patching GnuPG to shuddup was: Re: Signatures and GnuPG and PGP 6.8.X

Armin Hartinger armin@pctechware.com
Mon, 23 Oct 2000 12:26:40 -0700


The platform is actually FreeBSD. It's my webhost on which I just have a little useraccount. and
... I don't really follow what you are trying to say below.
Would going in into the C-source and just commenting out the offending message out - work?

Just wondering...

-Armin

Larry Rosenman wrote:


> On what platform? On Linux, I believe, the gpg binary needs to be
> setuid root. On UnixWare, add filepriv -f plock /path/to/gpg
>
> Larry
>
> * Armin Hartinger <armin@pctechware.com> [001023 13:58]:
> > How to patch gnupg to not complain? It messes up php-scripts of mine this way. (complaining
> > about insecure memory)
> > -Armin
> >
> > Caleb Land wrote:
> >
> > > Hello,
> > > I'm using GnuPG 1.0.4 (patched to not complain about
> > > deprecated algorithms), and a friend of mine is using the newest
> > > freeware PGP program (6.8.something). When I encrypt a file and sign
> > > it and send it to him, he can decrypt it, but his program reads that
> > > it is a bad signature.
> > > Now, I tried both attaching the file\ and using mutt to
> > > encrypt and sign it, and I tried doing:
> > >
> > > ---output---
> > >
> > > [caleb@deepthought caleb]$ gpg --armor --sign --recipient "Brian R. Boyce" --encrypt test.c
> > > gpg: Warning: using insecure memory!
> > >
> > > You need a passphrase to unlock the secret key for
> > > user: "Caleb Land (RedHatDude) <bokonon@rochester.rr.com>"
> > > 1024-bit DSA key, ID 29402314, created 2000-10-18
> > >
> > > ---/output---
> > >
> > > He can decrypt the file fine, but it reads that my signature
> > > is bad. I moved my private/public keypair to a windows box with the
> > > newest version of freeware PGP, and sent him a file which I encrypted
> > > and signed, and all went well. It both decrypted and the signature
> > > checked out okay.
> > > I hope that this is enough information. Unfortunately, I am
> > > fairly new to this stuff, so I don't understand it too well.
> > >
> > > One more thing: I get a message which I don't understand when
> > > I try to decrypt files sent by him to me:
> > >
> > > ---output---
> > >
> > > [caleb@deepthought caleb]$ gpg --decrypt DTF-802.pdf.asc > DTF-802.pdf
> > > gpg: Warning: using insecure memory!
> > >
> > > You need a passphrase to unlock the secret key for
> > > user: "Caleb Land (RedHatDude) <bokonon@rochester.rr.com>"
> > > 1024-bit ELG-E key, ID 0E85FED7, created 2000-10-18 (main key ID
> > > 29402314)
> > >
> > > gpg: encrypted with 3072-bit ELG-E key, ID AA4D2A27, created
> > > 2000-10-16
> > > "Brian R. Boyce <Veritas@rochester.rr.com>"
> > > gpg: no secret key for decryption available
> > > gpg: Signature made Mon Oct 23 12:09:06 2000 EDT using DSA key ID
> > > 752A64A7
> > > gpg: Good signature from "Brian R. Boyce <Veritas@rochester.rr.com>"
> > >
> > > ---/output---
> > >
> > > What does "gpg: no secret key for decryption available" mean?
> > > The file decrypts fine, but I have no idea what the error (warning or
> > > neither?) message means.
> > >
> > > --
> > > Sincerely,
> > > Caleb Land
> > > (bokonon@rochester.rr.com)
> > >
> > > --
> > > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> > > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
> >
> > --
> > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>
> --
> Larry Rosenman http://www.lerctr.org/~ler
> Phone: +1 972-414-9812 (voice) Internet: ler@lerctr.org
> US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
-- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org