subject: No SSH public key authentication using smartcard In-Reply-To: References: Message-ID: <20f04abb-9a6f-49e1-9a23-d2da18ff8053@disroot.org> Hello Stephan, thanks for your reply. When you say I should modify ~/.ssh/config, where is this file? On jumphost? Actually I have a working setup on Windows 10, but here I use another terminal emulator: MobaXterm. And in the settings of MobaXterm I enabled SSH forwarding. As of now I don't want to continue using MobaXterm on Windows 11, but using Windows Terminal. THX Am 25.11.23 um 12:30 schrieb Stephan Verb?cheln via Gnupg-users: > Coincidentally, I have a similar setup. Fortunately, you do *not* need > Agent Forwarding for authentication via jump hosts. > > The entry for your host (in ?~/.ssh/config?) for this host should look > something like this: > > Host myalias > HostName myserver.com > ProxyJump jumpserver.net > IdentityAgent %d/.gnupg/S.gpg-agent.ssh > > There may be some Windows-specific pitfalls. Perhaps you have to be > careful with the line breaks (Unix versus Windows convention) in the > configuration files. > > Regards > Stephan > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnupg-users From t.schneider at getgoogleoff.me Sat Nov 25 19:31:15 2023 From: t.schneider at getgoogleoff.me (Thomas) Date: Sat, 25 Nov 2023 19:31:15 +0100 Subject: No SSH public key authentication using smartcard In-Reply-To: References: Message-ID: Hello Stephan, thanks for your reply. When you say I should modify ~/.ssh/config, where is this file? On jumphost? Actually I have a working setup on Windows 10, but here I use another terminal emulator: MobaXterm. And in the settings of MobaXterm I enabled SSH forwarding. As of now I don't want to continue using MobaXterm on Windows 11, but using Windows Terminal. THX Am 25.11.23 um 12:30 schrieb Stephan Verb?cheln via Gnupg-users: > Coincidentally, I have a similar setup. Fortunately, you do *not* need > Agent Forwarding for authentication via jump hosts. > > The entry for your host (in ?~/.ssh/config?) for this host should look > something like this: > > Host myalias > HostName myserver.com > ProxyJump jumpserver.net > IdentityAgent %d/.gnupg/S.gpg-agent.ssh > > There may be some Windows-specific pitfalls. Perhaps you have to be > careful with the line breaks (Unix versus Windows convention) in the > configuration files. > > Regards > Stephan > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnupg-users From kloecker at kde.org Sat Nov 25 20:54:57 2023 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Sat, 25 Nov 2023 20:54:57 +0100 Subject: Problems with [Q]GpgME and Qt6 In-Reply-To: <80ce2a923d8e6.ef451379bc9b@rjmx.net> References: <80ce2a923d8e6.ef451379bc9b@rjmx.net> Message-ID: <5735251.DvuYhMxLoT@daneel> On Samstag, 25. November 2023 04:15:28 CET Ron Murray via Gnupg-users wrote: > Here, for example, is the code I use to retrieve my secret key list: > QGpgME::KeyListJob *job = QGpgME::openpgp()->keyListJob(false, false, > false); > // Prepare result vector > std::vector keys; > // Execute it synchronously > GpgME::KeyListResult result = job->exec(QStringList() << > QStringLiteral(""), // No pattern: get all > true, keys); // Only secret keys > delete job; > Now, this is straight out of the "t-keylist.cpp" test file that comes with > the GpgME source. It works perfectly well under Qt5. but under Qt6, it > segfaults at the "job->exec" line. > Anyone have a clue why it crashes under Qt6? I cannot reproduce this on openSUSE Tumbleweed with Qt 6.6.0. I changed the `job->exec` call in t-keylist.cpp as above. This makes the test fail (because the assertion is no longer true), but it doesn't crash. It would help if you'd give us a backtrace of the segfault. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From bernd at kr217.de Sat Nov 25 20:10:25 2023 From: bernd at kr217.de (Bernd Naumann) Date: Sat, 25 Nov 2023 20:10:25 +0100 Subject: No SSH public key authentication using smartcard In-Reply-To: <20f04abb-9a6f-49e1-9a23-d2da18ff8053@disroot.org> References: <20f04abb-9a6f-49e1-9a23-d2da18ff8053@disroot.org> Message-ID: <82dd1464-391b-4d79-b73a-84b347b86719@kr217.de> On 25.11.23 13:24, Thomas Schneider via Gnupg-users wrote: > Hello Stephan, > > thanks for your reply. > > When you say I should modify ~/.ssh/config, where is this file? > On jumphost? > > Actually I have a working setup on Windows 10, but here I use another > terminal emulator: MobaXterm. > And in the settings of MobaXterm I enabled SSH forwarding. > > As of now I don't want to continue using MobaXterm on Windows 11, but > using Windows Terminal. Hey Stephan, I can not answer where to find that file on windows, but the first hit with google: https://stackoverflow.com/a/56536275 You can also set these options directly on the command line: ``` ssh -o IdentityAgent='%d/.gnupg/S.gpg-agent.ssh' -o ProxyJump=jumpserver.example.net targethost.example.org ``` I'm not sure if you really have to set the IdentityAgent if your GPG and SSH Agent Socket is setup correctly... Do you see something with `ssh-add -L`? If yes, then you should not have a need to set IdentityAgent for a Host. (Only if you have multiple Agents or you have to specify it only for certain hosts etc etc but if its your only Agent and you have no special requirements, then just leave it out IF `ssh-add -L` shows you the key from your card.) Good luck, Bernd From t.schneider at getgoogleoff.me Mon Nov 27 14:43:50 2023 From: t.schneider at getgoogleoff.me (t.schneider at getgoogleoff.me) Date: Mon, 27 Nov 2023 14:43:50 +0100 Subject: No SSH public key authentication using smartcard In-Reply-To: References: Message-ID: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> Hello Stephan, thanks for your reply. When you say I should modify ~/.ssh/config, where is this file? On jumphost? Actually I have a working setup on Windows 10, but here I use another terminal emulator: MobaXterm. And in the settings of MobaXterm I enabled SSH forwarding. As of now I don't want to continue using MobaXterm on Windows 11, but using Windows Terminal. Please not that I have not installed git for windows [1] that includes tool "Git BASH"; I don't think that this additional terminal is required to use SSH. I can run ssh-add.exe -L in Windows PowerShell and get the correct SSH public key fetched from secure card. But once connected to jumphost, all SSH relevant information is unavailable. THX On 2023-11-25 12:30, Stephan Verb?cheln via Gnupg-users wrote: > Coincidentally, I have a similar setup. Fortunately, you do *not* need > Agent Forwarding for authentication via jump hosts. > > The entry for your host (in "~/.ssh/config") for this host should look > something like this: > > Host myalias > HostName myserver.com > ProxyJump jumpserver.net > IdentityAgent %d/.gnupg/S.gpg-agent.ssh > > There may be some Windows-specific pitfalls. Perhaps you have to be > careful with the line breaks (Unix versus Windows convention) in the > configuration files. > > Regards > Stephan > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > https://lists.gnupg.org/mailman/listinfo/gnupg-users Links: ------ [1] https://gitforwindows.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jcb62281 at gmail.com Tue Nov 28 03:53:38 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Mon, 27 Nov 2023 20:53:38 -0600 Subject: No SSH public key authentication using smartcard In-Reply-To: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> References: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> Message-ID: <65655632.5000906@gmail.com> Thomas via Gnupg-users wrote: > Hello Stephan, > > thanks for your reply. > > When you say I should modify ~/.ssh/config, where is this file? > On jumphost? You need to configure SSH agent forwarding on your client, which will provide access to your local SSH agent at the jumphost via the SSH connection between your client and the jumphost. Since you are using a Windows client, ~/.ssh/config may not be relevant to your configuration. -- Jacob From t.schneider at getgoogleoff.me Tue Nov 28 07:02:13 2023 From: t.schneider at getgoogleoff.me (Thomas) Date: Tue, 28 Nov 2023 07:02:13 +0100 Subject: No SSH public key authentication using smartcard In-Reply-To: <65655632.5000906@gmail.com> References: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> <65655632.5000906@gmail.com> Message-ID: <018eb198-8104-4ce8-be80-9d708d7684b6@getgoogleoff.me> Hi, this is exactly what I thought. However, there's no solution for it. Let me repeat my comments posted previously to get an overview what is working... Actually I have a working setup on Windows 10, but here I use another terminal emulator: MobaXterm. And in the settings of MobaXterm I enabled SSH forwarding. As of now I don't want to continue using MobaXterm on Windows 11, but using Windows Terminal. I can run ssh-add.exe -L in Windows PowerShell and get the correct SSH public key fetched from secure card. THX Am 28.11.23 um 03:53 schrieb Jacob Bachmeyer: > Thomas via Gnupg-users wrote: >> Hello Stephan, >> >> thanks for your reply. >> >> When you say I should modify ~/.ssh/config, where is this file? >> On jumphost? > > You need to configure SSH agent forwarding on your client, which will > provide access to your local SSH agent at the jumphost via the SSH > connection between your client and the jumphost.? Since you are using > a Windows client, ~/.ssh/config may not be relevant to your > configuration. > > > -- Jacob From felix.klee at inka.de Tue Nov 28 08:37:55 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Tue, 28 Nov 2023 15:37:55 +0800 Subject: Cannot export SSH public key In-Reply-To: References: <12329793.O9o76ZdvQC@daneel> <874jhedjz4.fsf@jacob.g10code.de> Message-ID: On Thu, Nov 23, 2023 at 10:17?AM Felix E. Klee wrote: > Can you explain why the output of `ssh-add -L` did not change? Also > why is it not the same as the output from `gpg --export-ssh-key > yubikey at f76.eu`? OK, I may have found the issue: $ grep -rl Use-for-ssh ~/.gnupg/private-keys-v1.d/* .gnupg/private-keys-v1.d/0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key That?s the key grip of the master key: $ gpg -k --with-keygrip yubikey at f76.eu pub rsa4096 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096 2023-06-29 [E] Keygrip = 07D6164F019D2EDF59C650992CF93776B2DD17F2 sub rsa4096 2023-11-22 [A] Keygrip = 9C67E5BBB72EF0BF2625792F8F134CE4FD961FF5 I don?t remember adding this, but I guess I did, maybe some months ago. Anyhow, now I removed `Use-for-ssh` from that key. I then added the keygrip of the authentication key to `~/.gnupg/sshcontrol`. However, that doesn?t work: $ ssh-add -l The agent has no identities. Only if I add the key grip of the master key to `~/.gnupg/sshcontrol`, then `ssh-add -l` is happy. But this seems wrong. I notice that the private key stub of the authentication sub key isn?t present in `~/.gnupg/private-keys-v1.d`: $ ls -1 ~/.gnupg/private-keys-v1.d/ 07D6164F019D2EDF59C650992CF93776B2DD17F2.key 0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key 250CD54A263D092C462509D83D034E4BAAF73311.key BB1D7402E4603D0C12512AB235B12FE1F4BD9667.key *How do I generate the private key stub for the authentication sub key?* `gpg --card-status` doesn?t do it. From felix.klee at inka.de Wed Nov 29 03:52:36 2023 From: felix.klee at inka.de (Felix E. Klee) Date: Wed, 29 Nov 2023 10:52:36 +0800 Subject: Cannot export SSH public key In-Reply-To: References: <12329793.O9o76ZdvQC@daneel> <874jhedjz4.fsf@jacob.g10code.de> Message-ID: So `gpg --card-status` imports [SC] and [E], but not [A]: $ rm ~/.gnupg/private-keys-v1.d/* $ ls -a1 ~/.gnupg/private-keys-v1.d/ . .. $ gpg --card-status [?] Signature key ....: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E D589 created ....: 2023-06-29 03:50:43 Encryption key....: DBBD 3239 D0F1 4326 808D FC8F 7CC0 2D68 D2E3 1736 created ....: 2023-06-29 03:50:43 Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E D589 created ....: 2023-06-29 03:50:43 [?] sec> rsa4096/1BE349D11B6ED589 created: 2023-06-29 expires: never card-no: 0006 18698016 ssb> rsa4096/7CC02D68D2E31736 created: 2023-06-29 expires: never card-no: 0006 18698016 ssb# rsa4096/32B106F6877CC64B created: 2023-11-22 expires: never $ gpg --list-keys --keyid-format LONG --with-keygrip yubikey at f76.eu pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 uid [ultimate] Felix E. Klee (YubiKey) sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] Keygrip = 07D6164F019D2EDF59C650992CF93776B2DD17F2 sub rsa4096/32B106F6877CC64B 2023-11-22 [A] Keygrip = 9C67E5BBB72EF0BF2625792F8F134CE4FD961FF5 $ ls -a1 ~/.gnupg/private-keys-v1.d/ . .. 07D6164F019D2EDF59C650992CF93776B2DD17F2.key 0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key To me it looks like [A] is on the Yubikey, as it should. *But how do I get the private key stub for [A] imported?* From jcb62281 at gmail.com Wed Nov 29 04:27:16 2023 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Tue, 28 Nov 2023 21:27:16 -0600 Subject: No SSH public key authentication using smartcard In-Reply-To: <018eb198-8104-4ce8-be80-9d708d7684b6@getgoogleoff.me> References: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> <65655632.5000906@gmail.com> <018eb198-8104-4ce8-be80-9d708d7684b6@getgoogleoff.me> Message-ID: <6566AF94.9040908@gmail.com> Thomas wrote: > Hi, > this is exactly what I thought. > However, there's no solution for it. > > Let me repeat my comments posted previously to get an overview what is > working... > Actually I have a working setup on Windows 10, but here I use another > terminal emulator: MobaXterm. > And in the settings of MobaXterm I enabled SSH forwarding. > As of now I don't want to continue using MobaXterm on Windows 11, but > using Windows Terminal. > I can run ssh-add.exe -L in Windows PowerShell and get the correct SSH > public key fetched from secure card. If you are using a Windows port of OpenSSH, try "ssh.exe -o ForwardAgent JUMPHOST" and see if that makes your local SSH agent available at the jumphost. As I do not use Windows, I do not know where that Windows port would expect to find its configuration file. -- Jacob From verbuecheln at posteo.de Wed Nov 29 07:01:32 2023 From: verbuecheln at posteo.de (Stephan =?ISO-8859-1?Q?Verb=FCcheln?=) Date: Wed, 29 Nov 2023 06:01:32 +0000 Subject: No SSH public key authentication using smartcard In-Reply-To: <65655632.5000906@gmail.com> References: <3d610625ec3cd58803caf586494ed6c9@getgoogleoff.me> <65655632.5000906@gmail.com> Message-ID: <35a805f57733934b7ac7847e8c78289ebe6a8c2f.camel@posteo.de> To my knowledge, no (explicit) agent forwarding is required for ProxyJump configurations. I am using the following configuration to access a LAN machine over the Internet. Both machines use the GnuPG key for authentication. Host rdeep HostName 192.168.1.151 ProxyJump verbuecheln.ch IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh This also works when the Internet connection is using IPv6 and the LAN connection is using IPv4. SSH takes care of these things transparently. Regards Stephan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: This is a digitally signed message part URL: From kloecker at kde.org Wed Nov 29 14:36:15 2023 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Wed, 29 Nov 2023 14:36:15 +0100 Subject: Cannot export SSH public key In-Reply-To: References: Message-ID: <4532235.LvFx2qVVIh@daneel> On Mittwoch, 29. November 2023 03:52:36 CET Felix E. Klee wrote: > So `gpg --card-status` imports [SC] and [E], but not [A]: > > $ rm ~/.gnupg/private-keys-v1.d/* > $ ls -a1 ~/.gnupg/private-keys-v1.d/ > . > .. > $ gpg --card-status > [?] > Signature key ....: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > created ....: 2023-06-29 03:50:43 > Encryption key....: DBBD 3239 D0F1 4326 808D FC8F 7CC0 2D68 D2E3 > 1736 > created ....: 2023-06-29 03:50:43 > Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > created ....: 2023-06-29 03:50:43 > [?] > sec> rsa4096/1BE349D11B6ED589 created: 2023-06-29 expires: never > card-no: 0006 18698016 > ssb> rsa4096/7CC02D68D2E31736 created: 2023-06-29 expires: never > card-no: 0006 18698016 > ssb# rsa4096/32B106F6877CC64B created: 2023-11-22 expires: never > $ gpg --list-keys --keyid-format LONG --with-keygrip yubikey at f76.eu > pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] > 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 > Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 > uid [ultimate] Felix E. Klee (YubiKey) > sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] > Keygrip = 07D6164F019D2EDF59C650992CF93776B2DD17F2 > sub rsa4096/32B106F6877CC64B 2023-11-22 [A] > Keygrip = 9C67E5BBB72EF0BF2625792F8F134CE4FD961FF5 > $ ls -a1 ~/.gnupg/private-keys-v1.d/ > . > .. > 07D6164F019D2EDF59C650992CF93776B2DD17F2.key > 0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key > > To me it looks like [A] is on the Yubikey, as it should. > > *But how do I get the private key stub for [A] imported?* If you compare the information for Signature key and Authentication key you'll notice that they are identical. Further, if you compare the information for Authentication key and the A subkey of you'll see that the key ID of the A subkey doesn't match the fingerprint of the Authentication key (which is logical because the Authentication key is identical to the SC key. Hint: Add --with-fingerprint (maybe twice) to --list-keys to see the fingerprints of the subkeys. I don't know how you did it, but it looks like you have overwritten the Authentication key on your Yubikey with the SC key. Or your Yubikey or gpg is seriously broken. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From csh at bluehome.net Tue Nov 28 20:15:10 2023 From: csh at bluehome.net (Caleb Herbert) Date: Tue, 28 Nov 2023 13:15:10 -0600 Subject: No pinentry but pinentry installed Message-ID: <35ccfa05-2eaf-b9cc-d04a-eea08ff10369@bluehome.net> OS: GNU Guix System caleb at miller ~? which pinentry /home/caleb/.guix-home/profile/bin/pinentry caleb at miller ~? cat ~/.gnupg/gpg-agent.conf ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????? ? File: /home/caleb/.gnupg/gpg-agent.conf ?????? ? Size: 191 B ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?? 1?? ? pinentry-program /gnu/store/rfy36kapnhx9djhxdi3a54x5p2n097xv-pinentry-gtk2-1.2.1/bin/pinentry-gtk-2 ?? 2?? ? default-cache-ttl 600 ?? 3?? ? max-cache-ttl 7200 ?? 4?? ? default-cache-ttl-ssh 1800 ?? 5?? ? max-cache-ttl-ssh 7200 ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? caleb at miller ~? gpg --export-secret-keys gpg: key 1D8491A90EAAF79C2C4703847BD4B05F950655F8: error receiving key from agent: No pinentry - skipped gpg: key 9759A4302192716BF627EB09F8FA778FF955FB20: error receiving key from agent: No pinentry - skipped gpg: key DE84748EB625295D3DA758528B0AAA3568A35C3C: error receiving key from agent: No pinentry - skipped gpg: WARNING: nothing exported caleb at miller ~? /gnu/stor/gnu/store/rfy36kapnhx9djhxdi3a54x5p2n097xv-pinentry-gtk2-1.2.1/bin/pinentry-gtk-2 (pinentry-gtk-2:4807): Gtk-WARNING **: 13:13:03.314: Unable to locate theme engine in module_path: "adwaita", (pinentry-gtk-2:4807): Gtk-WARNING **: 13:13:03.323: Unable to locate theme engine in module_path: "adwaita", OK Pleased to meet you ^C caleb at miller ~? From gniibe at fsij.org Thu Nov 30 03:22:57 2023 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 30 Nov 2023 11:22:57 +0900 Subject: No pinentry but pinentry installed In-Reply-To: <35ccfa05-2eaf-b9cc-d04a-eea08ff10369@bluehome.net> References: <35ccfa05-2eaf-b9cc-d04a-eea08ff10369@bluehome.net> Message-ID: <87a5qwrncu.fsf@akagi.fsij.org> Hello, Your configuration of pinentry-program is: Caleb Herbert wrote: > /gnu/store/rfy36kapnhx9djhxdi3a54x5p2n097xv-pinentry-gtk2-1.2.1/bin/pinentry-gtk-2 But what you tested in your command line is: > /gnu/stor/gnu/store/rfy36kapnhx9djhxdi3a54x5p2n097xv-pinentry-gtk2-1.2.1/bin/pinentry-gtk-2 Is it intended? I mean that there is "/gnu/stor" prefix in your command line. If you would like to test your configuration, it should be: /gnu/store/rfy36kapnhx9djhxdi3a54x5p2n097xv-pinentry-gtk2-1.2.1/bin/pinentry-gtk-2 (with no prefix of "/gnu/stor") --