From wk at gnupg.org Tue Sep 1 09:41:24 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 01 Sep 2015 09:41:24 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <2780603.DOCACNGTvR@esus> (Andre Heinecke's message of "Mon, 31 Aug 2015 21:01:20 +0200") References: <1892667.MoqmGU4duf@esus> <55E49C57.4060504@gmail.com> <2780603.DOCACNGTvR@esus> Message-ID: <87613ulh7f.fsf@vigenere.g10code.de> On Mon, 31 Aug 2015 21:01, aheinecke at intevation.de said: > I think you can't. I've already complained to Werner several times > that I find the aspect that only "Developers" or the original reporter > can add information to a bug report hurts bugs.g10code.com This is done for a reason: In the past we have seen automatically created spam accounts spamming existing bug reports. That is very annoying and thus we have the "Provisional User" role. I usually grant full user access as soon as I see a new bug report (for an admin account a "[P]" and a link to the user is shown in this case). I have been traveling the last days, thus the delays. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Tue Sep 1 10:27:18 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 01 Sep 2015 10:27:18 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <55E06C33.30800@vulcan.xs4all.nl> <55E08877.70808@digitalbrains.com> <55E096DA.2050503@vulcan.xs4all.nl> <87y4gvksrt.fsf@vigenere.g10code.de> <55E492C8.2040403@vulcan.xs4all.nl> Message-ID: <55E56166.4020108@digitalbrains.com> Hello, On 31/08/15 21:08, Crissy Lynn wrote: > I have tried any and everything the be taken OFF of this random > mailing list!!! I've 'Unsubscribed' 10 times. Can someone PLEASE > explain why I keep getting these emails!?????? I might have an idea about that. Gmail has an unusual feature: you can add dots in the name-part of the e-mail address wherever you like, and they don't matter. But the mailing list software might have a different idea about that. So perhaps you're subscribed as miss.crissylynn etcetera, and you're trying to unsubscribe without that dot. Take a look at what the exact e-mail address is that you're getting the mails from this list at. Then unsubscribe with that address. And don't forget to confirm with the mail that you will receive: the software will send you a final mail asking you to confirm that you really wish to unsubscribe, to prevent jokesters from unsubscribing random people. This is just a theory I've come up with, though. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From cvimail81 at gmail.com Tue Sep 1 09:29:13 2015 From: cvimail81 at gmail.com (Egon) Date: Tue, 1 Sep 2015 09:29:13 +0200 Subject: GNUPG symmetric encryption compatibility question Message-ID: <55E553C9.3060108@gmail.com> Hi All, If I symmetric encrypt many files with the recent version of GNUPG 1.4.19, will I able to decrypt these files with the modern versions of GPG in the far future? Does GNUPG 1.4.19 has a known compatibility problem with this operation even when I do not want to use the default cipher and compression algorithms and I want to ASCII-armor some files? I do not want to use other features, only encrypt files... Will I able to decrypt with the actual recent modern version in the future when GNUPG 1.4.x will disappear? Best Regards, Egon From rjh at sixdemonbag.org Tue Sep 1 15:15:09 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 1 Sep 2015 09:15:09 -0400 Subject: GNUPG symmetric encryption compatibility question In-Reply-To: <55E553C9.3060108@gmail.com> References: <55E553C9.3060108@gmail.com> Message-ID: <55E5A4DD.3000106@sixdemonbag.org> > If I symmetric encrypt many files with the recent version of GNUPG > 1.4.19, will I able to decrypt these files with the modern versions > of GPG in the far future? Most likely. The spec is well-known and unlikely to change in ways that break backwards compatibility. Over the next, say, ten years I'd expect you to have no trouble at all. From twim at riseup.net Wed Sep 2 03:37:43 2015 From: twim at riseup.net (Ivan Markin) Date: Wed, 02 Sep 2015 01:37:43 +0000 Subject: GnuPG modern can't genereate keys on my Windows Message-ID: <55E652E7.7030802@riseup.net> I'm also not able to generate keys in 2.1.7 on my Gentoo machine. It generates Ed25519 without errors (a typo: GnuPG says that it would use Curve25519 for signature not Ed25519). Because there is no option to create Curve25519 at the beginning with Ed25519 one I'm trying to `addkey` later. Error seems to have same origins as Windows one: gpg (GnuPG) 2.1.7; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec ed25519/125F3B9D created: 2015-09-02 expires: 2016-09-01 usage: C trust: ultimate validity: ultimate [ultimate] (1). Ivan Markin gpg> addkey Please select what kind of key you want: (3) DSA (sign only) (4) RSA (sign only) (5) Elgamal (encrypt only) (6) RSA (encrypt only) (7) DSA (set your own capabilities) (8) RSA (set your own capabilities) (10) ECC (sign only) (11) ECC (set your own capabilities) (12) ECC (encrypt only) (13) Existing key Your selection? 12 Please select which elliptic curve you want: (1) Curve 25519 (2) NIST P-256 (3) NIST P-384 (4) NIST P-521 (5) Brainpool P-256 (6) Brainpool P-384 (7) Brainpool P-512 Your selection? 1 gpg: WARNING: Curve25519 is not yet part of the OpenPGP standard. Use this curve anyway? (y/N) yes Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 1y Key expires at Thu 01 Sep 2016 01:22:10 AM Is this correct? (y/N) y Really create? (y/N) y We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: agent_genkey failed: Invalid flag gpg: Key generation failed: Invalid flag -- Ivan Markin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From twim at riseup.net Wed Sep 2 03:26:40 2015 From: twim at riseup.net (Ivan Markin) Date: Wed, 02 Sep 2015 01:26:40 +0000 Subject: GnuPG modern can't genereate keys on my Windows Message-ID: <55E65050.8040105@riseup.net> I'm also not able to generate keys in 2.1.7 on my Gentoo machine. It generates Ed25519 without errors (a typo: GnuPG says that it would use Curve25519 for signature not Ed25519). Because there is no option to create Curve25519 at the beginning with Ed25519 one I'm trying to `addkey` later. Error seems to have same origins as Windows one: gpg (GnuPG) 2.1.7; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec ed25519/125F3B9D created: 2015-09-02 expires: 2016-09-01 usage: C trust: ultimate validity: ultimate [ultimate] (1). Ivan Markin gpg> addkey Please select what kind of key you want: (3) DSA (sign only) (4) RSA (sign only) (5) Elgamal (encrypt only) (6) RSA (encrypt only) (7) DSA (set your own capabilities) (8) RSA (set your own capabilities) (10) ECC (sign only) (11) ECC (set your own capabilities) (12) ECC (encrypt only) (13) Existing key Your selection? 12 Please select which elliptic curve you want: (1) Curve 25519 (2) NIST P-256 (3) NIST P-384 (4) NIST P-521 (5) Brainpool P-256 (6) Brainpool P-384 (7) Brainpool P-512 Your selection? 1 gpg: WARNING: Curve25519 is not yet part of the OpenPGP standard. Use this curve anyway? (y/N) yes Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 1y Key expires at Thu 01 Sep 2016 01:22:10 AM Is this correct? (y/N) y Really create? (y/N) y We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: agent_genkey failed: Invalid flag gpg: Key generation failed: Invalid flag -- Ivan Markin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Wed Sep 2 08:33:21 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 02 Sep 2015 15:33:21 +0900 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55E652E7.7030802@riseup.net> References: <55E652E7.7030802@riseup.net> Message-ID: <55E69831.9080404@fsij.org> On 09/02/2015 10:37 AM, Ivan Markin wrote: > I'm also not able to generate keys in 2.1.7 on my Gentoo machine. It > generates Ed25519 without errors (a typo: GnuPG says that it would use > Curve25519 for signature not Ed25519). Because there is no option to > create Curve25519 at the beginning with Ed25519 one I'm trying to > `addkey` later. Error seems to have same origins as Windows one: This is different issue, I believe. To create key for Curve25519 encryption, you need development version of libgcrypt (from git.gnupg.org). -- From htd+ml at fritha.org Wed Sep 2 08:55:46 2015 From: htd+ml at fritha.org (Heinz Diehl) Date: Wed, 2 Sep 2015 08:55:46 +0200 Subject: The FAQ's 4GiB recommendation In-Reply-To: <55DF7CF1.406@sixdemonbag.org> References: <55DF7CF1.406@sixdemonbag.org> Message-ID: <20150902065546.GA1610@fritha.org> On 27.08.2015, Robert J. Hansen wrote: > I had someone wonder why the FAQ recommends avoiding CAST, BLOWFISH, > IDEA, or 3DES for bulk encryption. > Q: Why should some ciphers be avoided for bulk encryption? "Some ciphers" is probably not enough for those who frequently ask about that topic. I therefore suggest to give an example and to connect the above mentioned ciphers to the term "64-bit ciphers", which would make the text more understandable for the "common reader", e.g. Q: Why should some 64-bit ciphers like CAST, BLOWFISH... be avoided for bulk encryption? The text as-is assumes that the reader knows what you mean by "64-bit ciphers", which most probably isn't the case. From dongsheng.song at gmail.com Wed Sep 2 11:17:45 2015 From: dongsheng.song at gmail.com (Dongsheng Song) Date: Wed, 2 Sep 2015 17:17:45 +0800 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55E69831.9080404@fsij.org> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> Message-ID: <55E6BEB9.1090903@gmail.com> On 2015-09-02 14:33, NIIBE Yutaka wrote: > On 09/02/2015 10:37 AM, Ivan Markin wrote: >> I'm also not able to generate keys in 2.1.7 on my Gentoo machine. It >> generates Ed25519 without errors (a typo: GnuPG says that it would use >> Curve25519 for signature not Ed25519). Because there is no option to >> create Curve25519 at the beginning with Ed25519 one I'm trying to >> `addkey` later. Error seems to have same origins as Windows one: > This is different issue, I believe. > > To create key for Curve25519 encryption, you need development version > of libgcrypt (from git.gnupg.org). Yes, I build gnupg 2.1.7 for 32 bit and 64 bit Windows with the latest libgcrypt and pinentry. Both them can create key for Curve25519 encryption on my Windows 10 2015 LTSB. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From aheinecke at intevation.de Wed Sep 2 13:18:28 2015 From: aheinecke at intevation.de (Andre Heinecke) Date: Wed, 02 Sep 2015 13:18:28 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <1717502.cCitHcOi0v@esus> References: <55E4404C.8050904@gmail.com> <1717502.cCitHcOi0v@esus> Message-ID: <2886087.GYGAezVZRk@esus> Hi, On Monday, August 31, 2015 07:07:03 PM Andre Heinecke wrote: > If I use the pinentry-basic included in the gnupg-w32 installer I get the > "No pinentry" error. > So it looks like pinentry-basic also has a Problem on Windows > 8.1 This was a problem in my test setup. I probably had gpg4win installed when the agent was started and so it tried to use the pinentry from gpg4win even after I uninstalled gpg4win. Such things will be solved when gpg4win gets proper 2.1 support. After restarting the gpg-agent it picked up pinentry-basic and it worked fine. If you look at gpg-agent's debug output it will show you which pinentry it tries to start. Regards, Andre -- Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Wed Sep 2 17:53:44 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 02 Sep 2015 17:53:44 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55E6BEB9.1090903@gmail.com> (Dongsheng Song's message of "Wed, 2 Sep 2015 17:17:45 +0800") References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> Message-ID: <87pp20izqv.fsf@vigenere.g10code.de> On Wed, 2 Sep 2015 11:17, dongsheng.song at gmail.com said: > Yes, I build gnupg 2.1.7 for 32 bit and 64 bit Windows with the latest > libgcrypt and pinentry. Funny, 64 bit Windows is not supported by GnuPG. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Sep 2 17:56:45 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 02 Sep 2015 17:56:45 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55E652E7.7030802@riseup.net> (Ivan Markin's message of "Wed, 02 Sep 2015 01:37:43 +0000") References: <55E652E7.7030802@riseup.net> Message-ID: <87lhcoizlu.fsf@vigenere.g10code.de> On Wed, 2 Sep 2015 03:37, twim at riseup.net said: > I'm also not able to generate keys in 2.1.7 on my Gentoo machine. It > generates Ed25519 without errors (a typo: GnuPG says that it would use > Curve25519 for signature not Ed25519). Because there is no option to That is actually on purpose. Both are based on the same curve and it seems easier to just call it Curve25519 than to explain why we use a different variant for signing. After all Curve25519 is a well known term. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Sep 2 18:01:08 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 02 Sep 2015 18:01:08 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E492C8.2040403@vulcan.xs4all.nl> (Johan Wevers's message of "Mon, 31 Aug 2015 19:45:44 +0200") References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <55E06C33.30800@vulcan.xs4all.nl> <55E08877.70808@digitalbrains.com> <55E096DA.2050503@vulcan.xs4all.nl> <87y4gvksrt.fsf@vigenere.g10code.de> <55E492C8.2040403@vulcan.xs4all.nl> Message-ID: <87h9ncizej.fsf@vigenere.g10code.de> On Mon, 31 Aug 2015 19:45, johanw at vulcan.xs4all.nl said: > Less complex by introducing communication issues between all separate > parts? We clearly have a different idea of complexity. Separartion of So be it. > tasks does not automatically mean separate binaries. That used to be the > Unix philosophy (there is systemd, but that's another discussion) but on Its old but its good. > Just see how many issues there are with pinentry on this list. You may want to reread the discussions to see that the cause for this was other software making improper use of GnuPG and Pinentry. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From twim at riseup.net Wed Sep 2 18:30:59 2015 From: twim at riseup.net (Ivan Markin) Date: Wed, 02 Sep 2015 16:30:59 +0000 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <87lhcoizlu.fsf@vigenere.g10code.de> References: <55E652E7.7030802@riseup.net> <87lhcoizlu.fsf@vigenere.g10code.de> Message-ID: <55E72443.2050701@riseup.net> Werner Koch: > That is actually on purpose. Both are based on the same curve and it > seems easier to just call it Curve25519 than to explain why we use a > different variant for signing. After all Curve25519 is a well known > term. Sounds almost reasonable. But why then GnuPG shows Ed25519 keys as eg. 'ed25519/52275F7A'? When someone trying to generate 'Curve25519-signing key' they'll get ed25519 key. "Maybe I've done something wrong? I should regenerate my signature key...". In my opinion it's a little bit confusing. The fact that both Ed25519 and Curve25519 are based on the same curve one can easily note from '25519' in their names. Actually Ed25519 is a birational equivalent to Curve25519; it's not a Curve25519. So I think that GnuPG should use exact naming for what it uses. -- Ivan Markin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Thu Sep 3 00:03:04 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 03 Sep 2015 00:03:04 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55E72443.2050701@riseup.net> (Ivan Markin's message of "Wed, 02 Sep 2015 16:30:59 +0000") References: <55E652E7.7030802@riseup.net> <87lhcoizlu.fsf@vigenere.g10code.de> <55E72443.2050701@riseup.net> Message-ID: <87613siinb.fsf@vigenere.g10code.de> On Wed, 2 Sep 2015 18:30, twim at riseup.net said: > Sounds almost reasonable. But why then GnuPG shows Ed25519 keys as eg. > 'ed25519/52275F7A'? When someone trying to generate 'Curve25519-signing > key' they'll get ed25519 key. "Maybe I've done something wrong? I should Well, given that you used --expert we can assume that you know what you are doing ;-) > regenerate my signature key...". In my opinion it's a little bit confusing. > The fact that both Ed25519 and Curve25519 are based on the same curve The real difference is that Ed25519 uses EdDSA and not ECDH or ECDSA. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From faramir.cl at gmail.com Thu Sep 3 23:02:04 2015 From: faramir.cl at gmail.com (Faramir) Date: Thu, 3 Sep 2015 18:02:04 -0300 Subject: FAQ: drop mention of 1.4? In-Reply-To: <87wpwfn9rh.fsf@vigenere.g10code.de> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> Message-ID: <55E8B54C.2090704@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 28-08-2015 a las 4:37, Werner Koch escribi?: ... > Some of these old time users may not follow the news thus may be > baffled when they figure that gpg is not able to decrypt their old > data. Thus a short note that a GPG 1 version is maintained to > allow decryption of PGP-2 data or to be used on ancient > platforms[1] should be helpful. IMHO, it would be desirable that the current version can still open old data, even if it refuses to encrypt that way. But maybe keeping the decrypt old data capability has some inconveniences. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJV6LVMAAoJEMV4f6PvczxApqkH/AvxKBxxoqalxP988BNPxY47 dREUlS5sDx/9PM31PUSqbeYhDE05lVwmsnUEzzpCazdD23jcUiq4Eztm+B0+fNsb 4rEiD26YDLHRAHPwP6ZJEeKnlVL0PuLVbscy0m+NyvJNJdAg8F9f5SwkVn40s+1o EaE0juprgzXYE0hyHEq73hjLT7z0scKD58LfxnYBva6Qz97cuZDCPdbPnHDGNFF7 eTpVbXCylWzPmPznKiZGfBJBw0woX5e+5848dgi9zE/Fs/aWFEgjGSvOnX6tldYO jnERVZoUDWq9EwDgPCq1WmqZsCzjDUkud7bwwIgP21sRKpMy9JUSpBGC7XeCMhg= =krOS -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Fri Sep 4 00:46:00 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 3 Sep 2015 18:46:00 -0400 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E8B54C.2090704@gmail.com> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> Message-ID: <55E8CDA8.5040609@sixdemonbag.org> > IMHO, it would be desirable that the current version can still open > old data, even if it refuses to encrypt that way. But maybe keeping > the decrypt old data capability has some inconveniences. Here's the question I really want people to answer: "At what point do we tell people, 'no, that data format has been obsolete for twenty years, we're not going to support it any more, it's not even close to conforming to the RFCs we implement'?" If you say "for as long as people have that traffic," then you've just given GnuPG an open-ended commitment to supporting PGP 2.6 *forever*. There are still people using Apple IIes and Appleworks to manage their business spreadsheets. I don't think we should support PGP 2.6 forever. I don't think most people on this list do, either. So to me, the interesting question is where we draw the line. Where do we say, "no more, we're not supporting PGP 2.6 any further"? For me, the answer is -- "Today. We've supported it for sixteen years. That's long enough." From melvincarvalho at gmail.com Thu Sep 3 23:55:33 2015 From: melvincarvalho at gmail.com (Melvin Carvalho) Date: Thu, 3 Sep 2015 23:55:33 +0200 Subject: GPG UID Message-ID: ive been looking at UID in gpg http://tools.ietf.org/html/rfc4880#section-5.11 is there any way to add an URL instead of an email address? or to have both an emall and URL in a cert? -------------- next part -------------- An HTML attachment was scrubbed... URL: From flapflap at riseup.net Fri Sep 4 01:15:52 2015 From: flapflap at riseup.net (flapflap) Date: Thu, 03 Sep 2015 23:15:52 +0000 Subject: GPG UID In-Reply-To: References: Message-ID: <55E8D4A8.7060300@riseup.net> Melvin Carvalho: > ive been looking at UID in gpg > > http://tools.ietf.org/html/rfc4880#section-5.11 > > is there any way to add an URL instead of an email address? > > or to have both an emall and URL in a cert? this may be what you are looking for: --allow-freeform-uid Disable all checks on the form of the user ID while generating a new one. This option should only be used in very special environments as it does not ensure the de-facto standard format of user IDs. ~flapflap From misscrissylynn at gmail.com Fri Sep 4 00:15:21 2015 From: misscrissylynn at gmail.com (Crissy Lynn) Date: Thu, 3 Sep 2015 18:15:21 -0400 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E8B54C.2090704@gmail.com> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> Message-ID: <6BD8A223-4731-4037-98B3-8D440BF0FA02@gmail.com> PLEASE REMOVE ME FROM THIS MAILING LIST!!!!!! > On Sep 3, 2015, at 5:02 PM, Faramir wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > >> El 28-08-2015 a las 4:37, Werner Koch escribi?: >> ... >> Some of these old time users may not follow the news thus may be >> baffled when they figure that gpg is not able to decrypt their old >> data. Thus a short note that a GPG 1 version is maintained to >> allow decryption of PGP-2 data or to be used on ancient >> platforms[1] should be helpful. > > IMHO, it would be desirable that the current version can still open > old data, even if it refuses to encrypt that way. But maybe keeping > the decrypt old data capability has some inconveniences. > > Best Regards > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQEcBAEBCAAGBQJV6LVMAAoJEMV4f6PvczxApqkH/AvxKBxxoqalxP988BNPxY47 > dREUlS5sDx/9PM31PUSqbeYhDE05lVwmsnUEzzpCazdD23jcUiq4Eztm+B0+fNsb > 4rEiD26YDLHRAHPwP6ZJEeKnlVL0PuLVbscy0m+NyvJNJdAg8F9f5SwkVn40s+1o > EaE0juprgzXYE0hyHEq73hjLT7z0scKD58LfxnYBva6Qz97cuZDCPdbPnHDGNFF7 > eTpVbXCylWzPmPznKiZGfBJBw0woX5e+5848dgi9zE/Fs/aWFEgjGSvOnX6tldYO > jnERVZoUDWq9EwDgPCq1WmqZsCzjDUkud7bwwIgP21sRKpMy9JUSpBGC7XeCMhg= > =krOS > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From idmsdba at nycap.rr.com Fri Sep 4 01:36:37 2015 From: idmsdba at nycap.rr.com (Michael A. Yetto) Date: Thu, 3 Sep 2015 19:36:37 -0400 Subject: FAQ: drop mention of 1.4? In-Reply-To: <6BD8A223-4731-4037-98B3-8D440BF0FA02@gmail.com> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> <6BD8A223-4731-4037-98B3-8D440BF0FA02@gmail.com> Message-ID: <20150903193637.1b451a9b@Braetac.lighthouse.yetnet> On Thu, 3 Sep 2015 18:15:21 -0400 Crissy Lynn wrote: >PLEASE REMOVE ME FROM THIS MAILING LIST!!!!!! All of the e-mails I get from this list have the following header. List-Unsubscribe: , It occurs to me that you have had the ability to do what was needed all along. Mike "pay no attention to that man behind the curtain" Yetto -- "We establish no religion in this country, we command no worship, we mandate no belief, nor will we ever. Church and state are, and must remain, separate." - Ronald Reagan (1911-2004), 40th President of the United States -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 490 bytes Desc: OpenPGP digital signature URL: From faramir.cl at gmail.com Fri Sep 4 03:56:52 2015 From: faramir.cl at gmail.com (Faramir) Date: Thu, 3 Sep 2015 22:56:52 -0300 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E8CDA8.5040609@sixdemonbag.org> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> <55E8CDA8.5040609@sixdemonbag.org> Message-ID: <55E8FA64.5010701@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 03-09-2015 a las 19:46, Robert J. Hansen escribi?: >> IMHO, it would be desirable that the current version can still >> open old data, even if it refuses to encrypt that way. But maybe >> keeping the decrypt old data capability has some inconveniences. > > Here's the question I really want people to answer: "At what point > do we tell people, 'no, that data format has been obsolete for > twenty years, we're not going to support it any more, it's not even > close to conforming to the RFCs we implement'?" Yes, people should stop using things that are seriously outdated and proven unsafe. > If you say "for as long as people have that traffic," then you've > just given GnuPG an open-ended commitment to supporting PGP 2.6 > *forever*. I was thinking about being able to access old data that was encrypted with PGP 2.6 standad, not about creating new data using that standard, so, *if possible*, it would be nice to have read-only backward compatibility. > There are still people using Apple IIes and Appleworks to manage > their business spreadsheets. And some time ago, I found an old QPro spreadsheet that had survived somehow in a backup CD. I don't remember if I could open it. But I do remember once I had to find a way to open a old ms-writer file I needed to read. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJV6PpkAAoJEMV4f6PvczxAUYAH/1Wjtd2YyF/IYEmQ4G2TN5Jt B1JxIcP5EwHQRtviVyfHeKTIsOpaHIEQyNAbBo22EMudMDIM1yJCV77uNgFoNLdT /z0Q9c1ycuCHwiJS+QXsuyUJghLB70NiTarPjz3W5gmYB2jpYfNb/McaJ941ROaY yfMtNMAGIadpZ+l89hMK2nPAqByWmmAzKpAlmddCll6eG8ikz34QALCBNgAt+Zp9 2n8N5YVnJBnskBP5el88gZTGLzUFWed/kJ1fA+OkxIbKQC+S6iUSfLiJAf8zJCCx LvI2rrkHDcSPtiAW2d/Qu+zICG07Rh11nJnMqNmr9xUPagbd0wMzOA0VaIsSxc8= =6vku -----END PGP SIGNATURE----- From wk at gnupg.org Fri Sep 4 08:08:41 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 04 Sep 2015 08:08:41 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E8CDA8.5040609@sixdemonbag.org> (Robert J. Hansen's message of "Thu, 3 Sep 2015 18:46:00 -0400") References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> <55E8CDA8.5040609@sixdemonbag.org> Message-ID: <87si6uhg2e.fsf@vigenere.g10code.de> On Fri, 4 Sep 2015 00:46, rjh at sixdemonbag.org said: > For me, the answer is -- "Today. We've supported it for sixteen years. > That's long enough." Agreed for the current version (GnuPG 2.x) For the records: We have promised to maintain GnuPG 1.4 which does and will continue to support PGP-2. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From johanw at vulcan.xs4all.nl Fri Sep 4 09:54:58 2015 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri, 04 Sep 2015 09:54:58 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E8CDA8.5040609@sixdemonbag.org> References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> <55E8CDA8.5040609@sixdemonbag.org> Message-ID: <55E94E52.6010505@vulcan.xs4all.nl> On 04-09-2015 0:46, Robert J. Hansen wrote: > Here's the question I really want people to answer: "At what point do we > tell people, 'no, that data format has been obsolete for twenty years, > we're not going to support it any more, it's not even close to > conforming to the RFCs we implement'?" Never IMO. This attitude leads to data being lost forever because new software can't read it anymore while the cost of adding read-only support is small. > If you say "for as long as people have that traffic," then you've just > given GnuPG an open-ended commitment to supporting PGP 2.6 *forever*. Read-only, yes. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From wk at gnupg.org Fri Sep 4 10:46:49 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 04 Sep 2015 10:46:49 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E94E52.6010505@vulcan.xs4all.nl> (Johan Wevers's message of "Fri, 04 Sep 2015 09:54:58 +0200") References: <55DF59E1.6090109@sixdemonbag.org> <55DF73D5.9020505@vulcan.xs4all.nl> <55DF8312.8090708@sixdemonbag.org> <87wpwfn9rh.fsf@vigenere.g10code.de> <55E8B54C.2090704@gmail.com> <55E8CDA8.5040609@sixdemonbag.org> <55E94E52.6010505@vulcan.xs4all.nl> Message-ID: <87k2s6h8qu.fsf@vigenere.g10code.de> On Fri, 4 Sep 2015 09:54, johanw at vulcan.xs4all.nl said: > Never IMO. This attitude leads to data being lost forever because new > software can't read it anymore while the cost of adding read-only > support is small. No, that is entirely wrong. The whole PGP-2 stuff has been removed and thus most code paths have been simplified. How often shall I repeat: We keep on supporting PGP-2 in 1.4 and thus there is no need to talk about lost data. You just have to use the right tool. A real world problem is how to maintain the hardware to actually access that old data. For example I have some old hard disks and even an ST-506 controller board. However, that is a full size ISA board and I do not have a motherboard to use it. I also have tape drive somewhere to read my >10 year old backups but no SCSI controller readily available. The common archiving practice is to copy data to new media every few years. For encrypted data which is still considered confidential you need to re-encrypt it anyway to keep it safe. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From samir at samirnassar.com Fri Sep 4 11:57:07 2015 From: samir at samirnassar.com (Samir Nassar) Date: Fri, 04 Sep 2015 11:57:07 +0200 Subject: FAQ: drop mention of 1.4? In-Reply-To: <55E94E52.6010505@vulcan.xs4all.nl> References: <55DF59E1.6090109@sixdemonbag.org> <55E8CDA8.5040609@sixdemonbag.org> <55E94E52.6010505@vulcan.xs4all.nl> Message-ID: <49705849.ul5MyuZRbo@lathe> On Friday, September 04, 2015 09:54:58 AM Johan Wevers wrote: > On 04-09-2015 0:46, Robert J. Hansen wrote: > > Here's the question I really want people to answer: "At what point do we > > tell people, 'no, that data format has been obsolete for twenty years, > > we're not going to support it any more, it's not even close to > > conforming to the RFCs we implement'?" > > Never IMO. This attitude leads to data being lost forever because new > software can't read it anymore while the cost of adding read-only > support is small. I do not see how this stance is justifiable. What is the amount of current PGP users? What is the amount of current PGP users who started using PGP in the last 5 years? What is the amount of current PGP users who started using PGP in the last 10 years? What is the amount of current PGP users who started using PGP in the last 15 years? Now, the three people who encrypted really important data using PGP 2.6 but somehow missed out on the last 15 years of GnuPG development, use GnuPG 1.4 to decrypt your information like Werner said. There is no point to keeping the FAQ cluttered with references to old versions of GnuPG and many reasons against keeping the reference. Samir From marko.bauhardt at mailbox.org Fri Sep 4 15:44:03 2015 From: marko.bauhardt at mailbox.org (Marko Bauhardt (private)) Date: Fri, 4 Sep 2015 15:44:03 +0200 Subject: uploading subkeys In-Reply-To: <55E0CA9F.2070208@gmail.com> References: <55E0CA9F.2070208@gmail.com> Message-ID: <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> > You can either upload the whole public set or none of it, you can't or > at least I know of no way of uploading only the public part of the sub keys. As far as i know it is possible to upload a sub key via the id of the sub key ending with the exclamation mark `!`. I mean does it make sense to send public key of my certification key as well to the key server? I assume that the public key for encryption and sign is enough. > > As for the keyserver, I recommend sks-keyservers.net[1], either > hkp://pool.sks-keyservers.net or hkps://hkps.pool.sks-keyservers.net > which you will need to have a GnuPG compiled with GnuTLS support and > also the cert from the keyserver[2] > > [1]: https://sks-keyservers.net/ > [2]: https://sks-keyservers.net/overview-of-pools.php#pool_hkps Ok, thanks. marko From wk at gnupg.org Fri Sep 4 21:27:42 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 04 Sep 2015 21:27:42 +0200 Subject: uploading subkeys In-Reply-To: <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> (Marko Bauhardt's message of "Fri, 4 Sep 2015 15:44:03 +0200") References: <55E0CA9F.2070208@gmail.com> <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> Message-ID: <871teegf2p.fsf@vigenere.g10code.de> On Fri, 4 Sep 2015 15:44, marko.bauhardt at mailbox.org said: > As far as i know it is possible to upload a sub key via the id of the sub key ending with the exclamation mark `!`. You may use this notation to force the use of this subkey. However, an OpenPGP key(block) always consists of a primary key and optional ant number of subkeys. The transfer format does only allow sending of entire OpenPGP key(block)s. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dongsheng.song at gmail.com Sat Sep 5 04:23:05 2015 From: dongsheng.song at gmail.com (Dongsheng Song) Date: Sat, 5 Sep 2015 10:23:05 +0800 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <87pp20izqv.fsf@vigenere.g10code.de> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> Message-ID: On Wed, Sep 2, 2015 at 11:53 PM, Werner Koch wrote: > On Wed, 2 Sep 2015 11:17, dongsheng.song at gmail.com said: > >> Yes, I build gnupg 2.1.7 for 32 bit and 64 bit Windows with the latest >> libgcrypt and pinentry. > > Funny, 64 bit Windows is not supported by GnuPG. > It's really works, you can check my building results: http://sourceforge.net/projects/osb/files/package/portable/gnupg/ From wk at gnupg.org Sat Sep 5 11:40:24 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 05 Sep 2015 11:40:24 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: (Dongsheng Song's message of "Sat, 5 Sep 2015 10:23:05 +0800") References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> Message-ID: <87twr9fblj.fsf@vigenere.g10code.de> On Sat, 5 Sep 2015 04:23, dongsheng.song at gmail.com said: > It's really works, you can check my building results: No, it can't work: - The random number generator may not produce random output. - GnuPG casts pointers to integers which does not work on 64 bit Windows where a pointer (and thus a HANDLE) is 64 bit but int and long are 32 bit. - There are related problems related to different kind of file decriptors. > http://sourceforge.net/projects/osb/files/package/portable/gnupg/ 1. Please add the full source code to the download section or otherwise fulfill the requirements of the GPL. 2. In the summary page you state that the license is CC BY-SA. However, both GCC and GnuPG are under the GPL. You need to fix that! Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dongsheng.song at gmail.com Sun Sep 6 10:11:43 2015 From: dongsheng.song at gmail.com (Dongsheng Song) Date: Sun, 6 Sep 2015 16:11:43 +0800 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <87twr9fblj.fsf@vigenere.g10code.de> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> Message-ID: <55EBF53F.1020000@gmail.com> On 2015-09-05 17:40, Werner Koch wrote: > On Sat, 5 Sep 2015 04:23, dongsheng.song at gmail.com said: > >> It's really works, you can check my building results: > No, it can't work: > > - The random number generator may not produce random output. Why not trust Windows CryptoAPI (CryptGenRandom) like libressl ? https://github.com/libressl-portable/openbsd/blob/master/src/lib/libcrypto/crypto/getentropy_win.c If you do not trust CryptoAPI (CryptGenRandom), you can use CNG (BCryptGenRandom) instead. CryptGenRandom [Windows XP/2003 or later] BCryptGenRandom [Windows Vista/2008 or later] [Cryptography API: Next Generation ] https://msdn.microsoft.com/en-us/library/windows/desktop/aa379942(v=vs.85).aspx https://msdn.microsoft.com/en-us/library/windows/desktop/aa375458(v=vs.85).aspx > - GnuPG casts pointers to integers which does not work on 64 bit > Windows where a pointer (and thus a HANDLE) is 64 bit but int and > long are 32 bit. > > - There are related problems related to different kind of file > decriptors. In theory, you are right. But ALL Windows kernel object include HANDLE lower than 2^24. Then if these cast is safe for 64 bit Linux, then safe for Windows too. https://msdn.microsoft.com/en-us/library/windows/desktop/ms724485(v=vs.85).aspx > >> http://sourceforge.net/projects/osb/files/package/portable/gnupg/ > 1. Please add the full source code to the download section or > otherwise fulfill the requirements of the GPL. > > 2. In the summary page you state that the license is CC BY-SA. > However, both GCC and GnuPG are under the GPL. You need to fix > that! > Thanks, fixed. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Sun Sep 6 12:02:32 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Sun, 06 Sep 2015 12:02:32 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EBF53F.1020000@gmail.com> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> Message-ID: <55EC0F38.4070300@digitalbrains.com> On 06/09/15 10:11, Dongsheng Song wrote: > On 2015-09-05 17:40, Werner Koch wrote: >> - The random number generator may not produce random output. > > Why not trust Windows CryptoAPI (CryptGenRandom) like libressl ? May I suggest that you take down your compiled 64-bits versions and issue a warning on the page, alterting people to the fact that Werner Koch warned you that the random number generator might not work? It's rather a huge issue, especially when people use your package to generate their keys. BTW, AFAIK, GnuPG builds its own random number generator upon the services provided by the OS. It doesn't make sense (to me at least) to make an exception for 64-bit Windows and swap it out for the OS provided service there. Is there any reason to provide 64-bits binaries, BTW? It's an unbiased question, I simply don't know. Does it provide any benefits? Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From johanw at vulcan.xs4all.nl Sun Sep 6 16:29:58 2015 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Sun, 06 Sep 2015 16:29:58 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EC0F38.4070300@digitalbrains.com> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> <55EC0F38.4070300@digitalbrains.com> Message-ID: <55EC4DE6.4030005@vulcan.xs4all.nl> On 06-09-2015 12:02, Peter Lebbing wrote: > Is there any reason to provide 64-bits binaries, BTW? It's an unbiased > question, I simply don't know. Does it provide any benefits? Perhaps they accept larger files or can use more memory? I do remember once compiling the pgp 2.6.3ia sources with Visual Studio 5 long ago to make 32 bit binaries that could handle long filenames the original 16 bit DOS executable could not deal with. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From rjh at sixdemonbag.org Sun Sep 6 19:39:17 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 6 Sep 2015 13:39:17 -0400 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EC0F38.4070300@digitalbrains.com> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> <55EC0F38.4070300@digitalbrains.com> Message-ID: <55EC7A45.70204@sixdemonbag.org> > Is there any reason to provide 64-bits binaries, BTW? It's an unbiased > question, I simply don't know. Does it provide any benefits? Potentially. It allows the compiler to use x64 features such as W^X, which relies on there being an NX bit in the page table entry. This wasn't part of the x86 design, but was added by AMD for the x64. Then Intel backported it to the Prescott architecture for the Pentium-4. But unless you can guarantee you'll never run on pre-Prescott chips, you can't rely on W^X. True, W^X is an OS-level feature and not a GnuPG feature. But it should work as an example of how the two instruction sets could be different in ways important for computer security. From rjh at sixdemonbag.org Sun Sep 6 20:25:49 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 6 Sep 2015 14:25:49 -0400 Subject: Krebs on Security: SCI Message-ID: <55EC852D.8030404@sixdemonbag.org> Brian Krebs has a great case study of a shady snake-oil seller. Worth reading. Also, the Robert Hansen mentioned in it is not me. :) http://krebsonsecurity.com/2015/08/how-not-to-start-an-encryption-company/ From christian.heinrich at cmlh.id.au Sun Sep 6 23:58:49 2015 From: christian.heinrich at cmlh.id.au (Christian Heinrich) Date: Mon, 7 Sep 2015 07:58:49 +1000 Subject: Krebs on Security: SCI In-Reply-To: <55EC852D.8030404@sixdemonbag.org> References: <55EC852D.8030404@sixdemonbag.org> Message-ID: Robert, Their implementation adheres to Kerchhoff's Principal as "SCI?s secret sauce is a process for taking existing encryption techniques (they only use vetted, established code libraries)" quoted directly in his post and the comment from "Bob "Buzz" Akerz" [to this post] has concurred this fact. On Mon, Sep 7, 2015 at 4:25 AM, Robert J. Hansen wrote: > Brian Krebs has a great case study of a shady snake-oil seller. Worth > reading. > > Also, the Robert Hansen mentioned in it is not me. :) > > http://krebsonsecurity.com/2015/08/how-not-to-start-an-encryption-company/ -- Regards, Christian Heinrich http://cmlh.id.au/contact From dongsheng.song at gmail.com Mon Sep 7 08:52:58 2015 From: dongsheng.song at gmail.com (Dongsheng Song) Date: Mon, 7 Sep 2015 14:52:58 +0800 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EC0F38.4070300@digitalbrains.com> References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> <55EC0F38.4070300@digitalbrains.com> Message-ID: <55ED344A.9080300@gmail.com> On 2015-09-06 18:02, Peter Lebbing wrote: > Is there any reason to provide 64-bits binaries, BTW? It's an unbiased > question, I simply don't know. Does it provide any benefits? Yes, when we running 64 bit Windows, use 64 bit binary is naturally requirement. WoW64 is optional component for Windows server, for those servers without WoW64, running 64 bit binaries is the only choice. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Mon Sep 7 17:22:40 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 07 Sep 2015 17:22:40 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EC4DE6.4030005@vulcan.xs4all.nl> (Johan Wevers's message of "Sun, 06 Sep 2015 16:29:58 +0200") References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> <55EC0F38.4070300@digitalbrains.com> <55EC4DE6.4030005@vulcan.xs4all.nl> Message-ID: <8737yqfe4f.fsf@vigenere.g10code.de> On Sun, 6 Sep 2015 16:29, johanw at vulcan.xs4all.nl said: > Perhaps they accept larger files or can use more memory? I do remember Should all be the same. I see no practical reason for using a 64 bit binary. I even doubt that it will be faster because gpg does no allocate large memory blocks. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Sep 7 17:30:52 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 07 Sep 2015 17:30:52 +0200 Subject: GnuPG modern can't genereate keys on my Windows In-Reply-To: <55EBF53F.1020000@gmail.com> (Dongsheng Song's message of "Sun, 6 Sep 2015 16:11:43 +0800") References: <55E652E7.7030802@riseup.net> <55E69831.9080404@fsij.org> <55E6BEB9.1090903@gmail.com> <87pp20izqv.fsf@vigenere.g10code.de> <87twr9fblj.fsf@vigenere.g10code.de> <55EBF53F.1020000@gmail.com> Message-ID: <87y4gidz6b.fsf@vigenere.g10code.de> On Sun, 6 Sep 2015 10:11, dongsheng.song at gmail.com said: > In theory, you are right. But ALL Windows kernel object include HANDLE > lower than 2^24. I have seen kernel objects with a higher value. Not necessary HANDLE, though. > Then if these cast is safe for 64 bit Linux, then safe for Windows too. Nope. Almost all 64 bit Unix systems implement the LP64 data model where a "long" and all pointers are 64 bit. Windows however uses LLP64 where only "long long" and pointers are 64 bit. Further, file descriptors on Unix are always a 32 bit "int" but on 64 bit Windows the kernel objects resembling file descriptors are all pointers and thus 64 bit. On 32 bit Windows pointers have the same size an "int" and thus we can represent them using an int and convert them using atoi. >> 2. In the summary page you state that the license is CC BY-SA. >> However, both GCC and GnuPG are under the GPL. You need to fix >> that! >> > > Thanks, fixed. Thanks. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Sep 8 09:06:38 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 08 Sep 2015 09:06:38 +0200 Subject: [Announce] Libgcrypt 1.6.4 released Message-ID: <877fo1e6f5.fsf@vigenere.g10code.de> Hello! The GNU project is pleased to announce the availability of Libgcrypt version 1.6.4. This is a maintenance release with a minor security fix. Libgcrypt is a general purpose library of cryptographic building blocks. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required for proper use of Libgcrypt. Noteworthy changes in version 1.6.4 =================================== * Speed up the random number generator by requiring less extra seeding. * New flag "no-keytest" for ECC key generation. Due to a bug in the parser that flag will also be accepted but ignored by older version of Libgcrypt. * Always verify a created RSA signature to avoid private key leaks due to hardware failures. * Fix alignment bug in the AESNI code on Windows > 7. * Support FreeBSD 10 and later. * Other minor bug fixes. Download ======== Source code is hosted at the GnuPG FTP server and its mirrors as listed at https://gnupg.org/download/mirrors.html . On the primary server the source tarball and its digital signature are: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.bz2 (2490k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.bz2.sig That file is bzip2 compressed. A gzip compressed version is here: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.gz (2901k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.gz.sig The same files are also available via HTTP: https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.bz2 https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.bz2.sig https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.gz https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.6.4.tar.gz.sig In order to check that the version of Libgcrypt you are going to build is an original and unmodified one, you can do it in one of the following ways: * Check the supplied OpenPGP signature. For example to check the signature of the file libgcrypt-1.6.4.tar.bz2 you would use this command: gpg --verify libgcrypt-1.6.4.tar.bz2.sig libgcrypt-1.6.4.tar.bz2 This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one of the release signing keys. See https://gnupg.org/signature_key.html . * If you are not able to use GnuPG, you have to verify the SHA-1 checksum: sha1sum libgcrypt-1.6.4.tar.bz2 and check that the output matches the first line from the following list: ed52add1ce635deeb2f5c6650e52667debd4ec70 libgcrypt-1.6.4.tar.bz2 da6507d7ba902d7482cc09e1114ccaf3ab495c76 libgcrypt-1.6.4.tar.gz Copying ======= Libgcrypt is distributed under the terms of the GNU Lesser General Public License (LGPLv2.1+). The helper programs as well as the documentation are distributed under the terms of the GNU General Public License (GPLv2+). The file LICENSES has notices about contributions that require these additional notices are distributed. Support ======= For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1]. A listing with commercial support offers for Libgcrypt and related software is available at the GnuPG web site [2]. If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gcrypt-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GnuPG is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is an announcement only mailing list. Please send replies only to the gcrypt-devel 'at' gnupg.org mailing lists. [1] https://lists.gnupg.org/mailman/listinfo/gcrypt-devel [2] https://www.gnupg.org/service.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk at gnupg.org Tue Sep 8 17:44:29 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 08 Sep 2015 17:44:29 +0200 Subject: [Announce] GnuPG 2.0.29 (stable) released Message-ID: <877fo0dig2.fsf@vigenere.g10code.de> Hello! We are pleased to announce the availability of a new stable GnuPG-2.0 release: Version 2.0.29. This is a maintenance release which fixes a couple of bugs. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard as defined by RFC-4880 and better known as PGP. GnuPG, also known as GPG, allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different versions of GnuPG are actively maintained: - GnuPG "modern" (2.1) is the latest development with a lot of new features including support for ECC. - GnuPG "stable" (2.0) - which this is about - is the current stable version for general use. This is what most users are currently using. - GnuPG "classic" (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install "modern" (2.1) and "stable" (2.0) at the same time. However, it is possible to install "classic" (1.4) along with any of the other versions. What's New in 2.0.29 ==================== * gpg: Print a PGP-2 fingerprint again instead of a row of "0". * gpg: Fixed a race condition from multiple several "gpg --verify". * gpg: Print FAILURE status lines to help GPGME. * gpgsm: Fixed a regression in CSR generation. * scdaemon: Fixed problems with some pinpads. * Fixed a few other bugs. Getting the Software ==================== Please follow the instructions found at https://gnupg.org/download/ or read on: Source code is hosted at the GnuPG FTP server and its mirrors as listed at . On the primary server the source tarball and its digital signature are: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.0.29.tar.bz2 (2490k) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.0.29.tar.bz2.sig Note, that we don't distribute gzip compressed tarballs for GnuPG-2. A Windows version will soon be released at . If you are new to GnuPG please consider to use the "modern" version 2.1.7. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.0.29.tar.bz2 you would use this command: gpg --verify gnupg-2.0.29.tar.bz2.sig gnupg-2.0.29.tar.bz2 This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one or more of the release signing keys. Make sure that this is a valid key, either by matching the shown fingerprint against a trustworthy list of valid release signing keys or by checking that the key has been signed by trustworthy other keys. See below for information on the signing keys. * If you are not able to use an existing version of GnuPG, you have to verify the SHA-1 checksum. On Unix systems the command to do this is either "sha1sum" or "shasum". Assuming you downloaded the file gnupg-2.0.29.tar.bz2, you would run the command like this: sha1sum gnupg-2.0.29.tar.bz2 and check that the output matches the next line: 87eb0df18f9953675f979405a1af10ab6c5322b3 gnupg-2.0.29.tar.bz2 Release Signing Keys ==================== To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 Werner Koch (dist sig) rsa2048/E0856959 2014-10-29 [expires: 2019-12-31] Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959 David Shaw (GnuPG Release Signing Key) rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28] Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06 NIIBE Yutaka (GnuPG Release Key) rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31] Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9 Werner Koch (Release Signing Key) You may retrieve these files from the keyservers using this command gpg --recv-keys 249B39D24F25E3B6 04376F3EE0856959 \ 2071B08A33BD3F06 8A861B1C7EFD60D9 using an already installed version of gpg. Remeber to check the fingerprints against the above list (which you also find on the flip side of our printed visit cards). The keys are also available at and in the released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed using my standard PGP key. Documentation ============= The file gnupg.info has the complete user manual of the system. Separate man pages are included as well; however they have not all the details available in the manual. It is also possible to read the complete manual online in HTML format at https://www.gnupg.org/documentation/manuals/gnupg-2.0/ or in Portable Document Format at https://www.gnupg.org/documentation/manuals/gnupg-2.0.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . We also have a dedicated service directory at: https://www.gnupg.org/service.html If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GnuPG is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users 'at' gnupg.org mailing list. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From patrick at enigmail.net Tue Sep 8 18:10:46 2015 From: patrick at enigmail.net (Patrick Brunschwig) Date: Tue, 8 Sep 2015 18:10:46 +0200 Subject: =?UTF-8?Q?Enigmail_and_p=e2=89=a1p_are_together_for_developing_Enig?= =?UTF-8?Q?mail/p=e2=89=a1p?= Message-ID: <55EF0886.8070108@enigmail.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The following press release was published yesterday (unfortunately I had no time to re-post it earlier): Encryption add-on Enigmail and pretty Easy privacy (p?p)[1] are joining in development of a solution for the well-known mail client Thunderbird. The goal is to make encryption as easy as possible, said Enigmail's project lead Patrick Brunschwig and p?p's head of development Volker Birk in a common press release. Enigmail and p?p will offer p?p technology for any Thunderbird user. Thunderbird is still most popular among free email programs on desktop PCs and Laptops. "Enigmail offers the most-used solution for mail encryption as Free Software for many years now. But we don't want to rest on our laurels.", Brunschwig explains. "Still way too few people are able to encrypt. But this is inevitable to protect privacy." That is to be changed with the partnership. "p?p is offering the possibility to encrypt fully automatically. This way our users are gaining the highest amount of security, while even not be touched by the process at all. At the same time p?p is offering compatibility to OpenPGP and S/MIME, which is necessary to integrate into mail infrastructures." "Being the trailblazer, Enigmail managed to provide one of the greatest user interfaces for mail encryption.", Birk says. "To date Enigmail is still the front-runner here. Together with Enigmail we're thinking beyond this: the default for email has to be encrypted and not unencrypted! For this purpose p?p is offering the possibility to encrypt without any user interaction needed like managing keys. Thunderbird is for p?p a strategic platform in Free Software: no other free mail program has reached this spread. Therefore, it was the logical choice to ask our colleagues at Enigmail for a cooperation. Who else could deliver more know-how of integrating encryption into Thunderbird?" The development partnership is meant to lead into common project Enigmail/p?p. As release date for a very first version Enigmail and p?p are aiming for December 2015. [1] http://pep-project.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJV7wiEAAoJENsRh7ndX2k7FswP/2qajDgWQF8Xsbl2/+ugrZr1 CaxQu3V7O7b9XXIA0kbAsy8qsVFlXAJoshEM75f6QWQ6P4nYBvB0C4zR2PU6Cl4/ eiPqkgMt831yF2gQ4tTbtu95NA6UvRZcDdVhdlZ/+KKT4e4RtUEKMkcncCA5A4tT HePpDDBPUsLCiMuFnkoMwVb4K6sRRD6nNddRwfegZN2E/ch5dglP2c3Gs8sF8Ewd jR9S/PlroVzZEsA7lrXbG/Q9xHj4XyGgndklpq06HoGgDyKjfUsgu/scewlKl3FR SmDwOTp9OQObhJKh7u2B5+IcGy+fRcsu5tHGNZ4cJaM5NaeWQuX/ynUWUqpuVzkR vzcO2FMrnnR0z2lF4MPhwASrRTXUiFD31i90AOVaAxBRMA3+iRdW+ZThe/wZ5ev/ H8IXoninN5zAcdp0wnXZGScqJOHNE63Ard/Vy3vSN0TukBK0A7NpvuWRQ3R2n6Ek oAqr+8XGIBeNMfkj5Owsh1dKYPsBj9luzcJ65Nvtcb4l6OggCwGnRFelKgigxuEk RNiAmZk8mKNWcG95wxwTq63t27eVMkXSbt12rkt1WeSFl4FPfKRAhI3+nt3CkhvV ZCmjVuKuWL9eWZ5qlt2gWDs9O9wWubKKEKwcP090VzVVY5iqa+jjmF81944fLFqX RQwQ1HO9vO7uiT/lNI5y =83XF -----END PGP SIGNATURE----- From bjliusl at cn.ibm.com Tue Sep 8 11:31:58 2015 From: bjliusl at cn.ibm.com (Sheng Li WL Liu) Date: Tue, 8 Sep 2015 17:31:58 +0800 Subject: Fw: How to generate CSR from an existing GnuPG key? Message-ID: Hi, Sorry for misunderstanding the key-id in point a). I use "gpg --list-key --keyid-format 0xshort" to get a new key id and then run this command: "gpgsm -o secret-gpg-key.p12 --export-secret-key-p12 0xE2AE18C9", but got this error: "gpgsm: can't export key `0xE2AE18C9': No secret key" Still can not work. Best regards, Shengli (Syrena) Liu ??? IBM China Systems & Technology Labs (CSTL) E-mail: bjliusl at cn.ibm.com Tel: 86-10-82454096 ----- Forwarded by Sheng Li WL Liu/China/IBM on 09/08/2015 05:23 PM ----- From: Sheng Li WL Liu/China/IBM To: gnupg-users at gnupg.org Date: 09/08/2015 04:00 PM Subject: How to generate CSR from an existing GnuPG key? Hi, For some reason, I have to create CSR from an existing GnuPG key and then use an existing self-signed-certificate generated by openssl to sign it. I've done some research and find out there's seems to be two ways to do this work: a) export secret GPG key in PCSC12 format with gpgsm and the use "openssl pkcs12" to extract key and certificate, and then generate CSR with openssl and do the follow-up things. b) directly generate CSR with gpgsm and then do the following-up things. For a), when I using "gpgsm -o secret-gpg-key.p12 --export-secret-key-p12 0xXXXXXXXX", it turns out the key-id is not my gpg key's id, it's the ID of certificates (I use "gpgsm -K" to show them), so this way can not work. For b), when I using "gpgsm --gen-key" to create CSR, I choose "(2) Existing key", and then input a 40 hex digits as the keygrip and then it shows: No key with this keygrip I searched a lot but still make a way out of this. I use "gpg --gen-key" to generate the existing GnuPG key pair. I use "gpg --fingerprint" to get the keygrip. Could you help me with this problem? Thanks for reading and I'm looking forward to your kind reply. Best regards, Shengli (Syrena) Liu ??? -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Tue Sep 8 18:26:11 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 08 Sep 2015 18:26:11 +0200 Subject: Temporary lock files? In-Reply-To: <55CB8907.2040608@mythicflow.com> (aslam karachiwala's message of "Wed, 12 Aug 2015 13:57:27 -0400") References: <55CB8907.2040608@mythicflow.com> Message-ID: <87pp1sc1y4.fsf@vigenere.g10code.de> On Wed, 12 Aug 2015 19:57, aslam at mythicflow.com said: > My ~/.gnupg directory is getting filled with files named like > ".#lk0x7feb6a637540..26914". > > Shouldn't these get deleted automagically? It used to be common prectise to have a cron job deleting ".#" prefixed files after a few days. I don't know wether current distros install such a cron job. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Tue Sep 8 23:29:48 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 8 Sep 2015 17:29:48 -0400 Subject: gnupg-for-java Message-ID: <55EF534C.5010505@sixdemonbag.org> A while ago, the fellows at the Guardian Project released Java bindings for GnuPG. A project's come along where I could make use of them, and thought I'd give them a spin. I was quite surprised to discover that, as of this writing, they don't even build. The offender seems to be jUnit. The gnupg-for-java code uses a lot of imports like "junit.framework", and the current jUnit drops everything in the org.junit namespace. On top of that, old test methods like TestSuite from jUnit 3.8 have been deprecated in favor of Suite, from more modern jUnits. This doesn't appear to be hard work. The test suite is about 250 lines of code, most of it fairly clear. If you know Java and would like to contribute to GnuPG but don't quite know where, this would seem to be an excellent "bite-sized" project to take on. (If anyone's wondering why I'm not doing it: following my long-standing rule, I don't contribute code patches for either GnuPG or Enigmail. Although I'm not an employee of the U.S. government, I have a lot of friends and family who are. If I contributed code, some people would make a ruckus about how GnuPG was now 'tainted'. To prevent this, and to maintain the community's trust in GnuPG, I don't touch the code.) From dkg at fifthhorseman.net Tue Sep 8 20:19:26 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 08 Sep 2015 14:19:26 -0400 Subject: Temporary lock files? In-Reply-To: <87pp1sc1y4.fsf@vigenere.g10code.de> References: <55CB8907.2040608@mythicflow.com> <87pp1sc1y4.fsf@vigenere.g10code.de> Message-ID: <87a8swkc41.fsf@alice.fifthhorseman.net> On Tue 2015-09-08 12:26:11 -0400, Werner Koch wrote: > On Wed, 12 Aug 2015 19:57, aslam at mythicflow.com said: > >> My ~/.gnupg directory is getting filled with files named like >> ".#lk0x7feb6a637540..26914". >> >> Shouldn't these get deleted automagically? > > It used to be common prectise to have a cron job deleting ".#" prefixed > files after a few days. I don't know wether current distros install > such a cron job. I don't know of any such cronjob in debian. Would you expect this to be something system-wide, or run on a per-user basis? for lockfiles that are relevant only to the running system (as this would seem to be, since it has the hostname in it), the usual place these would go on a modern distro is $XDG_RUNTIME_DIR (typically /run/user/1000 for a user with numeric id 1000). These directories are ephemeral, involve no disk access for filesystem modifications, and are automatically cleaned up upon restart. Should we be changing the default location of the lockfiles on modern linux/unix distributions of GnuPG? For home directories accessed on multiple machines simultaneously (e.g. NFS-mounted homedirs), are the locks required to work across machines? --dkg From antony at blazrsoft.com Tue Sep 8 23:52:09 2015 From: antony at blazrsoft.com (Antony Prince) Date: Tue, 8 Sep 2015 17:52:09 -0400 Subject: gnupg-for-java In-Reply-To: <55EF534C.5010505@sixdemonbag.org> References: <55EF534C.5010505@sixdemonbag.org> Message-ID: <55EF5889.2090200@blazrsoft.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/08/2015 05:29 PM, Robert J. Hansen wrote: > The offender seems to be jUnit. The gnupg-for-java code uses a lot of > imports like "junit.framework", and the current jUnit drops everything > in the org.junit namespace. On top of that, old test methods like > TestSuite from jUnit 3.8 have been deprecated in favor of Suite, from > more modern jUnits. > > This doesn't appear to be hard work. The test suite is about 250 > lines of code, most of it fairly clear. If you know Java and would > like to contribute to GnuPG but don't quite know where, this would > seem to be an excellent "bite-sized" project to take on. > I'm familiar with Java, but unit testing has been an area that I haven't brushed up on. I'd be willing to take a look and see what I can learn/fix. Considering I'm not a professional, expectations here should be pretty low. ;-) - -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJV71iFAAoJEK89QIcwGxsZixEP/jNcnFlHYe3ILN7N+utD6Ag0 hlFfFVPV/wtdJgVjmKEGzRJMc1bhbjb+4lG/keZ7Z8N4CCdYHmBLSxdLhQNwncyR x+kS7q+TSxBeTOa3jn+AuKvACcsaFeAXsNLh3zNNsLQkfHGCswC3noGpl47/xwMy QTdKhICZwB38mKnBEhnHFd91RI1QDTF+eLYD6UKJIlNBEVfMrbEPbcoZ0oJMZs9s 9XjX4pvZwa3/i0umb7NpiaOzW0yNi+d9QhXjnPUh7L0V7aBkmapU2zAZod8hgr9W FK1WLvZ0f1OasLQwXp4IymQOMC7N19L1BpMUtCgZanSNiRTERV0F81XcTZ9Es8D4 DKSEaF4dBBcHeyNVfXi3too5mRAqJKV7rmYkcsBETlMXJn9rGJkcsnWp1w7J6UoD 7XsLKoptstp5bTuwBvuft9+4OCCAn9Y5Sk6x4Bjvpk51xKtGRgnaLb2mls9wmfXh 0+wGAu8DX6cmeb6/n9Il0ROGybvHBIJGn9JGdcptseR3tf6UxrzHqb7krPgrjFXj n8fKY2bXsw36dyZBrNMXHUuArX8GnkCbrcyNx6T2mz5EbuKLWZ5oLpkgtS5xzkmU 7uKD/yJSQOtgDHNnhQKlgX5j1bHtEZQbs2WTrioblYaDDis2uk17HfS6gPf93nvf 0DAX3su31fDUwwTsKbLS =QOk4 -----END PGP SIGNATURE----- From antony at blazrsoft.com Wed Sep 9 02:06:51 2015 From: antony at blazrsoft.com (Antony Prince) Date: Tue, 8 Sep 2015 20:06:51 -0400 Subject: gnupg-for-java In-Reply-To: <55EF5889.2090200@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> Message-ID: <55EF781B.6030006@blazrsoft.com> On 09/08/2015 05:52 PM, Antony Prince wrote: > On 09/08/2015 05:29 PM, Robert J. Hansen wrote: >> The offender seems to be jUnit. The gnupg-for-java code uses a lot of >> imports like "junit.framework", and the current jUnit drops everything >> in the org.junit namespace. On top of that, old test methods like >> TestSuite from jUnit 3.8 have been deprecated in favor of Suite, from >> more modern jUnits. > >> This doesn't appear to be hard work. The test suite is about 250 >> lines of code, most of it fairly clear. If you know Java and would >> like to contribute to GnuPG but don't quite know where, this would >> seem to be an excellent "bite-sized" project to take on. > > > I'm familiar with Java, but unit testing has been an area that I haven't > brushed up on. I'd be willing to take a look and see what I can > learn/fix. Considering I'm not a professional, expectations here should > be pretty low. ;-) > I managed to get the ant build to succeed using the latest revision from the guardianproject source[1] and junit-4.12. All I did was remove JUnit from the project, added junit-4.12 as a referenced library and placed the jar in the lib folder, added [code] [/code] to the javac section in build.xml. That said, the ant build completed successfully, but I did not run any tests. My modified fork can be found at this url[2]. [1] https://github.com/guardianproject/gnupg-for-java [2] https://github.com/HellUnit/gnupg-for-java -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Wed Sep 9 10:52:33 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 Sep 2015 10:52:33 +0200 Subject: [Announce] GPA 0.9.8 released Message-ID: <878u8gasa6.fsf@vigenere.g10code.de> Hello! We are pleased to announce GPA version 0.9.8. GPA is a graphical frontend for the GNU Privacy Guard (GnuPG). GPA can be used for most operations supported by GnuPG using either the OpenPGP or the S/MIME protocols. A smartcard manager and a generic user interface server are included as well. Noteworthy changes in version 0.9.8 (2015-09-09) ================================================ * Does start with the clipboard view after a key has been created. * Limit the size of dialogs by truncating too long user ids. * Make the window frame's close button work as expected. * With a decent version of libgpgme the key algorithm and size is shown using the GnuPG 2.1 format. Download ======== You can find the source code here: ftp://ftp.gnupg.org/gcrypt/gpa/gpa-0.9.8.tar.bz2 (720k) ftp://ftp.gnupg.org/gcrypt/gpa/gpa-0.9.8.tar.bz2.sig or here: https://gnupg.org/ftp/gcrypt/gpa/gpa-0.9.8.tar.bz2 (720k) https://gnupg.org/ftp/gcrypt/gpa/gpa-0.9.8.tar.bz2.sig and soon on all ftp.gnupg.org mirrors. A binary version for Windows will be part of the next Gpg4win release. The SHA1 checksum for this release is: d21650e3c9b07043d69e783717da4aae870e382c gpa-0.9.8.tar.bz2 Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . We also have a dedicated service directory at: . If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GPA is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users 'at' gnupg.org mailing list. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk at gnupg.org Wed Sep 9 11:38:08 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 Sep 2015 11:38:08 +0200 Subject: [Announce] GPA 0.9.9 released (fixing 0.9.8) Message-ID: <874mj4aq67.fsf@vigenere.g10code.de> Hello! We are pleased to announce GPA version 0.9.9. GPA is a graphical frontend for the GNU Privacy Guard (GnuPG). GPA can be used for most operations supported by GnuPG using either the OpenPGP or the S/MIME protocols. A smartcard manager and a generic user interface server are included as well. Noteworthy changes in version 0.9.9 (2015-09-09) ================================================ * This release fixes a build problem in 0.9.8. 0.9.8 will be removed from the server. * Does start with the clipboard view after a key has been created. * Limit the size of dialogs by truncating too long user ids. * Make the window frame's close button work as expected. * With a soon to be released version of libgpgme the key algorithm and size will shown using the GnuPG 2.1 format. Download ======== You can find the source code here: ftp://ftp.gnupg.org/gcrypt/gpa/gpa-0.9.9.tar.bz2 (721k) ftp://ftp.gnupg.org/gcrypt/gpa/gpa-0.9.9.tar.bz2.sig or here: https://gnupg.org/ftp/gcrypt/gpa/gpa-0.9.9.tar.bz2 (721k) https://gnupg.org/ftp/gcrypt/gpa/gpa-0.9.9.tar.bz2.sig and soon on all ftp.gnupg.org mirrors. A binary version for Windows will be part of the next Gpg4win release. The SHA1 checksum for this release is: 1cf86c9e38aa553fdb880c55cbc6755901ad21a4 gpa-0.9.9.tar.bz2 Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . We also have a dedicated service directory at: . If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GPA is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users 'at' gnupg.org mailing list. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From rjh at sixdemonbag.org Wed Sep 9 16:10:47 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 9 Sep 2015 10:10:47 -0400 Subject: gnupg-for-java In-Reply-To: <55EF781B.6030006@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> Message-ID: <55F03DE7.2080606@sixdemonbag.org> > I managed to get the ant build to succeed using the latest revision from > the guardianproject source[1] and junit-4.12. All I did was remove JUnit > from the project, added junit-4.12 as a referenced library and placed > the jar in the lib folder, added Excellent! Now send that off to hans at guardianproject.info (I *think* that's his address) as a diff, and you'll be well on your way to completing a contribution to a FOSS project. :) Other stuff that needs to be done: verify it works on Java 1.8, clean up the OS X build (which is really hackish), and consider distributing pre-built jarfiles containing the binaries and the source code, so that people don't have to rebuild from scratch on each platform they want to work on. I'm certainly not saying you need to do these things, Antony. I'm just saying that if other people are looking for bite-sized chunks, there are several of them waiting to be bitten. :) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1016 bytes Desc: OpenPGP digital signature URL: From antony at blazrsoft.com Wed Sep 9 19:39:29 2015 From: antony at blazrsoft.com (Antony Prince) Date: Wed, 9 Sep 2015 13:39:29 -0400 Subject: gnupg-for-java In-Reply-To: <55F03DE7.2080606@sixdemonbag.org> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> Message-ID: <55F06ED1.2030806@blazrsoft.com> On 09/09/2015 10:10 AM, Robert J. Hansen wrote: > Other stuff that needs to be done: verify it works on Java 1.8, clean up > the OS X build (which is really hackish), and consider distributing > pre-built jarfiles containing the binaries and the source code, so that > people don't have to rebuild from scratch on each platform they want to > work on. > > I'm certainly not saying you need to do these things, Antony. I'm just > saying that if other people are looking for bite-sized chunks, there are > several of them waiting to be bitten. :) > I think the initial issue was that ant was unable to locate the junit jar file which is why it was complaining about the classes not existing. I'd certainly be willing to try and use the updated classes/methods and replacing the deprecated ones. I built it on Java 7, but I have the Java 8 JDK as well and wouldn't have any problem with building/testing it on Java 8. I can't help with the OS X builds as I don't have a Mac and am pretty much clueless on how they operate. Now, for the binaries, I could probably build and distribute them. I'm not 100% certain on how the build process for this project actually goes, but *I think* it is platform/architecture dependent (it appears that the build creates the necessary libraries and links to them at compile time). The 64 bit Windows and Linux binaries wouldn't be a problem. I don't have any 32-bit systems set up currently, but it wouldn't be much of a task to set up 32-bit VM's for building them. I need to make the changes I made to the code more... universal. As it is now, the path to the junit jar file in the eclipse project setup has an absolute path in my home directory. I need to see if variables can be used to get the relative path instead. I also need to check the junit licensing to see if it is permitted to distribute the jar files with the source code of the project (which may be why guardianproject does not distribute them with theirs). A few things to check up on, but I'll certainly look into it and then if the changes look good, I'll get in touch with the guys from guardianproject and see about submitting a pull request if they feel the changes are a benefit to the project. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From the2nd at otpme.org Wed Sep 9 22:57:58 2015 From: the2nd at otpme.org (the2nd at otpme.org) Date: Wed, 09 Sep 2015 22:57:58 +0200 Subject: Smartcard power-down Message-ID: Hi, i found this thread (https://lists.gnupg.org/pipermail/gnupg-users/2014-September/050811.html) pointing out that a "gpgconf --reload scdaemon" should power-down a connected smartcard and thus lead to re-asking the PIN. I've tried this with a yubikey neo but does not work. I've also tried sending SIGHUP to scdaemon as well as gpg-agent but i never get re-asked for the PIN when doing a ssh login. After restarting gpg-agent i always get asked for the PIN so it seems to work in general. Is there anything i can check? regards the2nd From aslam at mythicflow.com Wed Sep 9 23:24:49 2015 From: aslam at mythicflow.com (aslam karachiwala) Date: Wed, 9 Sep 2015 17:24:49 -0400 Subject: Temporary lock files? In-Reply-To: <87pp1sc1y4.fsf@vigenere.g10code.de> References: <55CB8907.2040608@mythicflow.com> <87pp1sc1y4.fsf@vigenere.g10code.de> Message-ID: <55F0A3A1.1050201@mythicflow.com> On 09/08/2015 12:26 PM, Werner Koch wrote: > On Wed, 12 Aug 2015 19:57, aslam at mythicflow.com said: > >> My ~/.gnupg directory is getting filled with files named like >> ".#lk0x7feb6a637540..26914". >> >> Shouldn't these get deleted automagically? > It used to be common prectise to have a cron job deleting ".#" prefixed > files after a few days. I don't know wether current distros install > such a cron job. > > > Shalom-Salam, > > Werner > > Meant to post this earlier... The accumulation of the lock files apparently had to do with a misconfigured backup/sync. They stopped accumulating after I excluded them from the backup. That was the only time I ever saw the lock files, so this is likely not an issue. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: OpenPGP digital signature URL: From kostiantyn.chertov at gmail.com Wed Sep 9 22:17:39 2015 From: kostiantyn.chertov at gmail.com (Kostiantyn Chertov) Date: Wed, 9 Sep 2015 23:17:39 +0300 Subject: Scdaemon log Message-ID: Hello, I am trying to use my smart card with GnuPG 2.1.7 on Ubuntu. I hope it is p15 card but gpa 0.9.7 discard it. As far as I understood the Scdaemon log could help me to locate the problem. But I am a beginner in Linux and probably miss something. I tried to set: log-file /var/log/scd.log debug-level guru debug-all debug-ccid-driver in the ~/.gnupg/scdaemon.conf but the expected log file was not updated by the scdaemon. Please advise where could I find scdaemon log or what shall I do to activate it. BR, Kostiantyn -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Thu Sep 10 03:13:13 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 10 Sep 2015 10:13:13 +0900 Subject: Smartcard power-down In-Reply-To: References: Message-ID: <55F0D929.9080403@fsij.org> On 09/10/2015 05:57 AM, the2nd at otpme.org wrote: > pointing out that a "gpgconf --reload scdaemon" should power-down a > connected smartcard and thus lead to re-asking the PIN. I've tried > this with a yubikey neo but does not work. I've also tried sending > SIGHUP to scdaemon as well as gpg-agent but i never get re-asked for > the PIN when doing a ssh login. After restarting gpg-agent i always > get asked for the PIN so it seems to work in general. Is there > anything i can check? I'm sorry, now, "gpgconf --reload scdaemon" doesn't work in GnuPG 2.0, because of a bug. For a while, please do: $ gpg-connect-agent "SCD KILLSCD" "SCD BYE" /bye This stops scdaemon. I've just committed the fix to 2.0 branch. gpgconf: Fix scdaemon reload. * tools/gpgconf-comp.c (scdaemon_runtime_change): Add "scd bye". -- In GnuPG 2.0.x, it doesn't require newer libassuan which has ASSUAN_FORCE_CLOSE feature. We need to send "scd bye" to let the control finish from command loop. diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 2454f93..69d160e 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -1064,7 +1064,7 @@ scdaemon_runtime_change (void) { gpg_error_t err; const char *pgmname; - const char *argv[6]; + const char *argv[7]; pid_t pid; /* We use "GETINFO app_running" to see whether the agent is already @@ -1077,8 +1077,9 @@ scdaemon_runtime_change (void) argv[1] = "GETINFO scd_running"; argv[2] = "/if ${! $?}"; argv[3] = "scd killscd"; - argv[4] = "/end"; - argv[5] = NULL; + argv[4] = "scd bye"; + argv[5] = "/end"; + argv[6] = NULL; err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid); if (!err) -- From gniibe at fsij.org Thu Sep 10 04:01:08 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 10 Sep 2015 11:01:08 +0900 Subject: Scdaemon log In-Reply-To: References: Message-ID: <55F0E464.9070102@fsij.org> On 09/10/2015 05:17 AM, Kostiantyn Chertov wrote: > I am trying to use my smart card with GnuPG 2.1.7 on Ubuntu. I hope it is > p15 card but gpa 0.9.7 discard it. Please note that SCDaemon only supports OpenPGPcard and its compatibles for the operations of gpg frontend. We have app-p15.c for some PKCS#15 cards, and it would work with gpgsm frontend. > As far as I understood the Scdaemon log could help me to locate the > problem. But I am a beginner in Linux and probably miss something. > I tried to set: > > log-file /var/log/scd.log > debug-level guru > debug-all > debug-ccid-driver > > in the ~/.gnupg/scdaemon.conf but the expected log file was not updated by > the scdaemon. This is correct. I think that you also need to add a line of: disable-application openpgp nks in ~/.gnupg/scdaemon.conf when you try to use PKCS#15 cards. You can test if it works by following command: $ gpg-connect-agent "SCD SERIALNO p15" /bye -- From antony at blazrsoft.com Thu Sep 10 04:45:20 2015 From: antony at blazrsoft.com (Antony Prince) Date: Wed, 9 Sep 2015 22:45:20 -0400 Subject: gnupg-for-java In-Reply-To: <55F06ED1.2030806@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> Message-ID: <55F0EEC0.5080302@blazrsoft.com> On 09/09/2015 01:39 PM, Antony Prince wrote: > On 09/09/2015 10:10 AM, Robert J. Hansen wrote: >> Other stuff that needs to be done: verify it works on Java 1.8, clean up >> the OS X build (which is really hackish), and consider distributing >> pre-built jarfiles containing the binaries and the source code, so that >> people don't have to rebuild from scratch on each platform they want to >> work on. >> >> I'm certainly not saying you need to do these things, Antony. I'm just >> saying that if other people are looking for bite-sized chunks, there are >> several of them waiting to be bitten. :) >> > > I think the initial issue was that ant was unable to locate the junit > jar file which is why it was complaining about the classes not existing. > I'd certainly be willing to try and use the updated classes/methods and > replacing the deprecated ones. I built it on Java 7, but I have the Java > 8 JDK as well and wouldn't have any problem with building/testing it on > Java 8. I can't help with the OS X builds as I don't have a Mac and am > pretty much clueless on how they operate. Now, for the binaries, I could > probably build and distribute them. I'm not 100% certain on how the > build process for this project actually goes, but *I think* it is > platform/architecture dependent (it appears that the build creates the > necessary libraries and links to them at compile time). The 64 bit > Windows and Linux binaries wouldn't be a problem. I don't have any > 32-bit systems set up currently, but it wouldn't be much of a task to > set up 32-bit VM's for building them. I need to make the changes I made > to the code more... universal. As it is now, the path to the junit jar > file in the eclipse project setup has an absolute path in my home > directory. I need to see if variables can be used to get the relative > path instead. I also need to check the junit licensing to see if it is > permitted to distribute the jar files with the source code of the > project (which may be why guardianproject does not distribute them with > theirs). A few things to check up on, but I'll certainly look into it > and then if the changes look good, I'll get in touch with the guys from > guardianproject and see about submitting a pull request if they feel the > changes are a benefit to the project. > Alright. After playing around with it all day, there are a few things I needed to clarify. First, Windows builds would require a DLL that I don't have the coding knowledge to create, so that's scratched. Also, when I initially tried to build the project, I strictly used ant which failed until I downloaded JUnit and pointed ant to it. If you run it as a maven build with the original code from Guardian Project, it works since maven downloads the necessary dependencies and points ant to them since maven is actually controlling the ant build. My objective currently is to produce the binaries for Linux since the default maven build creates the *.jar and *.so files needed to make this process easier for those who prefer pre-compiled binaries without having to figure this all out. My only concern is whether the compiled binary and library file are architecture specific which will require more investigation on my part. I should be able to get it going on Travis CI with pretty much the exact source from Guardian Project other than the additional files required by Travis CI. Once all that is going good, I can turn my attention to possibly updating deprecated methods of JUnit that are used. --Antony -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Thu Sep 10 06:16:32 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 10 Sep 2015 06:16:32 +0200 Subject: Scdaemon log In-Reply-To: <55F0E464.9070102@fsij.org> (NIIBE Yutaka's message of "Thu, 10 Sep 2015 11:01:08 +0900") References: <55F0E464.9070102@fsij.org> Message-ID: <87k2ryaoyn.fsf@vigenere.g10code.de> On Thu, 10 Sep 2015 04:01, gniibe at fsij.org said: > This is correct. I think that you also need to add a line of: > > disable-application openpgp nks This should not be required unless the card also has an OpenPGP or NKS application which come first in the order of card applications scdaemon tries by default. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Thu Sep 10 11:44:52 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 10 Sep 2015 11:44:52 +0200 Subject: Scdaemon log In-Reply-To: References: Message-ID: <55F15114.90001@digitalbrains.com> On 09/09/15 22:17, Kostiantyn Chertov wrote: > log-file /var/log/scd.log The user you're running GnuPG as probably doesn't have permission to create files in /var/log. So this can only work when the file is already created with the correct permissions, and even then there might be a reason GnuPG needs more permissions on the directory. So I'd advise to create it in your home directory, something like: log-file /home/you/scd.log where 'you' is your username. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From guanx.bac at gmail.com Thu Sep 10 16:23:18 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Thu, 10 Sep 2015 16:23:18 +0200 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible Message-ID: Hello, I'm new to gpg. Just got a Cherry ST-2000U and OpenPGP card v2.1. I can generate 1024-bit keys with the "generate" command of gpg2. However, generation of 2048 or 4096-bit keys never succeed. The errors are: ... ... (snip) Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o scdaemon[10116]: generating new key scdaemon[10116]: 3 Admin PIN attempts remaining before card is permanently locked scdaemon[10116]: DBG: prompting for pinpad entry '|A|Please enter the Admin PIN' scdaemon[10116]: please wait while key is being generated ... scdaemon[10116]: ccid_transceive failed: (0x1000a) scdaemon[10116]: apdu_send_simple(0) failed: card I/O error scdaemon[10116]: generating key failed gpg: key generation failed: Card error Key generation failed: Card error Software versions: gpg (GnuPG) 2.0.29 libgcrypt 1.5.3 Any help/hint is appreciated. Thanks in advance! Guan From thomas.jarosch at intra2net.com Thu Sep 10 17:39:15 2015 From: thomas.jarosch at intra2net.com (Thomas Jarosch) Date: Thu, 10 Sep 2015 17:39:15 +0200 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: References: Message-ID: <1627190.TCAJ259n8l@storm> Hi Guan, On Thursday, 10. September 2015 16:23:18 Guan Xin wrote: > I'm new to gpg. Just got a Cherry ST-2000U and OpenPGP card v2.1. > I can generate 1024-bit keys with the "generate" command of gpg2. > However, generation of 2048 or 4096-bit keys never succeed. > ... > Software versions: > gpg (GnuPG) 2.0.29 > libgcrypt 1.5.3 what worked for me was using gnupg 2.1.6 together with the Cherry ST-2000 + opengpg card v2.1. Can you try to upgrade? Thomas From wk at gnupg.org Thu Sep 10 21:26:05 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 10 Sep 2015 21:26:05 +0200 Subject: [Announce] GnuPG 2.1.8 released Message-ID: <87wpvy84aa.fsf@vigenere.g10code.de> Hello! The GnuPG Project is pleased to announce the availability of a new release of GnuPG modern: Version 2.1.8. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard which is commonly abbreviated as PGP. GnuPG allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different branches of GnuPG are actively maintained: - GnuPG "modern" (2.1) is the latest development with a lot of new features. This announcement is about this branch. - GnuPG "stable" (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG "classic" (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install "modern" (2.1) and "stable" (2.0) at the same time. However, it is possible to install "classic" (1.4) along with any of the other versions. Noteworthy changes in version 2.1.8 =================================== * gpg: Sending very large keys to the keyservers works again. * gpg: Validity strings in key listings are now again translatable. * gpg: Emit FAILURE status lines to help GPGME. * gpg: Does not anymore link to Libksba to reduce dependencies. * gpgsm: Export of secret keys via Assuan is now possible. * agent: Raise the maximum passphrase length from 100 to 255 bytes. * agent: Fix regression using EdDSA keys with ssh. * Does not anymore use a build timestamp by default. * The fallback encoding for broken locale settings changed from Latin-1 to UTF-8. * Many code cleanups and improved internal documentation. * Various minor bug fixes. A detailed description of the changes found in the 2.1 branch can be found at . Please be aware that there are still known bugs which we are working on. Check https://bugs.gnupg.org, https://wiki.gnupg.org, and the mailing list archives for known problems and workarounds. Getting the Software ==================== Please follow the instructions found at https://gnupg.org/download/ or read on: GnuPG 2.1.8 may be downloaded from one of the GnuPG mirror sites or direct from its primary FTP server. The list of mirrors can be found at . Note that GnuPG is not available at ftp.gnu.org. The GnuPG source code compressed using BZIP2 and its OpenPGP signature are available here: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.8.tar.bz2 (4786k) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.8.tar.bz2.sig or here: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.8.tar.bz2 (4786k) https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.1.8.tar.bz2.sig An installer for Windows without any graphical frontend except for a basic Pinentry tool is available here: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.8_20150910.exe (2579k) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.8_20150910.exe.sig or here https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.1.8_20150910.exe (2579k) https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.1.8_20150910.exe.sig Note that on Windows TLS access to keyservers is not yet available. The sources used to build the installer can be found in the same directory with a ".tar.xz" suffix. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.1.8.tar.bz2 you would use this command: gpg --verify gnupg-2.1.8.tar.bz2.sig gnupg-2.1.8.tar.bz2 This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one or more of the release signing keys. Make sure that this is a valid key, either by matching the shown fingerprint against a trustworthy list of valid release signing keys or by checking that the key has been signed by trustworthy other keys. See below for information on the signing keys. * If you are not able to use an existing version of GnuPG, you have to verify the SHA-1 checksum. On Unix systems the command to do this is either "sha1sum" or "shasum". Assuming you downloaded the file gnupg-2.1.8.tar.bz2, you run the command like this: sha1sum gnupg-2.1.8.tar.bz2 and check that the output matches the next line: 61f5bc656dd7fddd4ab67b720d47ef0651bfb727 gnupg-2.1.8.tar.bz2 fb70068a7e77f28946c24ac29a508fb5f419ffeb gnupg-w32-2.1.8_20150910.exe 504ec0f678a7a5eea144aed5a2d1691ce83e62ab gnupg-w32-2.1.8_20150910.tar.xz Release Signing Keys ==================== To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 Werner Koch (dist sig) rsa2048/E0856959 2014-10-29 [expires: 2019-12-31] Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959 David Shaw (GnuPG Release Signing Key) rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28] Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06 NIIBE Yutaka (GnuPG Release Key) rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31] Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9 Werner Koch (Release Signing Key) You may retrieve these keys from a keyserver using this command gpg --keyserver hkp://keys.gnupg.net --recv-keys \ 249B39D24F25E3B6 04376F3EE0856959 \ 2071B08A33BD3F06 8A861B1C7EFD60D9 The keys are also available at https://gnupg.org/signature_key.html and in any recently released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed using by a different key. Internationalization ==================== This version of GnuPG has support for 26 languages with Chinese, Czech, French, German, Japanese, Russian, and Ukrainian being almost completely translated (2074 different strings). Documentation ============= If you used GnuPG in the past you should read the description of changes and new features at doc/whats-new-in-2.1.txt or online at https://gnupg.org/faq/whats-new-in-2.1.html The file gnupg.info has the complete user manual of the system. Separate man pages are included as well but they have not all the details available as are the manual. It is also possible to read the complete manual online in HTML format at https://gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at https://gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. You may also want to follow postings at https://gnupg.org/blob/. Support ======== Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . For commercial support requests we keep a list of known service companies at: https://gnupg.org/service.html If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Maintenance and development of GnuPG is possible due to many individual and corporate donations; for a list of non-anonymous donors see . For the GnuPG hackers, Werner p.s. This is an announcement only mailing list. Please send replies only to the gnupg-users'at'gnupg.org mailing list. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From coward at anon.im Thu Sep 10 17:07:52 2015 From: coward at anon.im (coward at anon.im) Date: Fri, 11 Sep 2015 01:07:52 +1000 Subject: plaintext non-ssl distribution - who things this is a good idea? Message-ID: <94933067.20150911010752@CryptoPhoto.com> Who else thinks someone should spring for the $10 it would take to buy and install an SSL certificate for the principal distribution point of gpg and it's signatures on the worlds most popular platform? http://gpg4win.org/download.html http://files.gpg4win.org/gpg4win-2.2.6.exe http://files.gpg4win.org/gpg4win-2.2.6.exe.sig -------------- next part -------------- An HTML attachment was scrubbed... URL: From antony at blazrsoft.com Thu Sep 10 23:17:05 2015 From: antony at blazrsoft.com (Antony Prince) Date: Thu, 10 Sep 2015 17:17:05 -0400 Subject: gnupg-for-java In-Reply-To: <55F0EEC0.5080302@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> Message-ID: <55F1F351.9050701@blazrsoft.com> On 09/09/2015 10:45 PM, Antony Prince wrote: > since maven is actually controlling the ant build. My objective > currently is to produce the binaries for Linux since the default maven > build creates the *.jar and *.so files needed to make this process > easier for those who prefer pre-compiled binaries without having to > figure this all out. My only concern is whether the compiled binary and > library file are architecture specific which will require more > investigation on my part. I should be able to get it going on Travis CI > with pretty much the exact source from Guardian Project other than the > additional files required by Travis CI. Once all that is going good, I > can turn my attention to possibly updating deprecated methods of JUnit > that are used. > I've finally configured the Travis CI builds[1] and got them to upload to my FTP server[2]. The hosted files are compiled by Java 7, but also compiled with Java 8 first by Travis to make sure they build on both. The MD5 and SHA1 sums are echoed into the terminal during the Travis builds so users can verify that the files on the FTP server are actually the ones built by Travis and are also included in separate files on the FTP server for verification. The code used is verbatim from Guardian Project[3] with the additional files I added[4] and messed around with to get it to build on Travis and upload to my server. I still have not tested to see if they are architecture specific. The only other issue I could think of would be version differences since I'm assuming that the *.so file created links to gpgme on the current system (The build failed without gpgme installed). I'm not 100% sure how to test the functionality of the binary and library, so if anyone wants to give it a go, I'd be glad to hear the results. The ftp server[2] allows for anonymous download. [1]https://travis-ci.org/HellUnit/gnupg-for-java/ [2]ftp://blazrsoft.com/ [3]https://github.com/guardianproject/gnupg-for-java [4]https://github.com/HellUnit/gnupg-for-java -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From jerry at seibercom.net Thu Sep 10 22:51:15 2015 From: jerry at seibercom.net (Jerry) Date: Thu, 10 Sep 2015 16:51:15 -0400 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <94933067.20150911010752@CryptoPhoto.com> References: <94933067.20150911010752@CryptoPhoto.com> Message-ID: <20150910165115.5d5b2d52@seibercom.net> On Fri, 11 Sep 2015 01:07:52 +1000, coward at anon.im stated: > Who else thinks someone should spring for the $10 it would take to buy and > install an SSL certificate for the principal distribution point of gpg and > it's signatures on the worlds most popular platform? > > http://gpg4win.org/download.html > http://files.gpg4win.org/gpg4win-2.2.6.exe > http://files.gpg4win.org/gpg4win-2.2.6.exe.sig I'll chip in. -- Jerry From rjh at sixdemonbag.org Fri Sep 11 00:05:35 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 10 Sep 2015 18:05:35 -0400 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <94933067.20150911010752@CryptoPhoto.com> References: <94933067.20150911010752@CryptoPhoto.com> Message-ID: <55F1FEAF.6060205@sixdemonbag.org> > Who else thinks someone should spring for the $10 it would take to > buy and install an SSL certificate for the principal distribution > point of gpg and it's signatures on the worlds most popular > platform? There are many better ways for Werner to spend his time and money. (Getting an Authenticode certificate, for instance.) From dkg at fifthhorseman.net Fri Sep 11 00:15:51 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 10 Sep 2015 18:15:51 -0400 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <55F1FEAF.6060205@sixdemonbag.org> References: <94933067.20150911010752@CryptoPhoto.com> <55F1FEAF.6060205@sixdemonbag.org> Message-ID: <87r3m5gbu0.fsf@alice.fifthhorseman.net> On Thu 2015-09-10 18:05:35 -0400, Robert J. Hansen wrote: >> Who else thinks someone should spring for the $10 it would take to >> buy and install an SSL certificate for the principal distribution >> point of gpg and it's signatures on the worlds most popular >> platform? > > There are many better ways for Werner to spend his time and money. > > (Getting an Authenticode certificate, for instance.) This is not an either/or scenario, please don't pit the one project against another. Both can be addressed by dealing with the CA cartel. It's frustrating to do this, because we all know that the CA cartel is not particularly trustworthy as a whole. But this is a "trusted introducer" problem, and the cartel is the only set of trusted introducers available to people who don't already have GnuPG. There is already discussion about getting HTTPS set up for gpg4win.org. Bernhard Reiter (cc'ed here) knows about it, and other offers of help have already been made over on gpg4win-users-en at wald.intevation.org, which is a better place to discuss gpg4win-specific issues. It's more an issue of getting an admin to spend a couple hours coaxing the website into compliance and dealing with the fallout from the SNI issues. Bernhard, is there anything else the rest of us can do to get this ball rolling? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From rpr.nospam at gmail.com Thu Sep 10 23:55:42 2015 From: rpr.nospam at gmail.com (rpr nospam) Date: Thu, 10 Sep 2015 23:55:42 +0200 Subject: PGP Global Directory does not send verification email In-Reply-To: <55D86323.3080802@sixdemonbag.org> References: <55D848D3.2090401@gmail.com> <55D86323.3080802@sixdemonbag.org> Message-ID: On 22 August 2015 at 13:55 Robert J. Hansen wrote: : : It's long-standing list policy that we avoid talking about non-libre : software, except in the sense of interoperability concerns. If you have : concerns with how the PGP Global Keyserver is working, I'd suggest : bringing that up to Symantec's technical support, or a mailing list like : PGP-Basics which explicitly supports PGP and their products. The issue with PGP Global Directory (https://keyserver.pgp.com) has been solved and PGP keys can be again published on that key server (which is interoperable with GnuPG software). See more at http://www.symantec.com/connect/forums/pgp-global-directory-does-not-send-verification-email -- rpr. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lopaki at gmail.com Fri Sep 11 00:33:50 2015 From: lopaki at gmail.com (Scott Lambdin) Date: Thu, 10 Sep 2015 18:33:50 -0400 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <55F1FEAF.6060205@sixdemonbag.org> References: <94933067.20150911010752@CryptoPhoto.com> <55F1FEAF.6060205@sixdemonbag.org> Message-ID: und bier On Thu, Sep 10, 2015 at 6:05 PM, Robert J. Hansen wrote: > > Who else thinks someone should spring for the $10 it would take to > > buy and install an SSL certificate for the principal distribution > > point of gpg and it's signatures on the worlds most popular > > platform? > > There are many better ways for Werner to spend his time and money. > > (Getting an Authenticode certificate, for instance.) > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Eat like you give a damn. Go vegan. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Fri Sep 11 03:11:54 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 11 Sep 2015 10:11:54 +0900 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: References: Message-ID: <55F22A5A.3030600@fsij.org> Hello, On 09/10/2015 11:23 PM, Guan Xin wrote: > I'm new to gpg. Just got a Cherry ST-2000U and OpenPGP card v2.1. > I can generate 1024-bit keys with the "generate" command of gpg2. > However, generation of 2048 or 4096-bit keys never succeed. The errors are: [...] > scdaemon[10116]: please wait while key is being generated ... > scdaemon[10116]: ccid_transceive failed: (0x1000a) > scdaemon[10116]: apdu_send_simple(0) failed: card I/O error > scdaemon[10116]: generating key failed > gpg: key generation failed: Card error > Key generation failed: Card error > > Software versions: > gpg (GnuPG) 2.0.29 > libgcrypt 1.5.3 > > Any help/hint is appreciated. Thanks in advance! I think that you are using some Unix Operating System. Could you try to use PC/SC service, by installing pcscd (and libccid)? If it works, I think that it's the issue of timeout management of internal CCID of GnuPG. I'm afraid there is some firmware issue of the card reader. Or, it's because of bad interaction between scdaemon and the card reader. While most commands and their responses are finished in a second or so, key generation takes much time (like several minutes, if key size is larger). There is a protocol defined in CCID (host <-> reader) and card<->reader to extend the time out. The interaction is like following. Usually, it's just like: Host Reader Card command -> command-> [some processing done by card] <-response <-response If it takes much time, it goes like: Host Reader Card command -> command-> [some processing done by card] <-"please wait" <-"please wait" [...] <-"please wait" <-"please wait" <-response <-response Host or Reader should not give up while it sees "please wait" message. Here, there is a possibility that Host or Reader gives up earlier than the receival of "please wait" message. If it's Host side, we can change the timeout value of internal CCID of GnuPG. Your testing with pcscd will be much appreciated. Thanks in advance. -- From wk at gnupg.org Fri Sep 11 09:20:09 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 Sep 2015 09:20:09 +0200 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <55F1FEAF.6060205@sixdemonbag.org> (Robert J. Hansen's message of "Thu, 10 Sep 2015 18:05:35 -0400") References: <94933067.20150911010752@CryptoPhoto.com> <55F1FEAF.6060205@sixdemonbag.org> Message-ID: <87r3m58lsm.fsf@vigenere.g10code.de> On Fri, 11 Sep 2015 00:05, rjh at sixdemonbag.org said: > (Getting an Authenticode certificate, for instance.) Yeah, when testing the installer I always see that annoying "unknown issuer" warning. Thus it is probably a good idea to silence this warning by signing the installer. I need to see how to integrate this into my workflow. I also need to decide whether to use my smartcard based release signing key but that unfortunately means that a broken smartcard will be quite expense. Given that it is cheap to get a faked code signing key, it might be okay to use a standard on disk key. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From perillamint at gentoo.moe Fri Sep 11 03:41:44 2015 From: perillamint at gentoo.moe (perillamint) Date: Fri, 11 Sep 2015 10:41:44 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. Message-ID: <55F23158.9060106@gentoo.moe> Hi all, I'm currently using GnuPg 2.1.7 and GnuK with FST-01. It workd some ago, but suddenly, When I trying to decrypt content using key on card, it says: gpg: public key decryption failed: Invalid ID gpg: decryption failed: No secret key and refuese to decrypt. However, when I encrypt and decrypt using my other keypair which is not on smartcard, It successfully decrypts content successfully. Additionally, My smartcard does authentication and signing feature despite decryption feature is not working. Does anyone have any idea why my decryption feature is broken? Best regards, perillamint. From bernhard at intevation.de Fri Sep 11 09:21:02 2015 From: bernhard at intevation.de (Bernhard Reiter) Date: Fri, 11 Sep 2015 09:21:02 +0200 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <87r3m5gbu0.fsf@alice.fifthhorseman.net> References: <94933067.20150911010752@CryptoPhoto.com> <55F1FEAF.6060205@sixdemonbag.org> <87r3m5gbu0.fsf@alice.fifthhorseman.net> Message-ID: <201509110921.07304.bernhard@intevation.de> Hi all, On Friday 11 September 2015 at 00:15:51, Daniel Kahn Gillmor wrote: > On Thu 2015-09-10 18:05:35 -0400, Robert J. Hansen wrote: > >> Who else thinks someone should spring for the $10 it would take to > >> buy and install an SSL certificate for the principal distribution > >> point of gpg and it's signatures on the worlds most popular > >> platform? > > > > There are many better ways for Werner to spend his time and money. > > > > (Getting an Authenticode certificate, for instance.) like Daniel wrote: It takes more than 10? to do this. Gpg4win already signs the installer with an authenticode certificate (which costs a few hundered ?s). For services like wald or wiki.gnupg.de, experts have a trustpath via ca.intevation.de. However we believe it is useful to secure some services with TLS. > But this is a "trusted introducer" problem, and > the cartel is the only set of trusted introducers available to people > who don't already have GnuPG. > > There is already discussion about getting HTTPS set up for gpg4win.org. > Bernhard Reiter (cc'ed here) knows about it, and other offers of help > have already been made over on gpg4win-users-en at wald.intevation.org, > which is a better place to discuss gpg4win-specific issues. > > It's more an issue of getting an admin to spend a couple hours coaxing > the website into compliance and dealing with the fallout from the SNI > issues. Yes. Background is that Gpg4win traditionally shares some services with some other Free Software initatives, so in comparision to a fresh setup we need to detangle and migrate some services. This needs some time and planning from those that run the services. (And for some years now Gpg4win does not have the same level of funding that GnuPG has recently aquired. So there are some old structure to modernise.) > Bernhard, is there anything else the rest of us can do to get this ball > rolling? Thomas (in cc) is one of our system administrators, he will steer the process from our side and respond to your question (on gpg4win-users-en at wald.intevation.org I guess, but this is up to him. :) ). Best, Bernhard -- www.intevation.de/~bernhard (CEO) www.fsfe.org (Founding GA Member) Intevation GmbH, Osnabr?ck, Germany; Amtsgericht Osnabr?ck, HRB 18998 Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Fri Sep 11 11:23:27 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 Sep 2015 11:23:27 +0200 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <94933067.20150911010752@CryptoPhoto.com> (coward@anon.im's message of "Fri, 11 Sep 2015 01:07:52 +1000") References: <94933067.20150911010752@CryptoPhoto.com> Message-ID: <87egi58g34.fsf@vigenere.g10code.de> Hi, The OP is continuing to "spam" the bug tracker . For the record: OP: [Claims of linking FTP mirrors which are not secure and to the known problem of the non-https gpg4win site.] me: This has nothing to do with gnupg.org. And if you have followed the discussions you will have noticed that I requested to add TLS support for gpg4win. Please keep this bug closed and TAKE THIS TO A MAILING LIST - if you want audience for this problem address it in the public and not on this bug tracker! I can't do anything for you here. OP: Stop closing this bug. I did take this to the list. You or whoever runs/moderates it is blocking my post. DO NOT CLOSE THIS until such time as windows users are prevented from getting your security solution over totally insecure channels. This is not a game you know - it's an almost absolute certainty that your careless security attitude will GET PEOPLE KILLED. Let the person who fixes the insecure distribution problem be the one who closes this bug. It is not appropriate that your ego needs to win some puerile argument at the expense of other peoples safety and lives. me: Nope, I have see your post. I asked you several times to not continue here. Again: PLEASE STOP THAT NOW and keep this bug closed. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Sep 11 11:28:29 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 Sep 2015 11:28:29 +0200 Subject: plaintext non-ssl distribution - who things this is a good idea? In-Reply-To: <55F1FEAF.6060205@sixdemonbag.org> (Robert J. Hansen's message of "Thu, 10 Sep 2015 18:05:35 -0400") References: <94933067.20150911010752@CryptoPhoto.com> <55F1FEAF.6060205@sixdemonbag.org> Message-ID: <87a8st8fuq.fsf@vigenere.g10code.de> On Fri, 11 Sep 2015 00:05, rjh at sixdemonbag.org said: > (Getting an Authenticode certificate, for instance.) FWIW, the Gpg4win installer is code signed. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Sep 11 11:36:53 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 Sep 2015 11:36:53 +0200 Subject: Temporary lock files? In-Reply-To: <87a8swkc41.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Tue, 08 Sep 2015 14:19:26 -0400") References: <55CB8907.2040608@mythicflow.com> <87pp1sc1y4.fsf@vigenere.g10code.de> <87a8swkc41.fsf@alice.fifthhorseman.net> Message-ID: <874mj18fgq.fsf@vigenere.g10code.de> On Tue, 8 Sep 2015 20:19, dkg at fifthhorseman.net said: > I don't know of any such cronjob in debian. Would you expect this to be > something system-wide, or run on a per-user basis? This used to be a system wide policy on old Unix installations. This is the reasons why you create tempfiles with a ".#" prefix. I do not use it because stale temp files may indicate a software problem. > would seem to be, since it has the hostname in it), the usual place > these would go on a modern distro is $XDG_RUNTIME_DIR (typically > /run/user/1000 for a user with numeric id 1000). These directories are GnuPG uses dot locking so that copy/link/rename is secured. A separate local lock directory can't be used due to remotely mounted and shared directories. > For home directories accessed on multiple machines simultaneously > (e.g. NFS-mounted homedirs), are the locks required to work across > machines? Yes. These are file locks and not process lock files. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Sep 11 11:41:15 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 Sep 2015 11:41:15 +0200 Subject: Temporary lock files? In-Reply-To: <55F0A3A1.1050201@mythicflow.com> (aslam karachiwala's message of "Wed, 9 Sep 2015 17:24:49 -0400") References: <55CB8907.2040608@mythicflow.com> <87pp1sc1y4.fsf@vigenere.g10code.de> <55F0A3A1.1050201@mythicflow.com> Message-ID: <87zj0t70p0.fsf@vigenere.g10code.de> On Wed, 9 Sep 2015 23:24, aslam at mythicflow.com said: > That was the only time I ever saw the lock files, so this is likely not > an issue. FWIW, the .#* files are not the lock files but temporary files used to create the lock files. In case you terminate a process while it is waiting for the lock, an atexit handler remove those temporary files. Obviously a crash won't remove them. The lock files themselves have a ".lock" suffix. See gnupg/common/dotlock.c for details. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gniibe at fsij.org Fri Sep 11 11:50:22 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 11 Sep 2015 18:50:22 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F23158.9060106@gentoo.moe> References: <55F23158.9060106@gentoo.moe> Message-ID: <55F2A3DE.7070203@fsij.org> On 09/11/2015 10:41 AM, perillamint wrote: > gpg: public key decryption failed: Invalid ID > gpg: decryption failed: No secret key Could you please try 'gpg --card-status' and see 'General key info'? In my case, it's like: ================== General key info..: pub rsa2048/4CA7BABE 2010-10-15 NIIBE Yutaka sec> rsa2048/4CA7BABE created: 2010-10-15 expires: never card-no: F517 00000001 ssb> rsa2048/084239CF created: 2010-10-15 expires: never card-no: F517 00000001 ssb> rsa2048/5BB065DC created: 2010-10-22 expires: never card-no: F517 00000001 ================== It shows the connection between stub on host PC and key on the card. I guess that there is some problem in your situation, and you can see what's going on by the --card-status. -- From guanx.bac at gmail.com Fri Sep 11 13:14:54 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Fri, 11 Sep 2015 13:14:54 +0200 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: <55F22A5A.3030600@fsij.org> References: <55F22A5A.3030600@fsij.org> Message-ID: On Fri, Sep 11, 2015 at 3:11 AM, NIIBE Yutaka wrote: > > I think that you are using some Unix Operating System. Could you try > to use PC/SC service, by installing pcscd (and libccid)? If it works, > I think that it's the issue of timeout management of internal CCID of > GnuPG. > Hello NIIBE, I tried the combination of pcsc-lite-1.8.14 ccid-1.4.20 gnupg-2.0.29 (configured with --disable-ccid-driver) Both 2048 and 4096-bit keys can be generated without error. Also tried gnupg-2.0.29 using its internal ccid-driver with debug output enabled in "$HOME/.gnupg/scdaemon.conf". There was indeed a timeout. Thomas, Thank you for your information! It's good to know that gnupg 2.1.6 works, though I have have no time to setup a test system for modern gnupg (2.1.x) at present. Thank you all, and Regards, Guan From steve at openmailbox.org Fri Sep 11 13:20:47 2015 From: steve at openmailbox.org (steve) Date: Fri, 11 Sep 2015 13:20:47 +0200 Subject: Please remove MacGPG from gnupg.org due to serious security concerns In-Reply-To: <0F53D2EE-B575-4C60-8C9B-969C39F93AAC@webkeks.org> References: <68F2AA9B-B192-4727-9AA3-2BC33CBE5434@mykolab.com> <87sie3i7kb.fsf@vigenere.g10code.de> <873861d8eq.fsf@vigenere.g10code.de> <483FE4A0-C58E-44AB-AD78-EA5E1A80C8D1@gpgtools.org> <2786DC31-AEAC-4406-9143-94F32C74A644@webkeks.org> <0F53D2EE-B575-4C60-8C9B-969C39F93AAC@webkeks.org> Message-ID: <2DD787C2-38C9-436C-8386-5EA5B75A86C8@openmailbox.org> Dear all, any bug reports should be filed on our support platform at https://gpgtools.tenderapp.com . For highly sensitive inquiries you can always get in touch at team at gpgtools.org - our public key is on our homepage, bottom left, and has fingerprint 85E3 8F69 046B 44C1 EC9F B07B 76D7 8F05 00D0 26C4. The source in question is on GitHub at https://github.com/GPGTools/localizeXIB and the binary is no longer required to compile pinentry-mac. Kind regards, steve (GPGTools) > Am 23.08.2015 um 14:28 schrieb Jonathan Schleifer : > > Sorry for reviving this old thread. But since you guys still don't accept bug reports (why?!)? > > I'm not sure whether this is better or worse than the old situation, but now you include an unsigned binary in your tree that is executed as part of the build process. Nowhere can be found what this binary does or from which sources it has been built. This is at least as bad as executing remove code. Can you please explain why you do this, or why you thought this would be a good idea after that long discussion on how important security is for a security product? > > -- > Jonathan > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 831 bytes Desc: Message signed with OpenPGP using GPGMail URL: From rjh at sixdemonbag.org Fri Sep 11 16:19:15 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 11 Sep 2015 10:19:15 -0400 Subject: Please remove MacGPG from gnupg.org due to serious security concerns In-Reply-To: <2DD787C2-38C9-436C-8386-5EA5B75A86C8@openmailbox.org> References: <68F2AA9B-B192-4727-9AA3-2BC33CBE5434@mykolab.com> <87sie3i7kb.fsf@vigenere.g10code.de> <873861d8eq.fsf@vigenere.g10code.de> <483FE4A0-C58E-44AB-AD78-EA5E1A80C8D1@gpgtools.org> <2786DC31-AEAC-4406-9143-94F32C74A644@webkeks.org> <0F53D2EE-B575-4C60-8C9B-969C39F93AAC@webkeks.org> <2DD787C2-38C9-436C-8386-5EA5B75A86C8@openmailbox.org> Message-ID: <55F2E2E3.4000508@sixdemonbag.org> > The source in question is on GitHub > at https://github.com/GPGTools/localizeXIB and the binary is no longer > required to compile pinentry-mac. Given we've already had this conversation (about the inappropriateness of binary blobs in what should be FOSS software) once, I feel the need to say that the more times this happens the less trust people will have in GnuPG and the GnuPG ecosystem. It's *really* *important* that the major tools surrounding GnuPG be FOSS, and can be built entirely without depending on closed-source blobs. From malte at wk3.org Fri Sep 11 15:25:09 2015 From: malte at wk3.org (Malte) Date: Fri, 11 Sep 2015 15:25:09 +0200 Subject: [HowTo] use gpg2.1 with an onion service Message-ID: <1994516.pkSrK0DZzL@localhost> Hi, With the upgrade to GnuPG 2.1 my GPG+Tor setup broke. This was due to the fact that GnuPG now relies on dirmngr to handle all its networking. Which is good, because it separates different parts of functionality, but it also cost me some time to figure out. In the end, it?s very easy: 1. You create a 2 line script, which calls dirmngr with torify: user at computer:~$ cat /home/user/bin/tordirmngr.sh #! /bin/sh torify dirmngr --daemon --homedir /home/user/.gnupg 2. You write the keyserver, which preferably is an Onion Service, because as such you can be sure that you connect to it via Tor, with the just created script into your ~/.gnupg/gpg.conf: dirmngr-program /home/user/bin/tordirmngr.sh keyserver hkp://euggdcsexz2dqbwb.onion keyserver-options no-honor-keyserver-url 2.b. For good measure I would also add: use-agent keyid-format 0xlong with-fingerprint After you?re done, run "killall dirmngr" once, so that already existing, not torified, dirmngr processes are not used accidentally. Please be aware that, while this adds a lot of anonymity and confidentiality to you GPG usage, if you were to refresh your whole keyring at once, the operator of the keyserver might very well figure out who you are. And please be further aware that most Linux distribution still ship GnuPG 1 and 2 in parallel, so make sure you invoke it with gpg2 (e.g. gpg2 --search glutenfree at vemail.nerd). Feedback welcome (here or under the original post on Diaspora: https://pod.geraspora.de/posts/4027114) Sincerely, Malte From antony at blazrsoft.com Fri Sep 11 20:08:03 2015 From: antony at blazrsoft.com (Antony Prince) Date: Fri, 11 Sep 2015 14:08:03 -0400 Subject: gnupg-for-java In-Reply-To: <55F1F351.9050701@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> <55F1F351.9050701@blazrsoft.com> Message-ID: <55F31883.6090904@blazrsoft.com> On 09/10/2015 05:17 PM, Antony Prince wrote: > without gpgme installed). I'm not 100% sure how to test the > functionality of the binary and library, so if anyone wants to give it a > go, I'd be glad to hear the results. The ftp server[2] allows for > anonymous download. > [2]ftp://blazrsoft.com/ > As an update on this, I've written a very short program to invoke the test functions of the library. This is more of a learning exercise for me, but I figured I'd let anyone interested know that I was still pursuing it. It doesn't work 100% yet and I'm working towards figuring it out, but at the very least, I've got the suite() method in com.freiheit.gnupg.tests.GnuPGTestSuite to start attempting its key creation tests. The results are: suite() genKey: " Key-Type: DSA Key-Length: 1024 Subkey-Type: ELG-E Subkey-Length: 1024 Name-Real: alpha Name-Comment: just a test Name-Email: alpha at alpha.org Expire-Date: 0 Passphrase: alpha " Exception in thread "main" com.freiheit.gnupg.GnuPGException: 117440513: General error at com.freiheit.gnupg.GnuPGContext.gpgmeOpGenKey(Native Method) at com.freiheit.gnupg.GnuPGContext.genKey(GnuPGContext.java:748) at com.freiheit.gnupg.tests.GnuPGTestSuite.suite(GnuPGTestSuite.java:66) at com.blazrsoft.gnupg4javatester.MainClass.main(MainClass.java:8) It is failing at the call to genKey(). I'll figure it out eventually I'm sure. This is using the .jar and .so files created by the Travis CI builds that I mentioned earlier. I'll likely perform tests with natively built files to see if the issue lies there, etc. If I can maintain the motivation, I may eventually work on my own Java front-end for the library, just to see if I can do it. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From m at mbg.pt Sat Sep 12 01:19:07 2015 From: m at mbg.pt (=?UTF-8?Q?Miguel_Barbosa_Gon=C3=A7alves?=) Date: Sat, 12 Sep 2015 00:19:07 +0100 Subject: OpenPGP smartcard reader Message-ID: Hi! I recently contributed to the FSFE and received an OpenPGP smartcard. I ordered an Omnikey 3121 USB card reader. I am facing some problems when using this reader and card combination on a Ubuntu 14.04 machine. Using GnuPG 1.4.15 as root it works fine. GnuPG 2 does not work at all. As a regular user, I have the gpg-agent running to authenticate to SSH hosts and the card can't be read. As soon as I kill gpg-agent, gpg works fine. Any clues? Or, what is the most compatible card reader available to read OpenPGP smartcards using GnuPG 1 and 2? Thanks in advance! Cheers, Miguel From rjh at sixdemonbag.org Sat Sep 12 02:46:00 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 11 Sep 2015 20:46:00 -0400 Subject: OpenPGP smartcard reader In-Reply-To: References: Message-ID: <55F375C8.2010900@sixdemonbag.org> > Any clues? GNOME implements its own gpg-agent... badly... in ways that break smartcards. I've heard they've recently fixed it, but as of 14.04 the broken GNOME behavior was still in place. Search for GNOME and gpg-agent in these archives and you should find a solution. From rjh at sixdemonbag.org Sat Sep 12 03:08:45 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 11 Sep 2015 21:08:45 -0400 Subject: OpenPGP smartcard reader In-Reply-To: <55F375C8.2010900@sixdemonbag.org> References: <55F375C8.2010900@sixdemonbag.org> Message-ID: <55F37B1D.8010005@sixdemonbag.org> > GNOME implements its own gpg-agent... badly... in ways that break > smartcards. I've heard they've recently fixed it, but as of 14.04 the > broken GNOME behavior was still in place. Search for GNOME and > gpg-agent in these archives and you should find a solution. And there's a wiki page for it, too: http://wiki.gnupg.org/GnomeKeyring Also see Simon Josefsson's writeup: http://blog.josefsson.org/2015/01/02/openpgp-smartcards-and-gnome/ This misbehavior has been reported to Debian and Ubuntu: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773304 ... Hope these links help! From the2nd at otpme.org Sat Sep 12 20:05:50 2015 From: the2nd at otpme.org (the2nd) Date: Sat, 12 Sep 2015 20:05:50 +0200 Subject: AW: Re: Smartcard power-down Message-ID: Thanks for your help. This works great! :)
-------- Urspr?ngliche Nachricht --------
Von: NIIBE Yutaka
Datum:09.10.2015 03:13 (GMT+01:00)
An: gnupg-users at gnupg.org
Betreff: Re: Smartcard power-down
On 09/10/2015 05:57 AM, the2nd at otpme.org wrote: > pointing out that a "gpgconf --reload scdaemon" should power-down a > connected smartcard and thus lead to re-asking the PIN. I've tried > this with a yubikey neo but does not work. I've also tried sending > SIGHUP to scdaemon as well as gpg-agent but i never get re-asked for > the PIN when doing a ssh login. After restarting gpg-agent i always > get asked for the PIN so it seems to work in general. Is there > anything i can check? I'm sorry, now, "gpgconf --reload scdaemon" doesn't work in GnuPG 2.0, because of a bug. For a while, please do: $ gpg-connect-agent "SCD KILLSCD" "SCD BYE" /bye This stops scdaemon. I've just committed the fix to 2.0 branch. gpgconf: Fix scdaemon reload. * tools/gpgconf-comp.c (scdaemon_runtime_change): Add "scd bye". -- In GnuPG 2.0.x, it doesn't require newer libassuan which has ASSUAN_FORCE_CLOSE feature. We need to send "scd bye" to let the control finish from command loop. diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 2454f93..69d160e 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -1064,7 +1064,7 @@ scdaemon_runtime_change (void) { gpg_error_t err; const char *pgmname; - const char *argv[6]; + const char *argv[7]; pid_t pid; /* We use "GETINFO app_running" to see whether the agent is already @@ -1077,8 +1077,9 @@ scdaemon_runtime_change (void) argv[1] = "GETINFO scd_running"; argv[2] = "/if ${! $?}"; argv[3] = "scd killscd"; - argv[4] = "/end"; - argv[5] = NULL; + argv[4] = "scd bye"; + argv[5] = "/end"; + argv[6] = NULL; err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid); if (!err) -- _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Sat Sep 12 23:28:30 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 12 Sep 2015 23:28:30 +0200 Subject: GnuPG News for Summer 2015 Message-ID: <87h9mz5nup.fsf@vigenere.g10code.de> Hi, Neal posted a new blog entry https://gnupg.org/blog/20150911-gnupg-this-summer.html below is the plain text version in case you want to comment on it: 1 GnuPG News for Summer 2015 ???????????????????????????? It's been a few months since the last posting. Our most visible activity has been several presentations, but hacking has continued. In July, Neal attended [RMLL] in Beauvais, France and [presented "An Advanced Introduction to GnuPG"]. This presentation is for anyone who knows how to encrypt, decrypt and sign data, but wants to learn how messages are constructed, better understand GnuPG's architecture, and hear some tips and tricks for making the most of GnuPG. The presentation went quite well: the room was nearly full and there were a number of questions at the end as well as after the talk. In August, Werner, Niibe and Daniel Kahn Gillmor (dkg) attended [Debconf] in Heidelberg. Werner held a keynote: "GnuPG: Past, Present and Future." The presentation was [recorded] and the [slides] are also available. Werner started with the history of GnuPG. He related some anecdotes about his motivation to start the project, some of the legal challenges (working around patents), and the founding and running of g10 Code, the free software company behind GnuPG. He then talked about current activities both within GnuPG (some new features and the recent fund raising campaign) as well as some activities related to GnuPG (in particular, the rechartering of the OpenPGP working group). Finally, he discussed his vision for the future. In particular, he wants GnuPG be easier to use for the masses. This means, for instance, using TOFU as a trust model instead of the web of trust, which requires [too much curating] for nearly all users?including most technical users?to be effective. Nevertheless, the goal isn't to somehow neuter GnuPG: it will remain possible to harden GnuPG for users who are trying to prevent targeted attacks with just a few configuration options. The primary focus, however, is making GnuPG easier to use and more secure for casual use by default. Also at DebConf, dkg presented "[GnuPG in Debian Report]" on behalf of the GnuPG packing team ([slides]). He reported the status of GnuPG in Debian and what the team has planned. He began by relating the current status of GnuPG in Debian. First, everything has been moved over to git. The packaging team has also adopted not only GnuPG, but several related packages. The team has been uploading version 2.1 to experimental and, shortly before the talk, made the first upload to unstable. A lot of work has been done on minimizing GnuPG's dependencies. This is particularly helpful for server installs that don't need any of the graphical components. Unfortunately, this work didn't make it into Jessie, but the workaround is easy (install `pinentry-curses' before installing `gnupg2'). The plan is to support GnuPG 2.1 by default. As such, it will be installed as `/usr/bin/gpg' (not `/usr/bin/gpg2'). Note: GnuPG 1.4, with its support for old, broken crypto will remain available for those few who still need it, but it will no longer be the default in the next version of Debian. Making GnuPG 2.1 the default also means that support for ECC cryptography will become much more widely spread in the near future. Daniel also called for support for encrypted swap by default and encouraged people to file bugs. He then turned to some divergences from upstream. He wants GnuPG to be stronger by default and he wants to do some Linux-specific hardening. Some possible future work are: integrating `autopkgtest', for testing the built package in specific environments; and, improving desktop integration and the UI/UX. dkg also mentioned that he is excited about the proposed official support for TOFU in GnuPG: he has a set of scripts for implementing TOFU and would like better support. dkg also ran a GnuPG Packaging BoF, which was [recorded] as well. Niibe is running a campaign called "more entropy, please." His goal is firstly to raise awareness of the importance of entropy and also about making computations constant time to avoid side-channel attacks. He presented this campaign at DebConf. His presentation was [recorded] and he wrote a followup [article]. This campaign is related to Niibe's works on a true random number generator (TRNG) and smartcard called [NeuG]. This device runs only free software and the schematics are also freely available. The device is available for purchase from the [FSF's shop]. Happily, it is so popular that it sold out (but more are on the way!). At the end of August, Werner attended the "[Sommerakademie 2015: Ohne Vertrauensw?rdigkeit keine Informationsgesellschaft]," which was organized by the Unabh?ngiges Landeszentrum f?r Datenschutz Schleswig-Holstein. He held a keynote in which he introduced public-key encryption and GnuPG to privacy activists. In addition to the [slides], he also wrote a short [handout]. Note: both are in German. Werner held the same talk at the [D?sseldorf Fellowship meeting]. At the beginning of November, Werner will hold a keynote at [FSCONS] in G?teborg, Sweden. Due to renewed interest in the OpenPGP protocol, the IETF OpenPGP working group was [rechartered] in June to work on updating the OpenPGP specification. The group is co-chaired by dkg. Both he and Werner attended the IETF-93 OpenPGP session (Werner attended [remotely]) to discuss its [agenda]. The [minutes] are also available. Neal recently spearheaded an effort to better integrate GnuPG and Gnome Keyring. For a long time, Gnome Keyring proxied access to gpg-agent. Unfortunately, the proxy was incomplete and this proved to be a serious problem with GnuPG 2.1. Since Gnome Keyring only wanted to provide a passphrase cache, we decided to modify gpg-agent to support this directly. This work has been completed in GnuPG and the proxy has since been removed from Gnome Keyring. Stef Walter recently [announced] this to Gnome's distributor list so we should see a proper fix to this long-standing issue coming to end users soon. Neal posted [a design document about integrating TOFU] (trust on first use), a new trust model, into GnuPG. As noted above, TOFU requires little support from users. The Web of Trust, on the other hand, requires not only signing keys, but for every user to assign trust to people they potentially don't know. This is a huge burden and few people actually do this in practice. As such, they are getting less protection than with TOFU, which is able to detect when a user's key changes. Note: our intention is to support both TOFU and the Web of Trust at the same time. We have modified Pinentry to use normal widgets instead of the custom widgets that use locked memory. Rough consensus for this decision was reached on [the gnupg-devel mailing list]. The motivation is that the secure widget code is large and buggy and it relies on lots of code to carefully handle the password (namely, anything that deals with keyboard input, such as, the X server, the graphical toolkit and the C library). This supporting code is not designed to be secure and thus probably isn't. Further, in practice, locked memory isn't really locked anymore. It can still be written to disk if the machine is hibernated. Finally, the secure widgets are less feature rich and don't integrate as well into the desktop environments. This is particularly important as regards accessibility. Neal modified the gtk-based pinentry and Andre modified the Qt-based pinentry to use the standard widgets. This allowed us to immediately close a number of bug reports. Niibe has been working on integrating support for Curve25519 for encryption. This is available in the latest version of libgcrypt and scdaemon. Kai has been working on various enhancements for Enigmail. In particular, Enigmail now displays the algorithms used for signing messages under "Enigmail Security Info". He added functionality for importing and exporting Enigmail preferences. Enigmail now asks before importing public keys from attachments. And, a patch is pending that allows Enigmail to use keybase.io as keyserver. There have been a number of new releases. These include: [GnuPG 2.1.8], [GnuPG 2.0.29], [GPA 0.9.9], [libgcrypt 1.6.4], [libassuan 2.3.0], [libgpg-error 1.20], [GPGME 1.6.0], and Pinentry 0.9.6. Andre Heinecke also released [gpg4win 2.2.6]. On GnuPG-devel, [Bjarni reraised the memory-hole discussion]. This was originally discussed at the OpenPGP summit back in April. The idea is to be able to sign and encrypt sensitive mail headers, such as the subject. Both Mailpile and Enigmail already have partial support for the proposed standard. Jan Suhr asked about [GnuPG using exclusive mode when accessing OpenPGP cards]. Niibe and Werner argued that only a single application should use the smartcard at a time. There are two main arguments: performance and security. From a performance perspective, GnuPG (or rather, scadaemon) can cache the status of the card. Having to refresh information (among initialization procedures) can introduce a several second delay. From a security perspective, we want to make sure that another application does not get access to the card without having to enter the PIN. On gnupg-users, Simon Josefsson asked about [how to setup a shared email with hardware-backed keys]. He detailed his setup and dkg thought it was sound and also mentioned an alternative approach. A.T. Leibson started an interesting thread on [teaching GnuPG to new users]. A number of people replied with suggestions and anecdotes. If you are an encryption advocate, it is probably worth a look. Tankred Hase linked to the [Secure Private Key Synchronization protocol], a secure way to synchronize a user's private key between devices. This was originally discussed at the OpenPGP summit. He's interested in additional feedback. Nico posted a design document for a [key server that validates OpenPGP keys by sending a mail to the key's holder]. A main issue that was raised was how to decide which key server should be authoritative: users are not going to want to validate that they control the key to hundreds of key servers. Werner noted that this effectively reimplements X.509 and its trusted CAs. Nico asked for feedback on how to organize [the next OpenPGP summit]. He wants to have a meeting that is open to the public, but with some limitations to ensure that work gets done and that the limited space is available to those most engaged in OpenPGP. Robert J. Hansen has begun [overhauling the FAQ]. He is planning on removing references to GnuPG 1.4 as much as possible. He also feedback about some proposed clarifications. [RMLL] https://2015.rmll.info/?lang%3Den [presented "An Advanced Introduction to GnuPG"] https://2015.rmll.info/introduction-avancee-sur-gnupg?lang%3Den [Debconf] http://debconf15.debconf.org/ [recorded] https://summit.debconf.org/debconf15/meeting/330/gnupg-past-present-future/ [slides] https://gnupg.org/ftp/blurbs/debconf15_gnupg-past-present-future.pdf [too much curating] http://wiki.gnupg.org/WebOfTrust [GnuPG in Debian Report] https://summit.debconf.org/debconf15/meeting/195/gnupg-in-debian-report/ [slides] https://dkg.fifthhorseman.net/gnupg-in-debian-debconf15.pdf [recorded] https://summit.debconf.org/debconf15/meeting/196/gnupg-packaging-bof/ [recorded] https://summit.debconf.org/debconf15/meeting/265/more-entropy-please/ [article] http://www.gniibe.org/memo/development/gnuk/rng/please-more-and-more-mep.html [NeuG] http://www.gniibe.org/memo/development/gnuk/rng/neug.html [FSF's shop] http://shop.fsf.org/product/usb/ [Sommerakademie 2015: Ohne Vertrauensw?rdigkeit keine Informationsgesellschaft] https://datenschutzzentrum.de/sommerakademie/2015/ [slides] https://gnupg.org/ftp/blurbs/kiel-2015_sicher-verschl-mit-gnupg.pdf [handout] https://gnupg.org/ftp/blurbs/kiel-2015_sicher-verschl-mit-gnupg_handout.pdf [D?sseldorf Fellowship meeting] http://www.linux-praktiker.de/html/deutsch/rueckblende/2015_08_26_werner-koch-im-chaosdorf-vortrag-sicher-verschluesseln-mit-gnupg.htm [FSCONS] https://fscons.org/2015/ [rechartered] https://tools.ietf.org/wg/openpgp/charters [remotely] https://www.ietf.org/jabber/logs/openpgp/2015-07-24.html [agenda] https://tools.ietf.org/wg/openpgp/agenda?item%3Dagenda-93-openpgp.html [minutes] https://tools.ietf.org/wg/openpgp/minutes?item%3Dminutes-93-openpgp.html [announced] https://mail.gnome.org/archives/desktop-devel-list/2015-August/msg00002.html [a design document about integrating TOFU] https://lists.gnupg.org/pipermail/gnupg-devel/2015-July/030150.html [the gnupg-devel mailing list] https://lists.gnupg.org/pipermail/gnupg-devel/2015-July/030112.html [GnuPG 2.1.8] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000379.html [GnuPG 2.0.29] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000376.html [GPA 0.9.9] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000378.html [libgcrypt 1.6.4] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000375.html [libassuan 2.3.0] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000374.html [libgpg-error 1.20] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000373.html [GPGME 1.6.0] https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000372.html [gpg4win 2.2.6] http://lists.wald.intevation.org/pipermail/gpg4win-announce/2015-September/000065.html [Bjarni reraised the memory-hole discussion] https://lists.gnupg.org/pipermail/gnupg-devel/2015-June/030036.html [GnuPG using exclusive mode when accessing OpenPGP cards] https://lists.gnupg.org/pipermail/gnupg-devel/2015-August/030242.html [how to setup a shared email with hardware-backed keys] https://lists.gnupg.org/pipermail/gnupg-users/2015-June/053770.html [teaching GnuPG to new users] https://lists.gnupg.org/pipermail/gnupg-users/2015-June/053790.html [Secure Private Key Synchronization protocol] https://lists.gnupg.org/pipermail/gnupg-users/2015-July/053854.html [key server that validates OpenPGP keys by sending a mail to the key's holder] https://lists.gnupg.org/pipermail/gnupg-users/2015-July/053971.html [the next OpenPGP summit] https://lists.gnupg.org/pipermail/gnupg-users/2015-August/054096.html [overhauling the FAQ] https://lists.gnupg.org/pipermail/gnupg-users/2015-August/054172.html 2 About this news posting ????????????????????????? We try to write a news posting each month. However, other work may have a higher priority (e.g. security fixes) and thus there is no promise for a fixed publication date. If you have an interesting topic for a news posting, please send it to us. A regular summary of the mailing list discussions would make a nice column on this news. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gniibe at fsij.org Sun Sep 13 03:27:57 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Sun, 13 Sep 2015 10:27:57 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F41476.2020704@gentoo.moe> References: <55F23158.9060106@gentoo.moe> <55F2A3DE.7070203@fsij.org> <55F41476.2020704@gentoo.moe> Message-ID: <55F4D11D.2010400@fsij.org> On 09/12/2015 09:03 PM, perillamint wrote: > Signature key ....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 > created ....: 2015-09-10 18:40:00 > Encryption key....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 > created ....: 2015-09-10 18:40:00 > Authentication key: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 > created ....: 2015-09-10 18:40:00 > General key info..: pub rsa4096/37AA8068 2015-09-10 perillamint > > sec> rsa4096/37AA8068 created: 2015-09-10 expires: 2017-09-09 > card-no: F517 76EB5FFA I think that there must be something broken. It shows that all of keys on your card are same (37AA8068). As I showed in the previous mail, each key should have different fingerprint. In another command of the following, I can check: =========================== $ gpg-connect-agent "KEYINFO --list" /bye S KEYINFO 5D6C89682D07CCFC034AF508420BF2276D8018ED T D276000124010200F517000000010000 OPENPGP.3 - - - - - S KEYINFO 101DE7B639FE29F4636BDEECF442A9273AFA6565 T D276000124010200F517000000010000 OPENPGP.1 - - - - - S KEYINFO 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C T D276000124010200F517000000010000 OPENPGP.2 - - - - - OK $ =========================== It shows that I have three different keys on a card. Could you check it? Or, did you intentionally register a single key to multiple slots? I think that this kind of use case is not supported by GnuPG. It assumes that each key on card is different. In that case, I'd understand the reason why it returns an error of "Invalid ID". -- From gniibe at fsij.org Mon Sep 14 04:05:32 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Mon, 14 Sep 2015 11:05:32 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F5A4B2.4030507@gentoo.moe> References: <55F23158.9060106@gentoo.moe> <55F2A3DE.7070203@fsij.org> <55F41476.2020704@gentoo.moe> <55F4D11D.2010400@fsij.org> <55F5A4B2.4030507@gentoo.moe> Message-ID: <55F62B6C.2050407@fsij.org> On 09/14/2015 01:30 AM, perillamint wrote: > Yes. I generated single key with Signing Certification Encryption > Authorization ablity. > > If it is not supported by GnuPG, Re-generating key with Signing > Certification Encryption key (It's GnuPG default. I think..) and adding > subkey with Authorization (for SSH auth) can be a solution? Let me answer a point by a point. Firstly, let me check about the support situation of GnuPG about this specific usage of same key on smartcard for singing, decryption, and authentication. I'm sure that current code of GnuPG 2.1.x doesn't support the usage of same key on smartcard. In my opinion, OpenPGPcard specification doesn't encourage users to do this specific usage, too. In GnuPG 2.1.x, access by gpg-agent to scdaemon is done with KEYID of "OPENPGP.1", "OPENPGP.2", or "OPENPGP.3" (see the function ask_for_card in gnupg/agent/divert-scd.c), by accessing .key file under ~/.gnupg/private-keys-v1.d. I think that this situation is same in GnuPG 2.0.x. In GnuPG 1.4.x (when configured with no agent), access is done with SERIALNO. IIUC, it is possible for GnuPG 1.4.x to allow the usage of same key on smartcard. Setup of this specific usage requires quite a cumbersome interactions, I believe. It requires multiple invocations of 'gpg --edit-key', invocation of subcommand of 'keytocard' and then, quit without saving. Secondly, GnuPG's default key generation is generating primary key and encryption subkey. Primary key has capability of Signing (to message) and Certification (signing to key), while the subkey of encryption has capability of Encryption. IIUC, this was because of historic reason originally, but, it makes sense too (since usage (especially revocation) is different and key life-time would be different). And then, if you need, you can add Authentication subkey (for SSH) by 'gpg --edit-key' and invoking subcommand addkey (specifying the Authentication capability). If you don't have enough reason to use a single key material for multiple slots of smartcard, it is recommended to follow the default. -- From marko.bauhardt at mailbox.org Mon Sep 14 10:07:20 2015 From: marko.bauhardt at mailbox.org (Marko Bauhardt) Date: Mon, 14 Sep 2015 10:07:20 +0200 Subject: uploading subkeys In-Reply-To: <871teegf2p.fsf@vigenere.g10code.de> References: <55E0CA9F.2070208@gmail.com> <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> <871teegf2p.fsf@vigenere.g10code.de> Message-ID: <03BABF25-0A75-4B0E-B91B-3F9BD75D44E1@mailbox.org> > > You may use this notation to force the use of this subkey. However, an > OpenPGP key(block) always consists of a primary key and optional ant > number of subkeys. Ok. > The transfer format does only allow sending of > entire OpenPGP key(block)s. > Ok, thx. This was not clear for me. Can you point me to some documentation about key blocks and primary key / subkey? Thx Marko From dkg at fifthhorseman.net Mon Sep 14 16:43:05 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 14 Sep 2015 10:43:05 -0400 Subject: uploading subkeys In-Reply-To: <03BABF25-0A75-4B0E-B91B-3F9BD75D44E1@mailbox.org> References: <55E0CA9F.2070208@gmail.com> <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> <871teegf2p.fsf@vigenere.g10code.de> <03BABF25-0A75-4B0E-B91B-3F9BD75D44E1@mailbox.org> Message-ID: <87si6hawp2.fsf@alice.fifthhorseman.net> On Mon 2015-09-14 04:07:20 -0400, Marko Bauhardt wrote: > [ Werner wrote: ] >> You may use this notation to force the use of this subkey. However, >> an OpenPGP key(block) always consists of a primary key and optional >> ant number of subkeys. > > Ok. > >> The transfer format does only allow sending of entire OpenPGP >> key(block)s. > > Ok, thx. This was not clear for me. Can you point me to some > documentation about key blocks and primary key / subkey? a Transferable Public Key (aka "keyblock" and "OpenPGP certificate") is defined here: https://tools.ietf.org/html/rfc4880#section-11.1 hth, --dkg From perillamint at gentoo.moe Sat Sep 12 14:03:02 2015 From: perillamint at gentoo.moe (perillamint) Date: Sat, 12 Sep 2015 21:03:02 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F2A3DE.7070203@fsij.org> References: <55F23158.9060106@gentoo.moe> <55F2A3DE.7070203@fsij.org> Message-ID: <55F41476.2020704@gentoo.moe> Here is my output of gpg --card-status. ========== Application ID ...: D276000124010200F51776EB5FFA0000 Version ..........: 2.0 Manufacturer .....: FSIJ Serial number ....: 76EB5FFA Name of cardholder: perillamint Language prefs ...: en Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: rsa4096 rsa4096 rsa4096 Max. PIN lengths .: 127 127 127 PIN retry counter : 5 5 5 Signature counter : 0 Signature key ....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 created ....: 2015-09-10 18:40:00 Encryption key....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 created ....: 2015-09-10 18:40:00 Authentication key: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 created ....: 2015-09-10 18:40:00 General key info..: pub rsa4096/37AA8068 2015-09-10 perillamint sec> rsa4096/37AA8068 created: 2015-09-10 expires: 2017-09-09 card-no: F517 76EB5FFA ========== On 11/09/15 18:50, NIIBE Yutaka wrote: > On 09/11/2015 10:41 AM, perillamint wrote: >> gpg: public key decryption failed: Invalid ID >> gpg: decryption failed: No secret key > > Could you please try 'gpg --card-status' and see 'General key info'? > > In my case, it's like: > > ================== > General key info..: pub rsa2048/4CA7BABE 2010-10-15 NIIBE Yutaka > sec> rsa2048/4CA7BABE created: 2010-10-15 expires: never > card-no: F517 00000001 > ssb> rsa2048/084239CF created: 2010-10-15 expires: never > card-no: F517 00000001 > ssb> rsa2048/5BB065DC created: 2010-10-22 expires: never > card-no: F517 00000001 > ================== > > It shows the connection between stub on host PC and key on the card. > > I guess that there is some problem in your situation, and > you can see what's going on by the --card-status. > From perillamint at gentoo.moe Sun Sep 13 18:30:42 2015 From: perillamint at gentoo.moe (perillamint) Date: Mon, 14 Sep 2015 01:30:42 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F4D11D.2010400@fsij.org> References: <55F23158.9060106@gentoo.moe> <55F2A3DE.7070203@fsij.org> <55F41476.2020704@gentoo.moe> <55F4D11D.2010400@fsij.org> Message-ID: <55F5A4B2.4030507@gentoo.moe> Yes. I generated single key with Signing Certification Encryption Authorization ablity. If it is not supported by GnuPG, Re-generating key with Signing Certification Encryption key (It's GnuPG default. I think..) and adding subkey with Authorization (for SSH auth) can be a solution? Thanks. On 13/09/15 10:27, NIIBE Yutaka wrote: > On 09/12/2015 09:03 PM, perillamint wrote: >> Signature key ....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 >> created ....: 2015-09-10 18:40:00 >> Encryption key....: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 >> created ....: 2015-09-10 18:40:00 >> Authentication key: 09CD 5C9E 15E4 F7CA 123A 8A25 5840 050B 37AA 8068 >> created ....: 2015-09-10 18:40:00 >> General key info..: pub rsa4096/37AA8068 2015-09-10 perillamint >> >> sec> rsa4096/37AA8068 created: 2015-09-10 expires: 2017-09-09 >> card-no: F517 76EB5FFA > > I think that there must be something broken. It shows that all of > keys on your card are same (37AA8068). > > As I showed in the previous mail, each key should have different > fingerprint. > > In another command of the following, I can check: > > =========================== > $ gpg-connect-agent "KEYINFO --list" /bye > S KEYINFO 5D6C89682D07CCFC034AF508420BF2276D8018ED T D276000124010200F517000000010000 OPENPGP.3 - - - - - > S KEYINFO 101DE7B639FE29F4636BDEECF442A9273AFA6565 T D276000124010200F517000000010000 OPENPGP.1 - - - - - > S KEYINFO 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C T D276000124010200F517000000010000 OPENPGP.2 - - - - - > OK > $ > =========================== > > It shows that I have three different keys on a card. > > Could you check it? > > Or, did you intentionally register a single key to multiple slots? I > think that this kind of use case is not supported by GnuPG. It > assumes that each key on card is different. In that case, I'd > understand the reason why it returns an error of "Invalid ID". > From perillamint at gentoo.moe Mon Sep 14 18:43:48 2015 From: perillamint at gentoo.moe (perillamint) Date: Tue, 15 Sep 2015 01:43:48 +0900 Subject: Gnupg 2.1.7 can't decrypt using smartcard key. In-Reply-To: <55F62B6C.2050407@fsij.org> References: <55F23158.9060106@gentoo.moe> <55F2A3DE.7070203@fsij.org> <55F41476.2020704@gentoo.moe> <55F4D11D.2010400@fsij.org> <55F5A4B2.4030507@gentoo.moe> <55F62B6C.2050407@fsij.org> Message-ID: <55F6F944.80303@gentoo.moe> I tried to generate key using default setting (RSA and RSA) and added another subkey for authorization purpose. After moving that key to card, It encrypt/decrypt, and signs well. Thanks! p.s. GnuPG 2.1.7 seems to have a problem with 4096bit RSA key with keytocard command. I failed to move my new key to card with 2.1.7 with GPG complaining about Bad secret key but when I tried with 2.1.8, it succeeded to move key to card. On 14/09/15 11:05, NIIBE Yutaka wrote: > On 09/14/2015 01:30 AM, perillamint wrote: >> Yes. I generated single key with Signing Certification Encryption >> Authorization ablity. >> >> If it is not supported by GnuPG, Re-generating key with Signing >> Certification Encryption key (It's GnuPG default. I think..) and adding >> subkey with Authorization (for SSH auth) can be a solution? > > Let me answer a point by a point. > > Firstly, let me check about the support situation of GnuPG about this > specific usage of same key on smartcard for singing, decryption, and > authentication. > > I'm sure that current code of GnuPG 2.1.x doesn't support the usage of > same key on smartcard. > > In my opinion, OpenPGPcard specification doesn't encourage users to do > this specific usage, too. > > In GnuPG 2.1.x, access by gpg-agent to scdaemon is done with KEYID of > "OPENPGP.1", "OPENPGP.2", or "OPENPGP.3" (see the function > ask_for_card in gnupg/agent/divert-scd.c), by accessing .key > file under ~/.gnupg/private-keys-v1.d. > > I think that this situation is same in GnuPG 2.0.x. > > In GnuPG 1.4.x (when configured with no agent), access is done with > SERIALNO. IIUC, it is possible for GnuPG 1.4.x to allow the usage > of same key on smartcard. > > Setup of this specific usage requires quite a cumbersome interactions, > I believe. It requires multiple invocations of 'gpg --edit-key', > invocation of subcommand of 'keytocard' and then, quit without saving. > > > Secondly, GnuPG's default key generation is generating primary key and > encryption subkey. Primary key has capability of Signing (to message) > and Certification (signing to key), while the subkey of encryption has > capability of Encryption. IIUC, this was because of historic reason > originally, but, it makes sense too (since usage (especially > revocation) is different and key life-time would be different). And > then, if you need, you can add Authentication subkey (for SSH) by > 'gpg --edit-key' and invoking subcommand addkey (specifying the > Authentication capability). > > > If you don't have enough reason to use a single key material for > multiple slots of smartcard, it is recommended to follow the default. > From gniibe at fsij.org Tue Sep 15 09:29:23 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 15 Sep 2015 16:29:23 +0900 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: References: <55F22A5A.3030600@fsij.org> Message-ID: <55F7C8D3.3090409@fsij.org> On 09/11/2015 08:14 PM, Guan Xin wrote: > I tried the combination of > pcsc-lite-1.8.14 > ccid-1.4.20 > gnupg-2.0.29 (configured with --disable-ccid-driver) > Both 2048 and 4096-bit keys can be generated without error. > Also tried gnupg-2.0.29 using its internal ccid-driver with debug output > enabled in "$HOME/.gnupg/scdaemon.conf". There was indeed a timeout. Thank you for your confirmation. Well, I'm going to fix ccid-driver of GnuPG scdaemon to support OpenPGPcard v2.1 correctly. Currently, ccid-driver's timeout is 5 seconds. If I calculate it correctly, the timeout for OpenPGPcard v2.0 is (3.3 + 1) = 4.3 seconds by pcscd+libccid. I think that timeout for OpenPGPcard v2.1 would be different. If possible, could you please show us the ATR string of the card? It's in the debug log of scdaemon. It's like the like: ================================== slot 0: ATR=xx xx xx xx xx xx xx xx ... ================================== This ATR string defines the timeout of communication. -- From guanx.bac at gmail.com Wed Sep 16 11:18:57 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Wed, 16 Sep 2015 11:18:57 +0200 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: <55F7C8D3.3090409@fsij.org> References: <55F22A5A.3030600@fsij.org> <55F7C8D3.3090409@fsij.org> Message-ID: On Tue, Sep 15, 2015 at 9:29 AM, NIIBE Yutaka wrote: > > I think that timeout for OpenPGPcard v2.1 would be different. If > possible, could you please show us the ATR string of the card? > It's in the debug log of scdaemon. It's like the like: > > ================================== > slot 0: ATR=xx xx xx xx xx xx xx xx ... > ================================== > > This ATR string defines the timeout of communication. > -- "slot 0: ATR=3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C" Guan From gniibe at fsij.org Wed Sep 16 11:55:00 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 16 Sep 2015 18:55:00 +0900 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: References: <55F22A5A.3030600@fsij.org> <55F7C8D3.3090409@fsij.org> Message-ID: <1442397300.1625.0.camel@fsij.org> On 2015-09-16 at 11:18 +0200, Guan Xin wrote: > On Tue, Sep 15, 2015 at 9:29 AM, NIIBE Yutaka wrote: > > > > I think that timeout for OpenPGPcard v2.1 would be different. If > > possible, could you please show us the ATR string of the card? > > It's in the debug log of scdaemon. It's like the like: > > > > ================================== > > slot 0: ATR=xx xx xx xx xx xx xx xx ... > > ================================== > > > > This ATR string defines the timeout of communication. > > -- > > "slot 0: ATR=3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C" > > Guan From gniibe at fsij.org Wed Sep 16 11:57:53 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 16 Sep 2015 18:57:53 +0900 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: References: <55F22A5A.3030600@fsij.org> <55F7C8D3.3090409@fsij.org> Message-ID: <1442397473.1625.1.camel@fsij.org> On 2015-09-16 at 11:18 +0200, Guan Xin wrote: > "slot 0: ATR=3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C" Thanks. Timeout should be more than 13 second. I'll use this value. Reference: ccid-1.4.20/src/ifdhandler.c:T1_card_timeout -- From guanx.bac at gmail.com Wed Sep 16 12:00:51 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Wed, 16 Sep 2015 12:00:51 +0200 Subject: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible In-Reply-To: <1442397473.1625.1.camel@fsij.org> References: <55F22A5A.3030600@fsij.org> <55F7C8D3.3090409@fsij.org> <1442397473.1625.1.camel@fsij.org> Message-ID: On Wed, Sep 16, 2015 at 11:57 AM, NIIBE Yutaka wrote: > > Thanks. Timeout should be more than 13 second. I'll use this value. > > Reference: > > ccid-1.4.20/src/ifdhandler.c:T1_card_timeout Thanks for your informative help! Good to know how it works besides getting it working. Guan From wk at gnupg.org Wed Sep 16 17:39:25 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 16 Sep 2015 17:39:25 +0200 Subject: "g13" tool in GnuPG 2.1 In-Reply-To: <551D6FE2.7020305@digitalbrains.com> (Peter Lebbing's message of "Thu, 02 Apr 2015 18:35:46 +0200") References: <551D6FE2.7020305@digitalbrains.com> Message-ID: <87d1xi1ihe.fsf@vigenere.g10code.de> On Thu, 2 Apr 2015 18:35, peter at digitalbrains.com said: > So is G13 ready for use? Not really. For example the management features are missing: Adding another key, adding an symmetric key, removing a key, and so on. And well, encfs itself has show some problems and I am not sure whether encfs is still maintained. For my own needs I am working on yet another dm-crypt wrapper which will be another backend for g13. > > (note that the LUKS script written by me and modified by Jan also uses > real public key cryptography; that remark in the quote refers to a > different method of unlocking an encrypted drive using an OpenPGP card). > > Cheers, > > Peter. > > [1] http://lists.gnupg.org/pipermail/gnupg-users/2009-November/037599.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Wed Sep 16 21:24:48 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 16 Sep 2015 21:24:48 +0200 Subject: "g13" tool in GnuPG 2.1 In-Reply-To: <87d1xi1ihe.fsf@vigenere.g10code.de> References: <551D6FE2.7020305@digitalbrains.com> <87d1xi1ihe.fsf@vigenere.g10code.de> Message-ID: <55F9C200.7050601@digitalbrains.com> On 16/09/15 17:39, Werner Koch wrote: > For my own needs I am working on yet another dm-crypt wrapper which will > be another backend for g13. I'd much prefer dm-crypt as backend, so all the better! In fact, I think LUKS might be better than plain dm-crypt; it seems to be getting the most love from the devs. Peter. (PS: I accidentally addressed my reply wrong; it went to Werner instead of the list, so this is a new copy) -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From hidekis at gmail.com Thu Sep 17 03:43:57 2015 From: hidekis at gmail.com (Hideki Saito) Date: Wed, 16 Sep 2015 18:43:57 -0700 Subject: Can't import private key to GnuPG 2.1.1 on Windows 8 x64 In-Reply-To: <20150122080210.BED536015E1@mail.ffen.dk> (jesper@graffen.dk's message of "Thu, 22 Jan 2015 08:01:22 +0000") References: <54A673EB.3060907@graffen.dk> <87h9w9fjwo.fsf@vigenere.g10code.de> <54A6A2F8.4050203@graffen.dk> <87zj9b1y6x.fsf@madoka.hidekisaito.com> <20150122080210.BED536015E1@mail.ffen.dk> Message-ID: <87bnd1hlb6.fsf@madoka.mua.hidekisaito.com> writes: > I?ve been having the same problem. No solution yet ? > > I think it's fixed on 2.1.8! -- Hideki Saito OpenPGP Key: http://hidekisaito.com/aff2e40b.txt 1066 3928 7B0B E7CD A0CB 3686 1FDF D937 AFF2 E40B http://hidekisaito.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 818 bytes Desc: not available URL: From dkg at fifthhorseman.net Thu Sep 17 05:25:11 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 16 Sep 2015 23:25:11 -0400 Subject: [HowTo] use gpg2.1 with an onion service In-Reply-To: <1994516.pkSrK0DZzL@localhost> References: <1994516.pkSrK0DZzL@localhost> Message-ID: <87twqt4tig.fsf@alice.fifthhorseman.net> On Fri 2015-09-11 09:25:09 -0400, Malte wrote: > With the upgrade to GnuPG 2.1 my GPG+Tor setup broke. This was due to the fact > that GnuPG now relies on dirmngr to handle all its networking. Which is good, > because it separates different parts of functionality, but it also cost me > some time to figure out. > > In the end, it?s very easy: > > 1. You create a 2 line script, which calls dirmngr with torify: > > user at computer:~$ cat /home/user/bin/tordirmngr.sh > #! /bin/sh > torify dirmngr --daemon --homedir /home/user/.gnupg > > 2. You write the keyserver, which preferably is an Onion Service, because as > such you can be sure that you connect to it via Tor, with the just created > script into your ~/.gnupg/gpg.conf: > > dirmngr-program /home/user/bin/tordirmngr.sh > keyserver hkp://euggdcsexz2dqbwb.onion > keyserver-options no-honor-keyserver-url > > 2.b. For good measure I would also add: > > use-agent > keyid-format 0xlong > with-fingerprint These are reasonable recommendations. thanks for documenting how to use dirmngr with tor. (use-agent isn't necessary for gpg 2.1, but it doesn't hurt) We may at some point get a --use-tor flag for dirmngr, which should simplify things further. > Please be aware that, while this adds a lot of anonymity and confidentiality > to you GPG usage, if you were to refresh your whole keyring at once, the > operator of the keyserver might very well figure out who you are. and if you don't use a .onion address, the exit node operator and anyone on the network path between the exit node and the keyserver could be able to figure it out as well. > And please be further aware that most Linux distribution still ship GnuPG 1 > and 2 in parallel, so make sure you invoke it with gpg2 (e.g. gpg2 --search > glutenfree at vemail.nerd). Right, though the plan within debian at least is to change that and ship 2.1 as /usr/bin/gpg, hopefully before we release stretch. All the best, --dkg From wk at gnupg.org Thu Sep 17 13:56:51 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 17 Sep 2015 13:56:51 +0200 Subject: [HowTo] use gpg2.1 with an onion service In-Reply-To: <87twqt4tig.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Wed, 16 Sep 2015 23:25:11 -0400") References: <1994516.pkSrK0DZzL@localhost> <87twqt4tig.fsf@alice.fifthhorseman.net> Message-ID: <87io79z2bg.fsf@vigenere.g10code.de> On Thu, 17 Sep 2015 05:25, dkg at fifthhorseman.net said: > We may at some point get a --use-tor flag for dirmngr, which should > simplify things further. To add this flag I need to find documentation on how to route DNS requests via tor. A simple AAAA record lookup is not sufficient. Hint on where to start or how such a feature can be added to tor are welcome. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hans at guardianproject.info Thu Sep 17 13:59:19 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Thu, 17 Sep 2015 13:59:19 +0200 Subject: gnupg-for-java In-Reply-To: <55F31883.6090904@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> <55F1F351.9050701@blazrsoft.com> <55F31883.6090904@blazrsoft.com> Message-ID: <55FAAB17.8070400@guardianproject.info> Antony Prince: > On 09/10/2015 05:17 PM, Antony Prince wrote: >> without gpgme installed). I'm not 100% sure how to test the >> functionality of the binary and library, so if anyone wants to give it a >> go, I'd be glad to hear the results. The ftp server[2] allows for >> anonymous download. >> [2]ftp://blazrsoft.com/ >> > > As an update on this, I've written a very short program to invoke the > test functions of the library. This is more of a learning exercise for > me, but I figured I'd let anyone interested know that I was still > pursuing it. It doesn't work 100% yet and I'm working towards figuring > it out, but at the very least, I've got the suite() method in > com.freiheit.gnupg.tests.GnuPGTestSuite to start attempting its key > creation tests. The results are: > > suite() > genKey: " > Key-Type: DSA > Key-Length: 1024 > Subkey-Type: ELG-E > Subkey-Length: 1024 > Name-Real: alpha > Name-Comment: just a test > Name-Email: alpha at alpha.org > Expire-Date: 0 > Passphrase: alpha > " > Exception in thread "main" com.freiheit.gnupg.GnuPGException: 117440513: > General error > at com.freiheit.gnupg.GnuPGContext.gpgmeOpGenKey(Native Method) > at com.freiheit.gnupg.GnuPGContext.genKey(GnuPGContext.java:748) > at com.freiheit.gnupg.tests.GnuPGTestSuite.suite(GnuPGTestSuite.java:66) > at com.blazrsoft.gnupg4javatester.MainClass.main(MainClass.java:8) > > It is failing at the call to genKey(). I'll figure it out eventually I'm > sure. This is using the .jar and .so files created by the Travis CI > builds that I mentioned earlier. I'll likely perform tests with natively > built files to see if the issue lies there, etc. If I can maintain the > motivation, I may eventually work on my own Java front-end for the > library, just to see if I can do it. > This is all great work, Antony! We'd be happy to include it in our repo. We've basically only used gnupg-for-java in our Android app GnuPG for Android, so it is not so polished on desktop, as you saw. .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From hans at guardianproject.info Thu Sep 17 13:51:01 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Thu, 17 Sep 2015 13:51:01 +0200 Subject: gnupg-for-java In-Reply-To: <55EF534C.5010505@sixdemonbag.org> References: <55EF534C.5010505@sixdemonbag.org> Message-ID: <55FAA925.1040409@guardianproject.info> For the record, my work on GnuPG was largely funded by the US Government, via the State Department/Radio Free Asia/Open Technology Fund. So are other projects like Tor Project, Mailvelope, crypto.cat, NoScript, and many more. I don't think that being associated with the US Government automatically disqualifies your contributions of free software. .hc Robert J. Hansen: > A while ago, the fellows at the Guardian Project released Java bindings > for GnuPG. A project's come along where I could make use of them, and > thought I'd give them a spin. I was quite surprised to discover that, > as of this writing, they don't even build. > > The offender seems to be jUnit. The gnupg-for-java code uses a lot of > imports like "junit.framework", and the current jUnit drops everything > in the org.junit namespace. On top of that, old test methods like > TestSuite from jUnit 3.8 have been deprecated in favor of Suite, from > more modern jUnits. > > This doesn't appear to be hard work. The test suite is about 250 lines > of code, most of it fairly clear. If you know Java and would like to > contribute to GnuPG but don't quite know where, this would seem to be an > excellent "bite-sized" project to take on. > > > > (If anyone's wondering why I'm not doing it: following my long-standing > rule, I don't contribute code patches for either GnuPG or Enigmail. > Although I'm not an employee of the U.S. government, I have a lot of > friends and family who are. If I contributed code, some people would > make a ruckus about how GnuPG was now 'tainted'. To prevent this, and > to maintain the community's trust in GnuPG, I don't touch the code.) > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 From hans at guardianproject.info Thu Sep 17 13:59:19 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Thu, 17 Sep 2015 13:59:19 +0200 Subject: gnupg-for-java In-Reply-To: <55F31883.6090904@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> <55F1F351.9050701@blazrsoft.com> <55F31883.6090904@blazrsoft.com> Message-ID: <55FAAB17.8070400@guardianproject.info> Antony Prince: > On 09/10/2015 05:17 PM, Antony Prince wrote: >> without gpgme installed). I'm not 100% sure how to test the >> functionality of the binary and library, so if anyone wants to give it a >> go, I'd be glad to hear the results. The ftp server[2] allows for >> anonymous download. >> [2]ftp://blazrsoft.com/ >> > > As an update on this, I've written a very short program to invoke the > test functions of the library. This is more of a learning exercise for > me, but I figured I'd let anyone interested know that I was still > pursuing it. It doesn't work 100% yet and I'm working towards figuring > it out, but at the very least, I've got the suite() method in > com.freiheit.gnupg.tests.GnuPGTestSuite to start attempting its key > creation tests. The results are: > > suite() > genKey: " > Key-Type: DSA > Key-Length: 1024 > Subkey-Type: ELG-E > Subkey-Length: 1024 > Name-Real: alpha > Name-Comment: just a test > Name-Email: alpha at alpha.org > Expire-Date: 0 > Passphrase: alpha > " > Exception in thread "main" com.freiheit.gnupg.GnuPGException: 117440513: > General error > at com.freiheit.gnupg.GnuPGContext.gpgmeOpGenKey(Native Method) > at com.freiheit.gnupg.GnuPGContext.genKey(GnuPGContext.java:748) > at com.freiheit.gnupg.tests.GnuPGTestSuite.suite(GnuPGTestSuite.java:66) > at com.blazrsoft.gnupg4javatester.MainClass.main(MainClass.java:8) > > It is failing at the call to genKey(). I'll figure it out eventually I'm > sure. This is using the .jar and .so files created by the Travis CI > builds that I mentioned earlier. I'll likely perform tests with natively > built files to see if the issue lies there, etc. If I can maintain the > motivation, I may eventually work on my own Java front-end for the > library, just to see if I can do it. > This is all great work, Antony! We'd be happy to include it in our repo. We've basically only used gnupg-for-java in our Android app GnuPG for Android, so it is not so polished on desktop, as you saw. .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From antony at blazrsoft.com Sat Sep 19 10:08:01 2015 From: antony at blazrsoft.com (Antony Prince) Date: Sat, 19 Sep 2015 04:08:01 -0400 Subject: gnupg-for-java In-Reply-To: <55FAAB17.8070400@guardianproject.info> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> <55F1F351.9050701@blazrsoft.com> <55F31883.6090904@blazrsoft.com> <55FAAB17.8070400@guardianproject.info> Message-ID: <55FD17E1.4010501@blazrsoft.com> On 9/17/2015 7:59 AM, Hans-Christoph Steiner wrote: > This is all great work, Antony! We'd be happy to include it in our repo. > We've basically only used gnupg-for-java in our Android app GnuPG for Android, > so it is not so polished on desktop, as you saw. > > .hc > After poking around a bit, I decided to quit messing with the test suite methods and actually try some of the regular methods of the library. That functionality seems to work as expected. It was only a short test where I had it list UIDs and e-mails given the key ID, but it worked. This was using gnupg 2.1.8 (using libgcrypt 1.7 beta 261 I think), gpgme 1.6.0, the library files generated by Travis and hosted on the ftp server[1], and run on XUbuntu 14.04 x64. The test method I mentioned before may have failed since, from what I can tell, gnupg 2.1.8 doesn't support the ELG-E key type unless I was missing something, which is very likely. I haven't really made any significant changes to the repo[2] other than adding the files necessary to execute the Travis builds[3] and modifying the maven build to generate the source jars to allow easier debugging and source viewing in Eclipse. I'll keep playing around with it and keep everyone informed of any significant observations or developments. I've also signed all the files on the ftp server with the key used to sign this email. They have their checksums available as well and the checksums are echoed to the terminal during the Travis build in case anyone wants to verify that the hosted files are genuinely the ones created from the source by Travis. [1]ftp://blazrsoft.com/gnupg-for-java/ [2]https://github.com/HellUnit/gnupg-for-java [3]https://travis-ci.org/HellUnit/gnupg-for-java -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: https://keyserver.blazrsoft.com -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Sat Sep 19 12:15:03 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 19 Sep 2015 06:15:03 -0400 Subject: gnupg-for-java In-Reply-To: <55FAA925.1040409@guardianproject.info> References: <55EF534C.5010505@sixdemonbag.org> <55FAA925.1040409@guardianproject.info> Message-ID: <55FD35A7.1020206@sixdemonbag.org> > For the record, my work on GnuPG was largely funded by the US > Government, via the State Department/Radio Free Asia/Open Technology > Fund. So are other projects like Tor Project, Mailvelope, > crypto.cat, NoScript, and many more. I don't think that being > associated with the US Government automatically disqualifies your > contributions of free software. To repeat: I work in digital forensics. That means I come into contact with law-enforcement and intelligence agencies on a semi-regular basis. I'm not going to say which agencies, but I will say that I have friends at most of them -- people I genuinely like, whom I'll have a beer with after work. I don't see anything shameful or dubious about this, and I'm sure 95% of the GnuPG userbase shares in this. But 5% do not, would consider it to be a sign of governmental subversion of GnuPG, and they'd make a whole lot of fuss and scream and rant a lot. Look at the guy who keeps re-opening "bug" #1858 on the tracker (https://bugs.gnupg.org/gnupg/issue1858). This guy devotes that much time, effort, and anger, just to how he thinks Werner is going to get people killed for not distributing GnuPG over a TLS connection. Imagine if he were to find out I had a beer a while ago with an Air Force Office of Special Investigations nerd. Look at the guy who threatened me with axe-murder if it turned out I had any FBI involvement. http://sixdemonbag.org/threat.xhtml -- given I have friends in the FBI, oh yes, I took that one seriously, especially after he dug up my (old, no longer current) address from WHOIS records. That was the first death threat I've received. There have been more since -- I just don't publish them. There's a significant fraction of people within this community who are deeply unhinged. Most of the GnuPG userbase is composed of solid, reasonable people who are concerned about electronic privacy in the Golden Age of Surveillance -- but some are really out there. I don't want to deal with people who say, "you were a groomsman at an NSA agent's wedding" (true) "and therefore you're a Fort Meade stooge" (false) "and I'm going to scream about how the NSA has obviously subverted GnuPG" (oh, man) "AND THEN I'M GOING TO MURDER YOU WITH AN AXE AND YES I KNOW WHERE YOU LIVE" (why did I get out of bed this morning?). This is why I don't touch code. Please respect my decision. It's the best decision for GnuPG, and it's the best decision for me. From guilhem at fripost.org Sat Sep 19 17:53:54 2015 From: guilhem at fripost.org (Guilhem Moulin) Date: Sat, 19 Sep 2015 17:53:54 +0200 Subject: [HowTo] use gpg2.1 with an onion service In-Reply-To: <87io79z2bg.fsf@vigenere.g10code.de> References: <1994516.pkSrK0DZzL@localhost> <87twqt4tig.fsf@alice.fifthhorseman.net> <87io79z2bg.fsf@vigenere.g10code.de> Message-ID: <20150919155354.GA28000@localhost> On Thu, 17 Sep 2015 at 13:56:51 +0200, Werner Koch wrote: > To add this flag I need to find documentation on how to route DNS > requests via tor. A simple AAAA record lookup is not sufficient. Unfortunately this doesn't seem to be possible currently, since at the end of the circuit creation the exit node replies with a single IP and TTL [0]. (Tor is TCP-only, hence not suitable to route DNS packets; DNS resolution is left to SOCKSv5 server [the tor client], which in turns delegates it to the exit node.) There is a proposed amendment to the Tor protocol [1] to support full DNS (and DNSSEC) resolution, but the proposal is still sketchy and has never been implemented. -- Guilhem. [0] https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt section 6.2 [1] https://gitweb.torproject.org/torspec.git/tree/proposals/219-expanded-dns.txt -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: From wk at gnupg.org Fri Sep 18 09:20:28 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 18 Sep 2015 09:20:28 +0200 Subject: [HowTo] use gpg2.1 with an onion service In-Reply-To: <8737yd2haa.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Thu, 17 Sep 2015 11:32:13 -0400") References: <1994516.pkSrK0DZzL@localhost> <87twqt4tig.fsf@alice.fifthhorseman.net> <87io79z2bg.fsf@vigenere.g10code.de> <8737yd2haa.fsf@alice.fifthhorseman.net> Message-ID: <877fnoxkg3.fsf@vigenere.g10code.de> On Thu, 17 Sep 2015 17:32, dkg at fifthhorseman.net said: > to be clear, i think you want A lookups, AAAA lookups, and SRV lookups, > right? Or do we want even more than that, for example CERT records, Right. And yes, I expect CERT or OPENPGPKEY records to becode important soon. PTR lookups are probably also required. > Would it be possible to start with a --use-tor flag that implied no use > of SRV or OPENPGPKEY or anything else? then people could set that in That would be an option. The full resolver functionality is required for the pools. But for a single server we can change the code to skip all the pool stuff. > This seems to be the current state of things: Thanks for the pointers. > Another option would be use a DNS server that supports TCP, of > course. (e.g. google's 8.8.8.8 offers TCP connections) That could be In fact, all DNS servers need to support TCP for longer results. However I do not want to write my own resolver (or well, for Windows we are already use my forked ADNS). I need to look at the state of things first. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From m at mbg.pt Sat Sep 19 22:07:17 2015 From: m at mbg.pt (=?UTF-8?Q?Miguel_Barbosa_Gon=c3=a7alves?=) Date: Sat, 19 Sep 2015 21:07:17 +0100 Subject: Smartcard reader disconnects Message-ID: <55FDC075.9050707@mbg.pt> Hi! I am using a USB Shell Token v2 that I bought from KernelConcepts with a OpenPGP 2.1 smartcard. Sometimes, after doing an operation, the smartcard reader apparently disconnects and I can only get it to work if I disconnect and reconnect it. When it gets disconnected, if I try to access it, I get the following $ gpg --card-status gpg: selecting openpgp failed: ec=6.108 gpg: OpenPGP card not available: general error By the way, I am using Ubuntu 14.04 and everything works except for this. Does anyone have any idea? Cheers, Miguel From gniibe at fsij.org Mon Sep 21 09:35:11 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Mon, 21 Sep 2015 16:35:11 +0900 Subject: Smartcard reader disconnects In-Reply-To: <55FDC075.9050707@mbg.pt> References: <55FDC075.9050707@mbg.pt> Message-ID: <55FFB32F.7000006@fsij.org> Hello, On 09/20/2015 05:07 AM, Miguel Barbosa Gon?alves wrote: > Sometimes, after doing an operation, the smartcard reader apparently > disconnects and I can only get it to work if I disconnect and > reconnect it. How do you conclude that "smartcard reader apparently disconnects"? Did you see any error message or something? > When it gets disconnected, if I try to access it, I get the following > > $ gpg --card-status > gpg: selecting openpgp failed: ec=6.108 > gpg: OpenPGP card not available: general error What's the output of "lsusb" when you encounter this? Do you still see valid entry of your card reader? > By the way, I am using Ubuntu 14.04 and everything works except for this. When your 'gpg' is GnuPG 1.4.x and it's not configured using agent, it is possible that there is gpg-agent and scdaemon running with your card reader and GnuPG frontend of 'gpg' tries to access the card reader directly and fails. -- From hans at guardianproject.info Mon Sep 21 11:30:49 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Mon, 21 Sep 2015 11:30:49 +0200 Subject: How to deal with a 2nd OpenPGP Summit? In-Reply-To: <8F0B09FC6339FA439524099BFCABC11F2D45A7AE@IRVEXCHMB11.corp.ad.broadcom.com> References: <55CB3AE9.4020802@gmail.com> <8F0B09FC6339FA439524099BFCABC11F2D45A7AE@IRVEXCHMB11.corp.ad.broadcom.com> Message-ID: <55FFCE49.6010105@guardianproject.info> I've attended all manner of conferences/meetings from big to small, invite-only to open doors, expensive to free, heavily organized to improvised. I think far and away the most productive conferences for groups of 20+ people are Unconference/Barcamp/"Gunner-style" conferences, which are totally open, have no fixed agenda, and have 1-4 moderators to run the intro sections of the day where the day's agenda is created. These kinds of events have also been the most fun conferences/meetings that I've attended. What such an event does require is that people as a group have enough social skills to know when it is appropriate to talk, and also to know when it is appropriate to ask someone to stop talking until another time/place. Good moderators help a lot with that task. Then we can have focused, productive meetings without having to manage who can attend. It also takes much less pre-planning to run such an event, since the organizers do not need to work out topics, schedules, etc. Just space and overall timing (i.e. 5 rooms from 9am-6pm). I am willing to serve as a moderator, though I can't say I'm the best at it. I've helped organized and run DrupalCamp, MySQLCamp, iPhoneDevCamp, PdCon, and more. If there is a budget for this event, then Allen Gunn/Aspiration Tech could be hired to run the event. He's an excellent moderator, especially for groups of people that are unfamiliar with this format. .hc Bob (Robert) Cavanaugh: > Hi, > Just a thought: Have a "Star chamber" meeting for the technical group, invitation only. After that have a 1/2 to 1 hour session open to all where the technical people can present their progress and invite comment. This way you have a focused working session with the key people, but maintain community trust by allowing general input. > > Thanks, > > Bob Cavanaugh > >> -----Original Message----- >> From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of >> fmv1992 at gmail.com >> Sent: Wednesday, August 12, 2015 5:24 AM >> To: gnupg-users at gnupg.org; nico at enigmail.net >> Subject: Re: How to deal with a 2nd OpenPGP Summit? >> >> >>> ------------------------------ >>> >>> Message: 3 >>> Date: Wed, 12 Aug 2015 07:44:24 +0200 >>> From: "nico at enigmail.net" >>> To: GnuPG-Users >>> Subject: How to deal with a 2nd OpenPGP Summit? >>> Message-ID: <55CADD38.5030603 at enigmail.net> >>> Content-Type: text/plain; charset=utf-8 >>> >>> Hi all, >>> >>> in April 2015 we had a first OpenPGP summit. >>> It was a meeting where the technical experts of projects and tools >>> dealing with OpenPGP with a focus on email encryption met to getting >>> to know each other personally and discuss several issues. >>> For details, see e.g. >>> - https://www.gnupg.org/blog/20150426-openpgp-summit.html >>> - https://www.mailpile.is/blog/2015-04-20_OpenPGP_Email_Summit.html >>> >>> The meting initially was organized by me to bring together a few >>> guys/projects working in that area, but it became pretty big (about 30 >>> people). This caused some problems, because we had a host with limited >>> space (so I finally even had to reject some people wanting to attend). >>> >>> We also discussed there how to continue. >>> On one hand we wanted to have the meeting open so that anybody >> wanting >>> to attend could do that and to give trust by transparency. >>> On the other hand we want to be able to continue to focus on technical >>> issues (having a well signal to noise ratio) in a not-too-large group >>> of "experts". >>> We didn't find an appropriate way yet to deal with both interests. >>> >>> Now, I am about to organize a second meeting at the end of this year. >>> And I want to take the "wisdom" of this crowd to discuss this issue. >>> >>> What I currently have in mind is a meeting open to the public but with >>> some limitations (one reason is to focus the work, another is simply >>> limited space although I don't know where we can meet this time). >>> For example: >>> - Some priority for those who did attend the first meeting >>> - Some priority for "other experts", which didn't join >>> the first meeting >>> (but how do we handle that?) >>> - Some limitations that a person plays a "significant role" >>> in the community >>> - Some limitation so that a tool/project should normally >>> send only 1 or 2 guys >>> >>> The obvious other option is to open the meeting to everybody willing >>> to come, which raises a couple of risks (simply too many people, too >>> many non-experts or people who want to change the focus, ...). >>> >>> So, my questions are: >>> ===================== >>> >>> Is it OK for the public/community, if we meet in a way that is limited >>> as describe above (just for practical reasons)? >>> >>> Is it OK even if we can't promise full transparency (e.g. by video >>> taping sessions)? >>> >>> Would it even be OK, if we meet and constraint what is spoken there to >>> the Chatham House Rule (see >>> https://en.wikipedia.org/wiki/Chatham_House_Rule). >>> Some people requested that because >>> if anything they say might become public, they might or even have to >>> be careful what they say. >>> >>> Any general thoughts or proposals about how to deal with this? >>> >>> Note that I don't want to have it too complicated. >>> I organize this meeting in my free time to bring the issues of this >>> community forward. >>> And just having too many people is already a problem. >>> I need an approach I can handle. >>> Or is it better to have no meeting at all instead of a meeting with >>> some limitations? >>> >>> Best >>> Nico >>> >> >> Dear Nico, >> >> I think you are trying to achieve a compromise that is not possible. If I >> understood correctly you are trying to reconcile developers interest with >> layman's enthusiasm. I myself belong to the second group. >> A good idea would be to organize one event for the developers and another >> open event so everyone can join. Then I think everybody would be happy. >> Note that some overlap between groups is expected and healthy for the >> community. >> >> Kind regards, >> >> -- >> Felipe Martins Vieira >> Public PGP key: http://pgp.surfnet.nl >> Key Fingerprint: 9640 F192 63DA D637 6750 AC08 7BCA 19BB 0E69 E45D > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 From nix at esperi.org.uk Mon Sep 21 13:58:17 2015 From: nix at esperi.org.uk (Nix) Date: Mon, 21 Sep 2015 12:58:17 +0100 Subject: gpg invocation on machines sharing an NFS-mounted $HOME totally broken with 2.1 (was Re: agent forwarding (via ssh)...) In-Reply-To: <87k2rkm1y3.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 12:44:36 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> Message-ID: <87fv28m1ba.fsf@esperi.org.uk> On 21 Sep 2015, nix at esperi.org.uk told this: > The underying problem here is that Unix-domain sockets with a fixed name > and shared filesystems are simply not compatible concepts, because > AF_UNIX bind() always creates a new file so any given socket can only be > used in one machine in a cluster at once, even though AF_UNIX sockets > are purely local. Because of this, gpg 2.1 *has* to grow back an option > to allow its agent socket to be moved, either to a different path or to > a machine-unique name (preferably the former, it's less messy), or gpg > agent forwarding will forever be hopeless on machines with NFS-mounted > $HOMEs. It's even worse than that. Just *attempting* to do a GPG operation, even if it's bound to fail because no agent forwarding is in place, will autostart an agent and break the agent connection on the original machine, destroying the world in fire. nix at mutilate 213 /home/nix% gpg-connect-agent /bye gpg-connect-agent: no running gpg-agent - starting '/usr/bin/gpg-agent' gpg-connect-agent: waiting for the agent to come up ... (5s) gpg-connect-agent: connection to agent established nix at mutilate 214 /home/nix% ls -li .gnupg/S.gpg-agent* 529 srwxr-xr-x 1 nix users 0 Sep 21 12:53 .gnupg/S.gpg-agent 537 srwxr-xr-x 1 nix users 0 Sep 21 12:53 .gnupg/S.gpg-agent.ssh nix at mutilate 215 /home/nix% gpg --card-status Application ID ...: D2760001240102000006036395400000 Version ..........: 2.0 Manufacturer .....: Yubico [...] nix at mutilate 216 /home/nix% ssh spindle gpg --card-status gpg: selecting openpgp failed: Card error gpg: OpenPGP card not available: Card error nix at mutilate 217 /home/nix% ls -li .gnupg/S.gpg-agent* 371 srwxr-xr-x 1 nix users 0 Sep 21 12:55 .gnupg/S.gpg-agent 498 srwxr-xr-x 1 nix users 0 Sep 21 12:55 .gnupg/S.gpg-agent.ssh # oops! nix at mutilate 218 /home/nix% gpg --card-status gpg: selecting openpgp failed: Card error gpg: OpenPGP card not available: Card error We are now in serious trouble -- gpg-agent cannot do anything, and half the time it's wedged so hard only kill -9 will get rid of it. -- NULL && (void) From nix at esperi.org.uk Mon Sep 21 13:44:36 2015 From: nix at esperi.org.uk (Nix) Date: Mon, 21 Sep 2015 12:44:36 +0100 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME Message-ID: <87k2rkm1y3.fsf@esperi.org.uk> So I have a 2.0 installation I'm trying to get up to 2.1, taking advantage of the opportunity given by sticking my GPG key on a smartcard and using it for SSH authentication. Everything is going smoothly, the smartcard part is working fine, but unfortunately the fixed path used for the GPG agent in 2.1 is having catastrophically bad effects on agent forwarding when used in conjunction with an NFS-mounted $HOME. The old model was simple: SSH simply had to create a randomly named socket somewhere (under /tmp and only readable by the user, so as secure as these things get, and guaranteed to be on a single machine), point GPG at it, and forward all requests. This just worked. In GPG 2.1... well, obviously I want my $HOME/.gnupg to be NFS-mounted, so that no matter what machine in the cluster I am on they all see the same keyrings, trustdb etc. The dotlocking means that this should work fine even in the presence of simultaneous gnupg invocations on different machines, and indeed in 2.0 it did. But in 2.1... ... the problem is that the gnupg socket is an unvarying $GNUPG_HOME/S.gpg-agent, but you cannot bind() to a Unix-domain socket that already has an existing file associated with it in the filesystem. SSH has an option to hack around this -- StreamLocalBindUnlink -- but using it is disastrous if $GNUPG_HOME is NFS-shared, because the first time it kicks in on ssh, the socket is removed and recreated, and since the filesystem is shared this happens on *all* machines sharing the NFS mount, breaking the communication channel the real GPG agent is using to communicate! The underying problem here is that Unix-domain sockets with a fixed name and shared filesystems are simply not compatible concepts, because AF_UNIX bind() always creates a new file so any given socket can only be used in one machine in a cluster at once, even though AF_UNIX sockets are purely local. Because of this, gpg 2.1 *has* to grow back an option to allow its agent socket to be moved, either to a different path or to a machine-unique name (preferably the former, it's less messy), or gpg agent forwarding will forever be hopeless on machines with NFS-mounted $HOMEs. Or so it seems to me. At least, I've been trying for a day and a half and made no progress. (The --extra-socket option is still worthwhile to provide a forwarding target, because you *do* want to restrict what a remote machine can ask your agent to do. It's just not enough to make things work.) (this message not signed because, well, I'd be using my smartcard signing key, and my Emacs is on a different machine... so this bug stops me! :/ ) -- NULL && (void) From nix at esperi.org.uk Mon Sep 21 14:42:28 2015 From: nix at esperi.org.uk (Nix) Date: Mon, 21 Sep 2015 13:42:28 +0100 Subject: gpg invocation on machines sharing an NFS-mounted $HOME totally broken with 2.1 (was Re: agent forwarding (via ssh)...) In-Reply-To: <87fv28m1ba.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 12:58:17 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> <87fv28m1ba.fsf@esperi.org.uk> Message-ID: <87bncwlz9n.fsf@esperi.org.uk> On 21 Sep 2015, nix at esperi.org.uk verbalised: > We are now in serious trouble -- gpg-agent cannot do anything, and half > the time it's wedged so hard only kill -9 will get rid of it. A terrible, hacky workaround is to change *_SOCK_NAME in configure.ac to place all the sockets in a new subdirectory of .gnupg (I called it 'sockets') and then have the boot process populate a subdirectory of /run with per-user directories readable only by the local user and create the sockets directory as a symlink to that. I did this just to verify that my diagnosis was correct. It is: once the Unix-domain sockets are on a local filesystem, and deletion of one of them does not conflict with everyone else's instance, then the gpg-agent extra-socket setup and the whole dance with "ssh -o StreamLocalBindUnlink=yes -R $HOME/.gnupg/sockets/S.gpg-agent:$HOME/.gnupg/sockets/S.gpg-extra-agent" works as intended, even when $HOME is NFS-mounted. (And indeed, the --card-status I was using as a testcase reports 'Forbidden', indicating that the connection is being forwarded over the agent successfully.) But you *do* need to jump through these hoops first, to get the sockets onto a local filesystem even if the $GNUPGHOME is NFS-shared. This is probably more hoops than we should ask users to jump through... -- NULL && (void) From nix at esperi.org.uk Mon Sep 21 15:04:31 2015 From: nix at esperi.org.uk (Nix) Date: Mon, 21 Sep 2015 14:04:31 +0100 Subject: gpg invocation on machines sharing an NFS-mounted $HOME totally broken with 2.1 (was Re: agent forwarding (via ssh)...) In-Reply-To: <87bncwlz9n.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 13:42:28 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> <87fv28m1ba.fsf@esperi.org.uk> <87bncwlz9n.fsf@esperi.org.uk> Message-ID: <877fnjnctc.fsf@esperi.org.uk> On 21 Sep 2015, nix at esperi.org.uk stated: > On 21 Sep 2015, nix at esperi.org.uk verbalised: > >> We are now in serious trouble -- gpg-agent cannot do anything, and half >> the time it's wedged so hard only kill -9 will get rid of it. > > A terrible, hacky workaround is to change *_SOCK_NAME in configure.ac to > place all the sockets in a new subdirectory of .gnupg (I called it > 'sockets') and then have the boot process populate a subdirectory of > /run with per-user directories readable only by the local user and I mean, obviously, 'readable only by that user and a local filesystem'. I shouldn't try to compose mails on zero minutes sleep... :/ -- NULL && (void) From wk at gnupg.org Mon Sep 21 15:06:58 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 21 Sep 2015 15:06:58 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <87k2rkm1y3.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 12:44:36 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> Message-ID: <87d1xbsyz1.fsf@vigenere.g10code.de> On Mon, 21 Sep 2015 13:44, nix at esperi.org.uk said: > catastrophically bad effects on agent forwarding when used in > conjunction with an NFS-mounted $HOME. I know that it is not yet well documented, but thre is a solution for remote file systems which do not allow for special files. You create a plain file ~/.gnupg/S.gpg-agent with this content: --8<---------------cut here---------------start------------->8--- %Assuan% socket=NAME --8<---------------cut here---------------end--------------->8--- Where NAME is the actual socket to use. No white spaces are allowed, both lines must be terminated by a single linefeed, and extra lines are not allowed. Environment variables are interpreted in NAME if given in '${VAR}' notation. No escape characters are defined; if the string '${' needs be used in file name, an environment variable with that content may be used. The length of the redirection file is limited to 511 bytes which is more than sufficient for any known implementation of Unix domain sockets. This works for all GnUPG sockets as long as you use at least Libassuan 2.2.0 Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Sep 21 15:12:50 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 21 Sep 2015 15:12:50 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <87k2rkm1y3.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 12:44:36 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> Message-ID: <878u7zsyp9.fsf@vigenere.g10code.de> Hi just for reference, this is the original report: https://bugs.gnupg.org/gnupg/issue1752 Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From nix at esperi.org.uk Mon Sep 21 18:49:06 2015 From: nix at esperi.org.uk (Nix) Date: Mon, 21 Sep 2015 17:49:06 +0100 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <87d1xbsyz1.fsf@vigenere.g10code.de> (Werner Koch's message of "Mon, 21 Sep 2015 15:06:58 +0200") References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> Message-ID: <876133ra4d.fsf@esperi.org.uk> On 21 Sep 2015, Werner Koch spake thusly: > On Mon, 21 Sep 2015 13:44, nix at esperi.org.uk said: > >> catastrophically bad effects on agent forwarding when used in >> conjunction with an NFS-mounted $HOME. > > I know that it is not yet well documented, but thre is a solution for > remote file systems which do not allow for special files. Excellent! My google-fu is obviously weak, since I didn't find bug 1752 even though it explicitly mentioned nfs in its title. (It's not that the fs doesn't allow for special files -- it's that it's distributed, but the semantics of AF_UNIX socket creation assume that it isn't.) > You create a plain file ~/.gnupg/S.gpg-agent with this content: > > %Assuan% > socket=NAME > > Where NAME is the actual socket to use. No white spaces are allowed, > both lines must be terminated by a single linefeed, and extra lines are > not allowed. Environment variables are interpreted in NAME if given in > '${VAR}' notation. Useful! ... though this seems more likely to be *used* if it applied to all assuan sockets at once, rather than one at a time. (A good start on that would be to define an escape which expands to the basename of the file itself, so you can just copy one file repeatedly to handle the common case of moving the file to a different directory but leaving its name the same, rather than having to modify each one to put its own name in it.) It seems to work much better now, though of course only assuan can follow these links, so your SSH_AUTH_SOCK has to point at wherever you pointed them, as does your ssh agent forwarding. > No escape characters are defined; if the string '${' > needs be used in file name, an environment variable with that content > may be used. Anyone actually doing *that* needs their head examined, but at least it's allowed for! :) -- NULL && (void) From edivya.vyas at gmail.com Tue Sep 22 03:39:09 2015 From: edivya.vyas at gmail.com (Divya Vyas) Date: Tue, 22 Sep 2015 07:09:09 +0530 Subject: MD5 BAD Expected : extended by two extra zeros Message-ID: Hi, root at host:~# gpg --list-keys gpg: /home/root/.gnupg/trustdb.gpg: trustdb created root at host:~# rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n' package gpg-pubkey is not installed I dont have the keys installed on my host. Why rpm command is saying root at host:~# rpm -K -v pth-2.0.7-r3.1.x86_64.rpm pth-2.0.7-r3.1.x86_64.rpm: Header V4 RSA/SHA1 signature: OK, key ID 8b5cccb3 Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea) MD5 digest: BAD Expected(bdaefdc3ddfd1c4ab4fabdd48c117fb800) != (bdaefdc3ddfd1c4ab4fabdd48c117fb8) I am signing my rpms on target with key id 8b5cccb3 and copying to host. How md5 appended to extended zeros. @target rpm -K -v pth-2.0.7-r3.1.x86_64.rpm pth-2.0.7-r3.1.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea) V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK MD5 digest: OK (bdaefdc3ddfd1c4ab4fabdd48c117fb8) -------------- next part -------------- An HTML attachment was scrubbed... URL: From ndk.clanbo at gmail.com Tue Sep 22 06:33:21 2015 From: ndk.clanbo at gmail.com (NdK) Date: Tue, 22 Sep 2015 06:33:21 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <87d1xbsyz1.fsf@vigenere.g10code.de> References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> Message-ID: <5600DA11.8010609@gmail.com> Il 21/09/2015 15:06, Werner Koch ha scritto: > You create a plain file ~/.gnupg/S.gpg-agent with this content: Why isn't the hostname included in file name? This way shared filesystems would have no problems.. BYtE, Diego From wk at gnupg.org Tue Sep 22 08:56:28 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 22 Sep 2015 08:56:28 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <5600DA11.8010609@gmail.com> (NdK's message of "Tue, 22 Sep 2015 06:33:21 +0200") References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> <5600DA11.8010609@gmail.com> Message-ID: <87mvwfosbn.fsf@vigenere.g10code.de> On Tue, 22 Sep 2015 06:33, ndk.clanbo at gmail.com said: > Why isn't the hostname included in file name? This way shared > filesystems would have no problems.. To include the hostname, see my other reply or check out the wiki. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Sep 22 09:04:13 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 22 Sep 2015 09:04:13 +0200 Subject: MD5 BAD Expected : extended by two extra zeros In-Reply-To: (Divya Vyas's message of "Tue, 22 Sep 2015 07:09:09 +0530") References: Message-ID: <87eghroryq.fsf@vigenere.g10code.de> On Tue, 22 Sep 2015 03:39, edivya.vyas at gmail.com said: > root at host:~# rpm -K -v pth-2.0.7-r3.1.x86_64.rpm > pth-2.0.7-r3.1.x86_64.rpm: > Header V4 RSA/SHA1 signature: OK, key ID 8b5cccb3 > Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea) > MD5 digest: BAD Expected(bdaefdc3ddfd1c4ab4fabdd48c117fb800) != > (bdaefdc3ddfd1c4ab4fabdd48c117fb8) > > I am signing my rpms on target with key id 8b5cccb3 and copying to host. > How md5 appended to extended zeros. I suggest to ask the RPM developers. This has nothing to do with GnuPG. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Sep 22 09:00:38 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 22 Sep 2015 09:00:38 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <876133ra4d.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Mon, 21 Sep 2015 17:49:06 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> <876133ra4d.fsf@esperi.org.uk> Message-ID: <87io73os4p.fsf@vigenere.g10code.de> On Mon, 21 Sep 2015 18:49, nix at esperi.org.uk said: > (It's not that the fs doesn't allow for special files -- it's that it's > distributed, but the semantics of AF_UNIX socket creation assume that it > isn't.) Depends on the file system. At least some NFS versions don't allow special files at all. > Useful! ... though this seems more likely to be *used* if it applied to > all assuan sockets at once, rather than one at a time. That would require a lot of changes. The redirect file approach is mostly a wrapper and works transparently on the client site. > It seems to work much better now, though of course only assuan can > follow these links, so your SSH_AUTH_SOCK has to point at wherever you > pointed them, as does your ssh agent forwarding. Right, but you have to set SSH_AUTH_SOCK yourself anyway. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From marcus.ilgner at gmail.com Tue Sep 22 08:51:17 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Tue, 22 Sep 2015 06:51:17 +0000 Subject: Decryption fails with 4096bit key on SmartCard Message-ID: Hello all, I've been using GnuPG for some time now and recently became the proud owner of a NitroKey hardware dongle which includes a SmartCard for key storage. This was straightforward to set up and I created separate subkeys (4096 bit) for encryption, signing and authentication and moved them to the card. And while encrypting and signing works fine, I just received a mail that has been encrypted for the new key and found that I cannot decrypt it. My GnuPG version is gpg (GnuPG) 2.1.8, libgcrypt 1.6.4 (i.e. current versions in Arch Linux) and the output is: gpg: public key decryption failed: Missing item in object gpg: decryption failed: No secret key I found a very old discussion here https://www.nitrokey.com/forum/viewtopic.php?f=13&t=1145 which seems to discuss the same problem but as it's already a couple of years old I assume that it has been solved in the meantime. Otherwise I find it very odd that GPG would let me even move the key to the card without saying something like "If you do that, you won't be able to decrypt messages...". If there's anything I can do, including debugging and other development-related things, let me know, I really want to get this to work :) All the best Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Tue Sep 22 11:08:20 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 22 Sep 2015 11:08:20 +0200 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: (Marcus Ilgner's message of "Tue, 22 Sep 2015 06:51:17 +0000") References: Message-ID: <8737y6q0sb.fsf@vigenere.g10code.de> On Tue, 22 Sep 2015 08:51, marcus.ilgner at gmail.com said: > gpg: public key decryption failed: Missing item in object > gpg: decryption failed: No secret key This is probably in scdaemon. Thus you should add --8<---------------cut here---------------start------------->8--- log-file SOMEFILE verbose debug ipc,cardio --8<---------------cut here---------------end--------------->8--- into scdaemon.conf, "gpgconf --kill scdaemon", and watch out for the error message in the log file. This likely an error code 0x6a88 from the card, we need to see the commands prior to that. Take care that you redact the PIN in the log file. > https://www.nitrokey.com/forum/viewtopic.php?f=13&t=1145 which seems to > discuss the same problem but as it's already a couple of years old I assume That is not related. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From marcus.ilgner at gmail.com Tue Sep 22 11:30:31 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Tue, 22 Sep 2015 09:30:31 +0000 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: <8737y6q0sb.fsf@vigenere.g10code.de> References: <8737y6q0sb.fsf@vigenere.g10code.de> Message-ID: Hi Werner, thank you for the quick reply, it's much appreciated! On Tue, 22 Sep 2015 at 11:10 Werner Koch wrote: > On Tue, 22 Sep 2015 08:51, marcus.ilgner at gmail.com said: > > > gpg: public key decryption failed: Missing item in object > > gpg: decryption failed: No secret key > > This is probably in scdaemon. Thus you should add > [...] > into scdaemon.conf, "gpgconf --kill scdaemon", and watch out for the > error message in the log file. This likely an error code 0x6a88 from > the card, we need to see the commands prior to that. Take care that you > redact the PIN in the log file. > You're right, there is a response 0x6A88 there - not that I know what that means :D Here you can find the full log: https://gist.github.com/milgner/b823685c8a5960f1f13b Thanks for mentioning the PIN, I might have overlooked it in the hex dump :) > https://www.nitrokey.com/forum/viewtopic.php?f=13&t=1145 which seems to > > discuss the same problem but as it's already a couple of years old I > assume > > That is not related. > Good to know :) Let me know if there's anything else I can do to assist in solving the problem. All the best Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewg at andrewg.com Tue Sep 22 14:08:35 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Tue, 22 Sep 2015 13:08:35 +0100 Subject: Problem with unix socket forwarding Message-ID: <560144C3.1040804@andrewg.com> Hi, all. I've been trying to get gpg-agent forwarding working between my laptop and a remote VM. Using the new unix socket forwarding in openssh 6.7, I have defined the following script: ssh -R /home/andrewg/.gnupg/S.gpg-agent:$( echo $GPG_AGENT_INFO | sed 's/:.*//g' ) -o "ControlMaster=no" -o "ControlPath=no" -o "StreamLocalBindUnlink=yes" $* gpg-agent on the VM indicates that the socket is live, but gpg2 reports no private keys available. I have one local and one smartcard private key working perfectly on the laptop (see below). Anyone know where I'm going wrong? On a side note, the option StreamLocalBindUnlink=yes appears to do nothing, meaning I'm constantly having to rm .gnupg/S.gpg-agent - any help with that would also be appreciated. ;-) Thanks in advance, Andrew. agallagher at itchy:~$ gpg2 --list-secret-keys /home/agallagher/.gnupg/secring.gpg ----------------------------------- sec 2048R/0xD5BF93B014A49700 2013-03-14 [expires: 2018-03-14] Key fingerprint = FB29 3A52 9FEB 41D7 B7C8 7B49 D5BF 93B0 14A4 9700 uid Andrew Gallagher ssb 2048R/0xACB387E2BD11B295 2013-03-14 ssb 2048R/0xDE32C1F5C819C504 2013-10-23 sec# 4096R/0xFB73E21AF1163937 2013-07-02 [expires: 2017-01-20] Key fingerprint = 00CC 54C6 A0C6 0169 1AF4 931F FB73 E21A F116 3937 uid Andrew Gallagher uid Andrew Gallagher uid Andrew Gallagher uid [jpeg image of size 18803] ssb> 4096R/0x6B09069314549D4B 2013-07-02 ssb> 4096R/0x5C1EC404D5906629 2015-04-26 ssb> 4096R/0x85FDF561DA8C0C46 2015-04-26 agallagher at itchy:~$ gpgforward nex No mail. Last login: Mon Sep 21 15:16:26 2015 from itchy andrewg at xen:~$ gpg-agent gpg-agent: gpg-agent running and available andrewg at xen:~$ gpg2 --list-secret-keys andrewg at xen:~$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Tue Sep 22 15:07:28 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 22 Sep 2015 22:07:28 +0900 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: References: <8737y6q0sb.fsf@vigenere.g10code.de> Message-ID: <1442927248.12719.1.camel@fsij.org> On 2015-09-22 at 09:30 +0000, Marcus Ilgner wrote: > Here you can find the full > log: https://gist.github.com/milgner/b823685c8a5960f1f13b Thank you for the dump. There are fingerprints and timestamps registered on the card. But, it failed decryption with "No Record". Usually, it means there is no key on the card. Well, it's inconsistent. After writing private key onto the card, fingerprint and timestamp are registered. What's the output of 'gpg --card-status'? By invoking 'gpg --card-status', scdaemon tries to access public key on card. If it fails, I think that there were some troubles when you wrote decryption key onto card (but it proceeded without notifying the error, thus, having fingerprint and timestamps for decryption key, perhaps). I think that it's worth a try to run scdaemon with disable-ccid flag. Please include a line: =============== .gnupg/scdaemon.conf disable-ccid =============== It disables internal CCID driver and use PC/SC. If it works, there is some bug in internal CCID driver. -- From marcus.ilgner at gmail.com Tue Sep 22 15:26:11 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Tue, 22 Sep 2015 13:26:11 +0000 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: <1442927248.12719.1.camel@fsij.org> References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> Message-ID: Thank you for the hint. I updated the gist at https://gist.github.com/milgner/b823685c8a5960f1f13b to include both the output of `gpg --card-status` (which works fine) as well as the log for trying to decrypt with CCID disabled in scdaemon.conf (which unfortunately it yields the same error as before). I don't know enough about the workings on the chip to make any guess about possible origins of the error but I would have thought that all data stems from the secret key? I.e. the key is moved to the card in full and the blinded/public key as well as the fingerprints are derived from it there? Also I did not receive any errors before, all other operations seem to work fine. So, again, thanks for helping to investigate! I hope we can find a solution to this :) All the best Marcus On Tue, 22 Sep 2015 at 15:07 NIIBE Yutaka wrote: > On 2015-09-22 at 09:30 +0000, Marcus Ilgner wrote: > > Here you can find the full > > log: https://gist.github.com/milgner/b823685c8a5960f1f13b > > Thank you for the dump. There are fingerprints and timestamps > registered on the card. But, it failed decryption with "No Record". > Usually, it means there is no key on the card. > > Well, it's inconsistent. After writing private key onto the card, > fingerprint and timestamp are registered. > > What's the output of 'gpg --card-status'? > > By invoking 'gpg --card-status', scdaemon tries to access public key > on card. If it fails, I think that there were some troubles when you > wrote decryption key onto card (but it proceeded without notifying the > error, thus, having fingerprint and timestamps for decryption key, > perhaps). > > I think that it's worth a try to run scdaemon with disable-ccid flag. > Please include a line: > > =============== .gnupg/scdaemon.conf > disable-ccid > =============== > > It disables internal CCID driver and use PC/SC. If it works, there > is some bug in internal CCID driver. > -- > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From kristian.fiskerstrand at sumptuouscapital.com Tue Sep 22 16:28:09 2015 From: kristian.fiskerstrand at sumptuouscapital.com (Kristian Fiskerstrand) Date: Tue, 22 Sep 2015 16:28:09 +0200 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> Message-ID: <56016579.5050801@sumptuouscapital.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 09/22/2015 03:26 PM, Marcus Ilgner wrote: > > So, again, thanks for helping to investigate! I hope we can find a > solution to this :) > Not following this thread too closely, but I couldn't see any debug output of the actual failed decryption - you likely want to verify that it is encrypted to the public key you expect it to and not another subkey that currently isn't available on the computer, this often happens when correspondents fails to refresh their keyring regularly and you update the setup. - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- "Don't be afraid to go out on a limb. That's where the fruit is." (H. Jackson Browne) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJWAWV1AAoJECULev7WN52F+XEIAIfnfiwKYKDzKx0O2E/Jns0C VamRxnJtqhv7dvKWx4XzYO2e/ZT+mEk4suv12a3KlpfzFA1sVKYxjkCkXkjVAR4L Dkf6eYYLIL8rDw/A8eM+svmKqdeF6aJDa1EAJJfdf087TFV+P0Z25PKYBkIMDrWK y0uHgL/8FV6aiLARKWkTDsWE4wsyyEw6ijx+TXGyzGfMtz1w/emYE1Cf4HrRdRmA 9KbJns/P3VLWcUrm/DKHXWRERlYKQMxr6GFZWFeJRlqX1CDxobr7F38Pfe4pUMwp 8lnwXaVXdDD+Za03DxWOlXToV5UCAUshsLVwtaOd1oY6GLsmAaofRurBp6HedKU= =CBle -----END PGP SIGNATURE----- From marcus.ilgner at gmail.com Tue Sep 22 16:34:13 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Tue, 22 Sep 2015 14:34:13 +0000 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: <56016579.5050801@sumptuouscapital.com> References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> <56016579.5050801@sumptuouscapital.com> Message-ID: On Tue, 22 Sep 2015 at 16:30 Kristian Fiskerstrand < kristian.fiskerstrand at sumptuouscapital.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 09/22/2015 03:26 PM, Marcus Ilgner wrote: > > > > > So, again, thanks for helping to investigate! I hope we can find a > > solution to this :) > > > > Not following this thread too closely, but I couldn't see any debug > output of the actual failed decryption - you likely want to verify > that it is encrypted to the public key you expect it to and not > another subkey that currently isn't available on the computer, this > often happens when correspondents fails to refresh their keyring > regularly and you update the setup. > You're right, of course, but I checked that first. The output of `gpg --decrypt` is [...] gpg: encrypted with 4096-bit RSA key, ID E3AE1976, created 2015-09-18 [...] which is one of the key ids also reported by `gpg --card-status`. All the best Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewg at andrewg.com Tue Sep 22 16:47:05 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Tue, 22 Sep 2015 15:47:05 +0100 Subject: Enigmail and =?UTF-8?B?cOKJoXAgYXJlIHRvZ2V0aGVyIGZvciBkZXZlbA==?= =?UTF-8?B?b3BpbmcgRW5pZ21haWwvcOKJoXA=?= Message-ID: <560169E9.7080901@andrewg.com> > For this purpose p?p is offering the possibility to > encrypt without any user interaction needed like managing keys. So how do you perform out of band verification? Or is it just TOFU? Andrew. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From darwinskernel at gmail.com Tue Sep 22 17:07:22 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Tue, 22 Sep 2015 11:07:22 -0400 Subject: default-ttl not honoured Message-ID: <20150922150722.GA3664@sony> hello, this is my gpg-agent.conf: allow-preset-passphrase default-cache-ttl 31536000 this has stopped working! i'm getting asked for password every 20 minutes or so. anyone else hitting this bug? hopefully i don't have to go: "Oh, shit! Swamp leeches. Everybody, check for swamp leeches, and pull them off... Nobody else got hit? I'm the only one? What's the deal?" sgt From darwinskernel at gmail.com Tue Sep 22 17:13:38 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Tue, 22 Sep 2015 11:13:38 -0400 Subject: unlock keychain with pam authentication Message-ID: <20150922151338.GB3664@sony> hello again, been looking for a solution to get gpg dance nicely with pam in the sense that once a user authenticated in keychain is unlocked. that is to have one central authentication that lasts for the duration of the user's session. well, no luck so far; any ideas? sgt. From neal at walfield.org Tue Sep 22 19:39:53 2015 From: neal at walfield.org (Neal H. Walfield) Date: Tue, 22 Sep 2015 19:39:53 +0200 Subject: default-ttl not honoured In-Reply-To: <20150922150722.GA3664@sony> References: <20150922150722.GA3664@sony> Message-ID: <87wpviz72u.wl-neal@walfield.org> Hi, At Tue, 22 Sep 2015 11:07:22 -0400, SGT. Garcia wrote: > > hello, > this is my gpg-agent.conf: > > allow-preset-passphrase > default-cache-ttl 31536000 > > this has stopped working! i'm getting asked for password every 20 minutes or so. > anyone else hitting this bug? hopefully i don't have to go: What version of gpg / gpg-agent are you using? Thanks, Neal From darwinskernel at gmail.com Tue Sep 22 17:21:23 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Tue, 22 Sep 2015 11:21:23 -0400 Subject: default-ttl not honoured In-Reply-To: <20150922150722.GA3664@sony> References: <20150922150722.GA3664@sony> Message-ID: <20150922152123.GC3664@sony> forgot to include info! Linux 4.2.0 #1 SMP PREEMPT x86_64 GNU/Linux [Exherbo] sys-libs/glibc-2.22 sys-libs/ncurses-6.0 [ncurses-5 had the same problem] app-crypt/gnupg-2.1.7 sgt. From darwinskernel at gmail.com Tue Sep 22 19:50:01 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Tue, 22 Sep 2015 13:50:01 -0400 Subject: default-ttl not honoured In-Reply-To: <87wpviz72u.wl-neal@walfield.org> References: <20150922150722.GA3664@sony> <87wpviz72u.wl-neal@walfield.org> Message-ID: <20150922175001.GD3664@sony> On Tue, Sep 22, 2015 at 07:39:53PM +0200, Neal H. Walfield wrote: > Hi, > > At Tue, 22 Sep 2015 11:07:22 -0400, > SGT. Garcia wrote: > > > > hello, > > this is my gpg-agent.conf: > > > > allow-preset-passphrase > > default-cache-ttl 31536000 > > > > this has stopped working! i'm getting asked for password every 20 minutes or so. > > anyone else hitting this bug? hopefully i don't have to go: > > What version of gpg / gpg-agent are you using? > > Thanks, > > Neal app-crypt/gnupg::installed 2.1.7 {:0} sgt. From nix at esperi.org.uk Tue Sep 22 20:06:01 2015 From: nix at esperi.org.uk (Nix) Date: Tue, 22 Sep 2015 19:06:01 +0100 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <87io73os4p.fsf@vigenere.g10code.de> (Werner Koch's message of "Tue, 22 Sep 2015 09:00:38 +0200") References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> <876133ra4d.fsf@esperi.org.uk> <87io73os4p.fsf@vigenere.g10code.de> Message-ID: <874mim8h2u.fsf@esperi.org.uk> On 22 Sep 2015, Werner Koch said: > On Mon, 21 Sep 2015 18:49, nix at esperi.org.uk said: > >> (It's not that the fs doesn't allow for special files -- it's that it's >> distributed, but the semantics of AF_UNIX socket creation assume that it >> isn't.) > > Depends on the file system. At least some NFS versions don't allow > special files at all. > >> Useful! ... though this seems more likely to be *used* if it applied to >> all assuan sockets at once, rather than one at a time. > > That would require a lot of changes. The redirect file approach is > mostly a wrapper and works transparently on the client site. > >> It seems to work much better now, though of course only assuan can >> follow these links, so your SSH_AUTH_SOCK has to point at wherever you >> pointed them, as does your ssh agent forwarding. > > Right, but you have to set SSH_AUTH_SOCK yourself anyway. Indeed. Of course, what to set it *to* is another problem. As I learned just now, the whole "pinentry run from gpg agent in its ssh-agent disguise" thing implodes in chaos if the user under whom you are running ssh-add is not the same as the one gpg-agent is running as: perhaps it's on a different machine (access X through an SSH tunnel) or at the very least on a different TTY. If it were the same user, you could run "gpg-connect-agent updatestartuptty /bye" (which I am now running at every interactive shell invocation in a desperate attempt to make things work) -- but you can't because that is not allowed over a restricted/remote connection and because gpg-agent almost certainly can't access the other user's TTY or proxied DISPLAY anyway -- it wants the *original* DISPLAY, or more likely it wants a GPG-written replacement for ssh-add which uses libassuan and thus can ask for the passphrase as the right user on the right machine. btw, because I can't figure out how to add comments to bugs I didn't open: I can confirm issue 2053. Without --disable-ccid, or with an exclusive open of pcscd (from pcsc-lite 1.8.14 with the autospawn code hacked back in because not everyone in the whole world can rely on systemd to do that for them), scdaemon gets itself into a terrible tangle after very simple operations with a dual-form device such as the Yubikey. e.g. this is a 100% reproducer for me: nix at mutilate 1 /home/nix% ssh-add -l 2048 SHA256:QQPl0xOGzqRa6PIUvshzRYaUoSJxjyxU9MreFRCw+DY cardno:000603639540 (RSA) # at this point, the agent is working. Let's do something that uses the # Yubikey in OTP mode, like a su to myself and then an exit. nix at mutilate 2 /home/nix% su - nix YubiKey for `nix': nix at mutilate 3 /home/nix% gpg --card-status gpg: selecting openpgp failed: Conflicting use gpg: OpenPGP card not available: Conflicting use # Oh dear. Worse yet, ssh-add doesn't know about this problem so it's as # if the smartcard keys have just silently vanished: nix at mutilate 5 /home/nix% ssh-add -l The agent has no identities. Following this, the agent is fubared. gpg-agent is so stuck it has to be kill -9ed and isn't even waiting for dead children anymore, though the backtrace is not much help (I got backtraces of all three and they're all chatting to each other via libassuan, that's all: it's probably a deadlock somewhere since they all appear to be waiting for responses from each other). I've seen this after a few dozen attempts when doing nothing but smartcard ssh-agent operations -- a dual-form device is not *necessary*, it's just that using one seems to be a way to trigger the problem reliably. (Also it's the only smartcard I've got.) With a non-exclusive open, this problem does not go away, but it becomes radically less frequent. -- NULL && (void) From wk at gnupg.org Tue Sep 22 21:23:29 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 22 Sep 2015 21:23:29 +0200 Subject: gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME In-Reply-To: <874mim8h2u.fsf@esperi.org.uk> (nix@esperi.org.uk's message of "Tue, 22 Sep 2015 19:06:01 +0100") References: <87k2rkm1y3.fsf@esperi.org.uk> <87d1xbsyz1.fsf@vigenere.g10code.de> <876133ra4d.fsf@esperi.org.uk> <87io73os4p.fsf@vigenere.g10code.de> <874mim8h2u.fsf@esperi.org.uk> Message-ID: <8737y6mf66.fsf@vigenere.g10code.de> On Tue, 22 Sep 2015 20:06, nix at esperi.org.uk said: > btw, because I can't figure out how to add comments to bugs I didn't > open: I can confirm issue 2053. Without --disable-ccid, or with an Let me know your user name and I give you full access. We usually do this after the first bug report. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Tue Sep 22 23:38:05 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 22 Sep 2015 17:38:05 -0400 Subject: Keyserver lookup failure, redux Message-ID: <5601CA3D.20109@sixdemonbag.org> Back in February I reported a bug that was preventing GnuPG 2.1.2 from being able to look up certificates on the keyservers: https://lists.gnupg.org/pipermail/gnupg-users/2015-February/052567.html I just looked at it again. 2.1.8 still has the same bug. Is there an idea for how to fix this? From bernhard at intevation.de Wed Sep 23 10:01:09 2015 From: bernhard at intevation.de (Bernhard Reiter) Date: Wed, 23 Sep 2015 10:01:09 +0200 Subject: Problem with unix socket forwarding In-Reply-To: <560144C3.1040804@andrewg.com> References: <560144C3.1040804@andrewg.com> Message-ID: <201509231001.10853.bernhard@intevation.de> On Tuesday 22 September 2015 at 14:08:35, Andrew Gallagher wrote: > Anyone know where I'm going wrong? You could try enabling more diagnosis output and check it to see if you are talking to right gpg-agent. Bernhard -- www.intevation.de/~bernhard (CEO) www.fsfe.org (Founding GA Member) Intevation GmbH, Osnabr?ck, Germany; Amtsgericht Osnabr?ck, HRB 18998 Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Wed Sep 23 10:08:31 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 23 Sep 2015 10:08:31 +0200 Subject: Keyserver lookup failure, redux In-Reply-To: <5601CA3D.20109@sixdemonbag.org> (Robert J. Hansen's message of "Tue, 22 Sep 2015 17:38:05 -0400") References: <5601CA3D.20109@sixdemonbag.org> Message-ID: <871tdplfr4.fsf@vigenere.g10code.de> On Tue, 22 Sep 2015 23:38, rjh at sixdemonbag.org said: > Back in February I reported a bug that was preventing GnuPG 2.1.2 from > being able to look up certificates on the keyservers: Sorry, this got lost. Your mail back then was: Is there any explanation for this behavior, or is this a 2.1.2 bug? (This is using Patrick's OS X package, if that matters. It also affects all keyservers I tested, not just the round-robin front-end.) quorra:~ rjh$ gpg -vvvv --keyserver x-hkp://pool.sks-keyservers.net --recv-key 0xD6B98E10 gpg: using character set 'utf-8' gpg: keyserver receive failed: No route to host quorra:~ rjh$ ping pool.sks-keyservers.net PING pool.sks-keyservers.net (140.211.169.202): 56 data bytes 64 bytes from 140.211.169.202: icmp_seq=0 ttl=55 time=102.879 ms Well, for me it works (only one -v to keep the output short): $ gpg -v --keyserver hkp://pool.sks-keyservers.net --recv-key 0xD6B98E10 gpg: data source: http://sks.mrball.net:11371 gpg: armor header: Version: SKS 1.1.5 gpg: armor header: Comment: Hostname: sks.mrball.net gpg: pub dsa2048/23806BE5D6B98E10 2008-07-30 Robert J. Hansen [...] gpg: key 23806BE5D6B98E10: removed multiple subkey binding gpg: key 23806BE5D6B98E10: removed multiple subkey binding gpg: key 23806BE5D6B98E10: "Robert J. Hansen <[...]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 However, this used a different keyserver from the pool. Let's check: $ gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye S # hosttable (idx, ipv6, ipv4, dead, name, time): S # 0 6 4 keys.mayfirst.org v6=[2001:470:1:116::6] v4=216.66.15.2 S # 1 pool.sks-keyservers.net S # . pool.sks-keyservers.net S # . --> 8 19 5 6 3 14 11 18 13 10 7 17 16* 12 20 15 4 2 9 S # 2 6 [2001:ba8:1f1:f2d4::2] S # 3 6 keys.stueve.us v6=[2001:470:e232:1681:214:d1ff:fe18:5019] S # 4 6 [2001:67c:2050:1000::3:4] S # 5 6 jupiter.zaledia.com v6=[2001:41d0:52:600::4c] S # 6 6 keys.jhcloos.com v6=[2602:ffea:1:ea::1] S # 7 6 openpgp.us v6=[2604:a880:800:10::60d:b001] S # 8 6 4 bluemlisalp.durcheinandertal.ch v6=[2a03:580:f001:103::2] v4=217.197.135.103 S # 9 6 [2a01:4f8:192:f5::3] S # 10 6 openpgp-keyserver.de v6=[2a01:4f8:d12:1cca::2] S # 11 6 matteoswelt.de v6=[2a01:4f8:d16:24c1::2] S # 12 4 sks.powdarrmonkey.net v4=78.157.209.9 S # 13 4 mx1.adeti.org v4=91.121.41.109 S # 14 4 keys02.fedoraproject.org v4=140.211.169.202 S # 15 4 tyo1.sks.reimu.io v4=157.7.123.130 S # 16 4 sks.mrball.net v4=208.89.139.251 S # 17 4 s3.pkern.at v4=5.45.99.106 S # 18 4 metalgamer.eu v4=5.45.108.219 S # 19 4 cryptonomicon.mit.edu v4=18.9.60.141 S # 20 4 stlhs.archreactor.org v4=68.187.0.77 OK Trying your keyserver: $ gpg -v --keyserver hkp://keys02.fedoraproject.org --recv-key 0xD6B98E10 gpg: data source: http://keys02.fedoraproject.org:11371 gpg: armor header: Version: SKS 1.1.5 gpg: armor header: Comment: Hostname: keys.fedoraproject.org gpg: pub dsa2048/23806BE5D6B98E10 2008-07-30 Robert J. Hansen <[...]> gpg: key 23806BE5D6B98E10: removed multiple subkey binding gpg: key 23806BE5D6B98E10: removed multiple subkey binding gpg: key 23806BE5D6B98E10: "Robert J. Hansen <[...]>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 So, no problem here. I have a v6 and a v4 connection and running Linux on i386. Can you please run this after the failed --recv-key with the pool: gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye maybe we can see what is special with your build. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Wed Sep 23 10:25:02 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 23 Sep 2015 04:25:02 -0400 Subject: Keyserver lookup failure, redux In-Reply-To: <871tdplfr4.fsf@vigenere.g10code.de> References: <5601CA3D.20109@sixdemonbag.org> <871tdplfr4.fsf@vigenere.g10code.de> Message-ID: <560261DE.9080403@sixdemonbag.org> > $ gpg -v --keyserver hkp://pool.sks-keyservers.net --recv-key 0xD6B98E10 quorra:~ rjh$ gpg -v --keyserver hkp://pool.sks-keyservers.net --recv-key 0xD6B98E10 gpg: keyserver receive failed: No route to host > $ gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye quorra:~ rjh$ gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye S # hosttable (idx, ipv6, ipv4, dead, name, time): S # 0 pool.sks-keyservers.net S # . pool.sks-keyservers.net S # . --> 2 3 13 7 20 10 9 5 1 4 19 12 6 11 17 8 15 16 18* 14 S # 1 4 host-550b4a17.sileman.net.pl v4=85.11.74.23 S # 2 4 85.93.216.115 S # 3 4 91-143-92-136.blue.kundencontroller.de v4=91.143.92.136 S # 4 4 ip5f590cb8.dynamic.kabel-deutschland.de v4=95.89.12.184 S # 5 4 gozer.rediris.es v4=130.206.1.8 S # 6 4 obelix.hetzner.computer42.org v4=144.76.43.40 S # 7 4 app.aaiedu.hr v4=161.53.2.219 S # 8 4 sks.es.net v4=198.128.3.63 S # 9 4 euler.nerds.lu v4=62.210.74.32 S # 10 4 c-75-75-183-132.hsd1.pa.comcast.net v4=75.75.183.132 S # 11 6 openpgp.us v6=[2604:a880:800:10::60d:b001] S # 12 6 keys.alderwick.co.uk v6=[2a01:4f8:131:149::f2] S # 13 6 alita.karotte.org v6=[2a01:4f8:150:7142::2] S # 14 6 [2a01:4f8:192:f5::3] S # 15 6 srv2.globale-gruppe.de v6=[2a01:4f8:200:6329::2] S # 16 6 vod.ohai.su v6=[2a01:4f8:211:1623:a::1] S # 17 6 s3.pkern.at v6=[2a03:4000:5:b3::1] S # 18 6 [2001:67c:2050:1000::3:4] S # 19 6 itunix.eu v6=[2001:41d0:2:4f0b::1] S # 20 6 blazrsoft.com v6=[2605:6400:10:544b::1] S # 21 4 keys02.fedoraproject.org v4=140.211.169.202 OK From andrewg at andrewg.com Wed Sep 23 11:30:22 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Wed, 23 Sep 2015 10:30:22 +0100 Subject: Problem with unix socket forwarding In-Reply-To: <201509231001.10853.bernhard@intevation.de> References: <560144C3.1040804@andrewg.com> <201509231001.10853.bernhard@intevation.de> Message-ID: <5602712E.10301@andrewg.com> On 23/09/15 09:01, Bernhard Reiter wrote: > On Tuesday 22 September 2015 at 14:08:35, Andrew Gallagher wrote: >> Anyone know where I'm going wrong? > > You could try enabling more diagnosis output > and check it to see if you are talking to right gpg-agent. There is no gpg-agent running on the remote VM. GPG_AGENT_INFO is not set, but even if I set it explicitly to point to the socket it doesn't appear to attempt to contact it: andrewg at xen:~$ GPG_AGENT_INFO=~/.gnupg/S.gpg-agent:1:1 gpg2 --debug-level 10 --list-secret-keys gpg: enabled debug flags: packet mpi cipher filter iobuf memory cache memstat trust extprog cardio assuan gpg: DBG: fd_cache_open (/home/andrewg/.gnupg/secring.gpg) not cached gpg: DBG: iobuf-1.0: open `/home/andrewg/.gnupg/secring.gpg' fd=4 gpg: DBG: iobuf-1.0: underflow: req=8192 gpg: DBG: iobuf-1.0: underflow: got=0 rc=-1 gpg: DBG: /home/andrewg/.gnupg/secring.gpg: close fd 4 gpg: DBG: fd_cache_close (/home/andrewg/.gnupg/secring.gpg) new slot created gpg: DBG: iobuf-1.0: underflow: eof gpg: DBG: iobuf-1.0: close `?' random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/65536 bytes in 0 blocks A -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From kristian.fiskerstrand at sumptuouscapital.com Wed Sep 23 12:05:53 2015 From: kristian.fiskerstrand at sumptuouscapital.com (Kristian Fiskerstrand) Date: Wed, 23 Sep 2015 12:05:53 +0200 Subject: Keyserver lookup failure, redux In-Reply-To: <560261DE.9080403@sixdemonbag.org> References: <5601CA3D.20109@sixdemonbag.org> <871tdplfr4.fsf@vigenere.g10code.de> <560261DE.9080403@sixdemonbag.org> Message-ID: <56027981.7060506@sumptuouscapital.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 09/23/2015 10:25 AM, Robert J. Hansen wrote: >> $ gpg -v --keyserver hkp://pool.sks-keyservers.net --recv-key >> 0xD6B98E10 > > quorra:~ rjh$ gpg -v --keyserver hkp://pool.sks-keyservers.net > --recv-key 0xD6B98E10 gpg: keyserver receive failed: No route to > host Please try the ipv4-only pool hkp://ipv4.pool.sks-keyservers.net - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- Varitatio delectat Change pleases -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJWAnl9AAoJECULev7WN52FB08IAIA4Hrwex8vS52ockweGecad dCsJTz53cCMvaXuSS9z3KIlNfK46hlRAC9xI+xpLm3b0plvKEjqF8IY53EbSc5UL jRfcnxjiCulXoheT1TPxPiNJf8DrKpulc/DE5NhQi5h0p2X54OF+rEzOwEOUsyCN nE9HrWDEUko6rHN2Nn8rBq6sktyV8leRGVTfRBBj3Y9rW0EX9C0LWV9Tgxh6SbW+ JoB6eUjWCfDKCDwab1ygkQeDn0MaOhiBAxPalw1MBn9x/83CZimiGByADa/56ATh VvToFHZSDikoe0lewo119Bo089RFXIMnhut6YNmxdNB8Hv09jftLmz1RWTqLzN4= =fGoV -----END PGP SIGNATURE----- From wk at gnupg.org Wed Sep 23 12:42:35 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 23 Sep 2015 12:42:35 +0200 Subject: Problem with unix socket forwarding In-Reply-To: <5602712E.10301@andrewg.com> (Andrew Gallagher's message of "Wed, 23 Sep 2015 10:30:22 +0100") References: <560144C3.1040804@andrewg.com> <201509231001.10853.bernhard@intevation.de> <5602712E.10301@andrewg.com> Message-ID: <87eghpju1w.fsf@vigenere.g10code.de> On Wed, 23 Sep 2015 11:30, andrewg at andrewg.com said: > gpg: DBG: /home/andrewg/.gnupg/secring.gpg: close fd 4 You are using 2.0 and not 2.1. 2.0 does not support the socket forwarding. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From andrewg at andrewg.com Wed Sep 23 12:54:42 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Wed, 23 Sep 2015 11:54:42 +0100 Subject: Problem with unix socket forwarding In-Reply-To: <87eghpju1w.fsf@vigenere.g10code.de> References: <560144C3.1040804@andrewg.com> <201509231001.10853.bernhard@intevation.de> <5602712E.10301@andrewg.com> <87eghpju1w.fsf@vigenere.g10code.de> Message-ID: <560284F2.90207@andrewg.com> On 23/09/15 11:42, Werner Koch wrote: > On Wed, 23 Sep 2015 11:30, andrewg at andrewg.com said: > >> gpg: DBG: /home/andrewg/.gnupg/secring.gpg: close fd 4 > > You are using 2.0 and not 2.1. 2.0 does not support the socket > forwarding. That would explain it...! I'll just have to create a throwaway key on the VM for the time being. Thanks. A -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From patrick at enigmail.net Wed Sep 23 15:57:14 2015 From: patrick at enigmail.net (Patrick Brunschwig) Date: Wed, 23 Sep 2015 15:57:14 +0200 Subject: Keyserver lookup failure, redux In-Reply-To: <560261DE.9080403__6251.23943104899$1442996812$gmane$org@sixdemonbag.org> References: <5601CA3D.20109@sixdemonbag.org> <871tdplfr4.fsf@vigenere.g10code.de> <560261DE.9080403__6251.23943104899$1442996812$gmane$org@sixdemonbag.org> Message-ID: <5602AFBA.8030407@enigmail.net> On 23.09.15 10:25, Robert J. Hansen wrote: >> $ gpg -v --keyserver hkp://pool.sks-keyservers.net --recv-key 0xD6B98E10 > > quorra:~ rjh$ gpg -v --keyserver hkp://pool.sks-keyservers.net > --recv-key 0xD6B98E10 > gpg: keyserver receive failed: No route to host > I can confirm that the exact above command works for me (on OS X), with gpg 2.1.8: gpg: no running Dirmngr - starting '/usr/local/gnupg-2.1/bin/dirmngr' gpg: waiting for the dirmngr to come up ... (5s) gpg: connection to the dirmngr established gpg: data source: http://openpgp.andrew.kvalhe.im:11371 gpg: armor header: Version: SKS 1.1.5 gpg: armor header: Comment: Hostname: openpgp.andrew.kvalhe.im gpg: pub dsa2048/D6B98E10 2008-07-30 Robert J. Hansen (etc.) HTH -Patrick -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Wed Sep 23 16:20:09 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 23 Sep 2015 10:20:09 -0400 Subject: Keyserver lookup failure, redux In-Reply-To: <5602AFBA.8030407@enigmail.net> References: <5601CA3D.20109@sixdemonbag.org> <871tdplfr4.fsf@vigenere.g10code.de> <560261DE.9080403__6251.23943104899$1442996812$gmane$org@sixdemonbag.org> <5602AFBA.8030407@enigmail.net> Message-ID: <5602B519.3070101@sixdemonbag.org> > I can confirm that the exact above command works for me (on OS X), with > gpg 2.1.8: How odd. All right -- time for me to assume there's some problem with how OS X has borked IPv6 configuration. (I don't even have IPv6 connectivity; why OS X insists on giving me IPv6 addresses, I don't know.) Thanks to everyone who helped out. :) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1016 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Thu Sep 24 02:46:45 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 24 Sep 2015 09:46:45 +0900 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> Message-ID: <560347F5.7000708@fsij.org> On 09/22/2015 10:26 PM, Marcus Ilgner wrote: > Thank you for the hint. I updated the gist at > https://gist.github.com/milgner/b823685c8a5960f1f13b to include both the > output of `gpg --card-status` (which works fine) as well as the log for > trying to decrypt with CCID disabled in scdaemon.conf (which unfortunately > it yields the same error as before). Thank you. Other than the particular error of decryption failure, everything looks fine. > all data stems from the secret key? I.e. the key is moved to the > card in full and the blinded/public key as well as the fingerprints > are derived from it there? When you wrote your private key to the card (with gpg --edit-key and its sub-command "keytocard"), gpg sent your private key to the card. After that, gpg sent fingerprint and timestamp to the card. Public key is generated by the card from private key. Could you please try following commands (with debug option in .gnupg/scdaemon.conf enabled) to see what's going on? $ gpgconf --reload scdaemon $ rm $ gpg --card-status The scdaemon accesses public key information on the card. You'll see the debug dump of following line: raw apdu: 00 47 81 00 02 B8 00 00 This is to read public key (of decryption) from the card. It should have valid response of public key as a response of this command. In my case (of RSA-2048 key), it's like: ================================================== 2015-09-24 09:22:40 scdaemon[5848] DBG: dump: 7F 49 82 01 09 81 82 01 00 94 9D ED 4A 70 67 E0 6F 4E C4 90 59 BF 8C C5 AD 71 CB FB D8 1D B8 A8 D4 EE 24 5C 74 42 01 81 C7 3E 7F D8 3D 9E D8 9F D7 9F 93 96 C9 86 C8 0F C0 90 68 A7 7C 4F 91 3F A0 43 DA 3B 8B AF A8 5E 7B 32 46 33 A7 29 88 3F 6B 97 2F FF FE A4 78 33 DF CA 99 05 02 8C 60 BE 65 E6 7A 63 2B E5 43 5F 42 D9 BC F2 4C 3C DF 69 41 26 86 B2 23 68 CB 66 59 D0 15 18 4E 2E C3 5B 79 4A 51 85 F2 3A 5B CC 98 90 89 79 AD 0B D3 5E 78 C0 00 53 E8 6B E6 AD 83 5F AC E4 C7 40 AE E6 CA 29 23 0A B6 70 77 C3 17 85 6A CF 67 CB EF B0 B9 14 B0 5A CB 80 03 21 E4 01 34 32 A9 1F BF 46 79 A8 C7 C9 89 F6 A1 C2 19 B1 59 A8 B4 F5 AF DF D4 DA 12 C9 AD 83 7C DD DF D8 16 B3 95 23 3E 3D C0 4A 6B C5 22 C3 FF FC EC 8B 0D 9C 22 4E 0D DA D2 DA D0 BC 5A 68 EF CD 78 69 A3 F9 89 16 F2 CE 7A 7F D1 D6 E8 8E B6 C6 01 82 03 01 00 01 2015-09-24 09:22:40 scdaemon[5848] DBG: chan_5 -> S KEYPAIRINFO 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C OPENPGP.2 ================================================== '7F 49 82 01 09 81 82 01 00' is a header for the public key. Then, raw RSA public key of 256-byte. Followed by '82 03 01 00 01', which is public exponent. 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C is a keygrip of my decryption key. "OPENPGP.2" is the name of decryption key of the card (2 means second key on the card; first key is for singing, third key is for authentication). If you will see success of this public key retrieval from your card, I think that your private key is on your card correctly, but something was going wrong for decryption operation. If you will see failure of this public key retrieval from your card, I think that your private key is not on your card correctly. Something was going wrong when you invoked "keytocard" sub-command, but it was not reported so (and proceeded to register fingerprint and timestamp). -- From rjh at sixdemonbag.org Thu Sep 24 17:05:03 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 24 Sep 2015 11:05:03 -0400 Subject: Facebook and OpenPGP Message-ID: <5604111F.8080602@sixdemonbag.org> A friend at Facebook just clued me in to a story at The Register: http://www.theregister.co.uk/2015/09/24/facebook_crypto_upped/ I know nothing more about this than what's in the page. Figured some people here might find it interesting, though. :) From marcus.ilgner at gmail.com Fri Sep 25 07:55:05 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Fri, 25 Sep 2015 05:55:05 +0000 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: <560347F5.7000708@fsij.org> References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> <560347F5.7000708@fsij.org> Message-ID: On Thu, 24 Sep 2015 at 02:46 NIIBE Yutaka wrote: > On 09/22/2015 10:26 PM, Marcus Ilgner wrote: > > Thank you for the hint. I updated the gist at > > https://gist.github.com/milgner/b823685c8a5960f1f13b to include both the > > output of `gpg --card-status` (which works fine) as well as the log for > > trying to decrypt with CCID disabled in scdaemon.conf (which > unfortunately > > it yields the same error as before). > > Thank you. Other than the particular error of decryption failure, > everything looks fine. > > > all data stems from the secret key? I.e. the key is moved to the > > card in full and the blinded/public key as well as the fingerprints > > are derived from it there? > > When you wrote your private key to the card (with gpg --edit-key and > its sub-command "keytocard"), gpg sent your private key to the card. > After that, gpg sent fingerprint and timestamp to the card. Public > key is generated by the card from private key. > Thanks for the explanation! It always helps to know what is (or should be) going on. > Could you please try following commands (with debug option in > .gnupg/scdaemon.conf enabled) to see what's going on? > > $ gpgconf --reload scdaemon > $ rm > $ gpg --card-status > > The scdaemon accesses public key information on the card. > > You'll see the debug dump of following line: > > raw apdu: 00 47 81 00 02 B8 00 00 > Not sure whether that is significant but there were a few zero bytes more: raw apdu: 00 47 81 00 00 00 02 B8 00 08 00 This is to read public key (of decryption) from the card. > > It should have valid response of public key as a response of > this command. > > In my case (of RSA-2048 key), it's like: > [...] > '7F 49 82 01 09 81 82 01 00' is a header for the public key. > Also some slight differences: it says 7F 49 82 *02* *0A* 81 82 *02* 00 > Then, > raw RSA public key of 256-byte. Followed by '82 03 01 00 01', which > is public exponent. > > 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C is a keygrip of my decryption > key. "OPENPGP.2" is the name of decryption key of the card (2 means > second key on the card; first key is for singing, third key is for > authentication). > That part looks ok again. Although my public exponent is different, too but I guess that's expected :) Yet 527 bytes total sounds plausible for a 4096bit key. You can find the full output at https://gist.github.com/milgner/b823685c8a5960f1f13b#file-public_key_read-log > If you will see success of this public key retrieval from your card, I > think that your private key is on your card correctly, but something > was going wrong for decryption operation. > > If you will see failure of this public key retrieval from your card, I > think that your private key is not on your card correctly. Something > was going wrong when you invoked "keytocard" sub-command, but it was > not reported so (and proceeded to register fingerprint and timestamp) > I would assume that the key was indeed transferred successfully then. Thanks for the help, I have a feeling we're making some headway towards a solution. All the best Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From lechten at wi.uni-muenster.de Fri Sep 25 09:49:48 2015 From: lechten at wi.uni-muenster.de (Jens Lechtenboerger) Date: Fri, 25 Sep 2015 09:49:48 +0200 Subject: GnuPG User ID expiry Message-ID: <87wpvfx7j7.fsf@wi.uni-muenster.de> Hi there, I tried to generate test keys with expired user IDs (under faked system time), but I failed, with gpg 1.4 as well as 2.1.8. I tried to use the options default-sig-expire and default-cert-expire as well as ask-sig-expire and ask-cert-expire when adding user IDs via --edit-key. However, gpg --list-options show-sig-expire --list-sigs indicates that the signatures expire ?never?. How can I generate/add user IDs with expiration dates or change the expiration date of user IDs? Best wishes Jens From antony at blazrsoft.com Fri Sep 25 15:31:34 2015 From: antony at blazrsoft.com (Antony Prince) Date: Fri, 25 Sep 2015 09:31:34 -0400 Subject: gnupg-for-java In-Reply-To: <55FD17E1.4010501@blazrsoft.com> References: <55EF534C.5010505@sixdemonbag.org> <55EF5889.2090200@blazrsoft.com> <55EF781B.6030006@blazrsoft.com> <55F03DE7.2080606@sixdemonbag.org> <55F06ED1.2030806@blazrsoft.com> <55F0EEC0.5080302@blazrsoft.com> <55F1F351.9050701@blazrsoft.com> <55F31883.6090904@blazrsoft.com> <55FAAB17.8070400@guardianproject.info> <55FD17E1.4010501@blazrsoft.com> Message-ID: <56054CB6.8040600@blazrsoft.com> For those who'd prefer a TLS encrypted download over plain FTP, the compiled binaries can be found at https://www.blazrsoft.com/gnupg-for-java . They are the exact same files as the ftp downloads, just symlinked into the web server. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://keyserver.blazrsoft.com/pks/lookup?op=get&search=0xAF3D4087301B1B19 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 884 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Fri Sep 25 05:09:28 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 24 Sep 2015 23:09:28 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <20150922151338.GB3664@sony> References: <20150922151338.GB3664@sony> Message-ID: <8737y3dwk7.fsf@alice.fifthhorseman.net> On Tue 2015-09-22 11:13:38 -0400, SGT. Garcia wrote: > been looking for a solution to get gpg dance nicely with pam in the sense that > once a user authenticated in keychain is unlocked. that is to have one central > authentication that lasts for the duration of the user's session. You might be interested in libpam-poldi: http://www.g10code.com/p-poldi.html I'm not sure if it meets your particular goals/use cases, though. There are some conceptual caveats to what you're proposing: Note that a user's GnuPG secret keyring potentially contains multiple secret keys, and each secret key could be encrypted with a different password. which secret key would need to be decrypted to make that work? Potentially even scarier, if i can convince you to import key material, i could give you a secret key that is set with a passphrase that i know. Once you've done that, if the PAM module allows me to connect if i can unlock any key, then i could use it to unlock your account! You could also consider a more integrated desktop environment like GNOME, which has a single keyring/password manager that is integrated with account login. GNOME's keyring can be used to also talk to gpg-agent if both tools are configured to do so. hth, --dkg From christian.heinrich at cmlh.id.au Sat Sep 26 04:24:12 2015 From: christian.heinrich at cmlh.id.au (Christian Heinrich) Date: Sat, 26 Sep 2015 12:24:12 +1000 Subject: Facebook and OpenPGP In-Reply-To: <5604111F.8080602@sixdemonbag.org> References: <5604111F.8080602@sixdemonbag.org> Message-ID: Robert, https://www.facebook.com/notes/protect-the-graph/update-facebook-openpgp/1646991155541029 is Facebook's announcement. I believe the @protonmail.ch e-mail address rather than the @facebook.com e-mail address is integrated since https://blog.protonmail.ch/protonmail-facebook-pgp/ references https://support.protonmail.ch/knowledge-base/using-protonmail-with-facebook-pgp/ So as far as I am aware there is no integration with the Facebook GraphAPI yet :( On Fri, Sep 25, 2015 at 1:05 AM, Robert J. Hansen wrote: > A friend at Facebook just clued me in to a story at The Register: > > http://www.theregister.co.uk/2015/09/24/facebook_crypto_upped/ > > I know nothing more about this than what's in the page. Figured some > people here might find it interesting, though. :) > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Regards, Christian Heinrich http://cmlh.id.au/contact From diafygi at gmail.com Sat Sep 26 19:11:56 2015 From: diafygi at gmail.com (Daniel Roesler) Date: Sat, 26 Sep 2015 10:11:56 -0700 Subject: Facebook and OpenPGP In-Reply-To: References: <5604111F.8080602@sixdemonbag.org> Message-ID: On Fri, Sep 25, 2015 at 7:24 PM, Christian Heinrich wrote: > > So as far as I am aware there is no integration with the Facebook > GraphAPI yet :( I asked a while back, and they are considering it. https://twitter.com/sweis/status/605440779406974976 From marko.bauhardt at mailbox.org Sun Sep 27 20:44:50 2015 From: marko.bauhardt at mailbox.org (Marko Bauhardt) Date: Sun, 27 Sep 2015 20:44:50 +0200 Subject: uploading subkeys In-Reply-To: <87si6hawp2.fsf@alice.fifthhorseman.net> References: <55E0CA9F.2070208@gmail.com> <7BD1189B-0B21-44AF-A8AB-E5A980F9D49D@mailbox.org> <871teegf2p.fsf@vigenere.g10code.de> <03BABF25-0A75-4B0E-B91B-3F9BD75D44E1@mailbox.org> <87si6hawp2.fsf@alice.fifthhorseman.net> Message-ID: > > a Transferable Public Key (aka "keyblock" and "OpenPGP certificate") is > defined here: > > https://tools.ietf.org/html/rfc4880#section-11.1 Thx, this is what i searched for. Marko From darwinskernel at gmail.com Mon Sep 28 02:14:20 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Sun, 27 Sep 2015 20:14:20 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <8737y3dwk7.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> Message-ID: <20150928001420.GA9772@sony> On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote: > On Tue 2015-09-22 11:13:38 -0400, SGT. Garcia wrote: > > been looking for a solution to get gpg dance nicely with pam in the sense that > > once a user authenticated in keychain is unlocked. that is to have one central > > authentication that lasts for the duration of the user's session. > > You might be interested in libpam-poldi: > > http://www.g10code.com/p-poldi.html thanks, will have a look in a tick. > I'm not sure if it meets your particular goals/use cases, though. > > There are some conceptual caveats to what you're proposing: Note that a > user's GnuPG secret keyring potentially contains multiple secret keys, > and each secret key could be encrypted with a different password. which > secret key would need to be decrypted to make that work? i use pass to manage my passwords: http://www.passwordstore.org/ all passwords are encrypted with one single passphrase which is what i would like to have in *sync* with pam's OK on user's successful authentication. > Potentially even scarier, if i can convince you to import key material, > i could give you a secret key that is set with a passphrase that i > know. Once you've done that, if the PAM module allows me to connect > if i can unlock any key, then i could use it to unlock your account! import where? i'm not sure if i follow. pass only manages passwords for my email accounts, so far at least, and i don't see how this comes into play. would care to elaborate please? > You could also consider a more integrated desktop environment like > GNOME, which has a single keyring/password manager that is integrated > with account login. GNOME's keyring can be used to also talk to > gpg-agent if both tools are configured to do so. > i don't use desktop environment. my machine usually boots into console and i may or may not run xinit to start X with dwm (a window manager). this may change in the future when i start X's systemd session-manager which apparently requires a login-manager. same goes for wayland incidentally and afaik. in that case i would be looking into integration that login-manager with gnupg for the same purpose. sgt From darwinskernel at gmail.com Mon Sep 28 04:04:40 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Sun, 27 Sep 2015 22:04:40 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <8737y3dwk7.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> Message-ID: <20150928020440.GB9772@sony> On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote: > You might be interested in libpam-poldi: > > http://www.g10code.com/p-poldi.html i get 'not found' error. google finds me this: http://www.schiessle.org/howto/poldi.html assuming they're the same thing it mentions gnupg smartcards; not sure what that is but i'm guessing the module can be used with pam regardless even without the card; correct? sgt From gniibe at fsij.org Mon Sep 28 09:03:59 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Mon, 28 Sep 2015 16:03:59 +0900 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> <560347F5.7000708@fsij.org> Message-ID: <5608E65F.4090404@fsij.org> On 09/25/2015 02:55 PM, Marcus Ilgner wrote: >> You'll see the debug dump of following line: >> >> raw apdu: 00 47 81 00 02 B8 00 00 >> > > Not sure whether that is significant but there were a few zero bytes more: > raw apdu: 00 47 81 00 00 00 02 B8 00 08 00 It is also correct. Short form is 02 and extended form is 00 (the prefix) and two-byte (00 02). > Also some slight differences: it says > 7F 49 82 *02* *0A* 81 82 *02* 00 That's no problem. It is correct for RSA-4096 key. > That part looks ok again. Although my public exponent is different, too but > I guess that's expected :) Yet 527 bytes total sounds plausible for a > 4096bit key. > You can find the full output at > https://gist.github.com/milgner/b823685c8a5960f1f13b#file-public_key_read-log Thanks. It looks no problem at all (other than the specific error of decryption). > I would assume that the key was indeed transferred successfully then. Yes. I think so, too. > Thanks for the help, I have a feeling we're making some headway towards a > solution. The error code of 6A88 is a kind of strange for me. If it's OpenPGPcard v3.x with AES symmetric key decryption support, I think that we could see the error of 6A88, though. It would be possible this error occurs on other Nitrokey Pro (or other OpenPGPcard v2.1 implementation), if this were firmware issue. -- From ml at sudhirkhanger.com Mon Sep 28 11:53:32 2015 From: ml at sudhirkhanger.com (Sudhir Khanger) Date: Mon, 28 Sep 2015 15:23:32 +0530 Subject: Should I be using gpg or gpg2? Message-ID: <14017153.kx2cm4khmE@fedora> Hi, My understanding is gpg is for embedded systems and servers and gpg2 is for full fledged desktops. I seem to find documentation only for gpg but not gpg2. Are there any updated how-to for gpg2? Should I continue to use gpg command everywhere? -- Regards, Sudhir Khanger, sudhirkhanger.com. From guanx.bac at gmail.com Mon Sep 28 13:09:11 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Mon, 28 Sep 2015 13:09:11 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <14017153.kx2cm4khmE@fedora> References: <14017153.kx2cm4khmE@fedora> Message-ID: On Mon, Sep 28, 2015 at 11:53 AM, Sudhir Khanger wrote: > > Are there any updated how-to for gpg2? Should I continue to use gpg command > everywhere? For docs of gpg2, check e.g. "/usr/doc/gnupg2-2.0.29" and "info gnupg". Guan From listofactor at mail.ru Mon Sep 28 13:23:32 2015 From: listofactor at mail.ru (listo factor) Date: Mon, 28 Sep 2015 11:23:32 +0000 Subject: Should I be using gpg or gpg2? In-Reply-To: <14017153.kx2cm4khmE@fedora> References: <14017153.kx2cm4khmE@fedora> Message-ID: <56092334.7020308@mail.ru> On 09/28/2015 09:53 AM, Sudhir Khanger wrote: > Hi, > > Should I continue to use gpg command > everywhere? > Unless you have specific reasons for transitioning to gpg2, stick with gpg (GnuPG) 1.4.16. It is just as secure, and much easier to use. From ml at sudhirkhanger.com Mon Sep 28 14:23:36 2015 From: ml at sudhirkhanger.com (Sudhir Khanger) Date: Mon, 28 Sep 2015 17:53:36 +0530 Subject: Should I be using gpg or gpg2? In-Reply-To: <56092334.7020308@mail.ru> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> Message-ID: <2931107.6BY9rf37lo@fedora> On Monday 28 Sep 2015 11:23:32 AM listo factor wrote: > Unless you have specific reasons for transitioning to gpg2, stick > with gpg (GnuPG) 1.4.16. It is just as secure, and much easier > to use. There is no specific reason for using gpg or gpg2 other than that upstream recommends gpg2 for desktop. I have mildly used gpg and if I have to invest my time I might as well start with gpg2. -- Regards, Sudhir Khanger, sudhirkhanger.com. From rjh at sixdemonbag.org Mon Sep 28 16:00:17 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 10:00:17 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <14017153.kx2cm4khmE@fedora> References: <14017153.kx2cm4khmE@fedora> Message-ID: <560947F1.9030707@sixdemonbag.org> > My understanding is gpg is for embedded systems and servers and gpg2 is for > full fledged desktops. Mostly true. Close enough for government work. :) > I seem to find documentation only for gpg but not gpg2. Most of the GnuPG 1.4 documentation is still relevant for GnuPG 2.0 and 2.1. From rjh at sixdemonbag.org Mon Sep 28 18:08:13 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 12:08:13 -0400 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> Message-ID: <560965ED.3030507@sixdemonbag.org> > They are also proposing a HTTPS web interface, I guess this relies on > trusting the certificate authority? This has a critical chicken-and-egg problem. Let's say I want to send you an encrypted email. I send it to the OwnMail box, and it in turn sends to you, in cleartext, an HTTPS link to the OwnMail box. But Eve, who's listening in on communications between us, who is the adversary I want to foil ... well, she gets the HTTPS link, too, and she's able to use it to view my message to you. End result: Eve is not foiled. Okay, so let's say the HTTPS link goes to a page protected by some kind of authentication, some kind of login method. How do I communicate to you the credentials to login? Eve gets to eavesdrop on those, too. End result: Eve is not foiled. So let's say that you create a username/pw on someone else's OwnMail box early on, before Eve starts listening in. Now you can go fetch those HTTPS-secured pages securely. Eve is foiled. *But*, you have to set up the username/PW ahead-of-time, before Eve comes into play. And now you have to keep track of yet another username/PW. End result: Eve is foiled but it's a usability nightmare because you're stuck tracking 25 different OwnMail username/PWs for 25 different OwnMail users. Further, they're not doing *anything* that we haven't already been able to do for 20+ years. Seriously. Every mail administrator on the planet has been able to do this sort of thing for 20+ years. They don't. We rarely if ever see OwnMail-like setups. It's worth asking the question, "Why?" My initial thoughts after reviewing the page: I'm not optimistic. I might be wrong! But I'm definitely not optimistic. From rjh at sixdemonbag.org Mon Sep 28 19:00:46 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 13:00:46 -0400 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> Message-ID: <5609723E.8090408@sixdemonbag.org> > Hi I spotted this project: https://www.own-mailbox.com/#HowWork Looking over their FAQ, I found this entry which makes me doubt them even further. It downright deserves a fisking, which I'll deliver inline. "Q: Why shouldn't I trust any cloud email service with JavaScript encryption on the client-side ? A: These services cannot be trusted, because they still give power to companies to spy on you. Why is it not secure? 1-Encryption is done in JavaScript, and therefore relies on your browser's JavaScript engines, which 80% of the time are proprietary software coming from Google, Microsoft, Apple, and most eminent NSA collaborators." Nice allegation there about Google, Microsoft, and Apple all being NSA collaborators. It's pretty strange, though, that *all of these* companies are currently pushing crypto in a big way, to the point that the USG is currently pushing for legislation requiring back-doors into crypto... why, it's almost as if they're not collaborating at all, and are responding to what they see as overreaching government practices by introducing technologies to make those overreaches more difficult. Second, these guys are flat factually wrong about JavaScript engines. Internet Explorer's Chakra engine is proprietary code. Apple Safari's Nitro engine, Mozilla Firefox's Spidermonkey engine, and Google Chrome's V8 engine (also used in Chromium) are all open-source. Let me repeat that: the *only* proprietary JavaScript engine in common use today is in Internet Explorer. "It leaves 4% chances that both you and your correspondent don't use any of them, (because even if you don't use them, your correspondent might, and he would compromise your security). Using these browsers for cryptography, even once, leaves these companies full power to forever break your cryptography." Cryptography is not like virginity, where once you lose it it's gone forever. I have a hard time believing that anyone could believe this crap -- I've had boxes compromised before, and guess what, I wasn't "forever" compromised. Talk about how "using these browsers for cryptography, even once, leaves these companies full power to forever break your cryptography" is scaremongering, plain and simple, full stop. Somebody really ought to write a FAQ entry about scaremongerers. https://www.gnupg.org/faq/gnupg-faq.html#fraudsters "By extension any cryptography done on a proprietary operating system like Mac or Windows can be considered as doomed, since Microsoft and Apple can then access your keys." "Doomed" is such a scaremongering word. It may be unwise, but it's certainly not *doomed*. Further, where is there any evidence that Microsoft or Apple has ever turned over a user's encryption keys? Has this ever happened? Do they even have that capability? Or is the author just trying to scare you? "2-The JavaScript code may be changed at any time by the email service provider. So except if you check the JavaScript code sent to you each time before entering your password (which is impracticable), you leave the email service provider open to breaking your cryptography at any time they want, without you even necessarily knowing it (since you don't check it)." Mostly true. "3-These services don't and cannot have a strong private key encryption. They rely on a much weaker private password that can be remembered by a human being. Therefore, they either use a much weaker algorithm than openPGP, or they use openPGP but store YOUR private key on THEIR servers, in clear form or encrypted with a simple password. In the movie citizenfour, Edward Snowden quoted saying "A 10 character password can be broken by the NSA in few days". So in practice, using a simple password for encryption make those services easily breakable. In comparison GPG was initially designed to work with 2048 or 4096 bits long private keys. GPG and SSL use this kind of strong private key encryption, as simple passwords are too weak and can be easily broken." This one makes my head hurt. Yes, a 10-character passphrase can be broken in a few days. It can probably be broken in a few *milliseconds*. Rainbow tables are awesome and there's not enough entropy in a 10-character passphrase to really do the trick. But that's why we recommend longer passphrases with higher entropy. My Google login, for instance, is literally 128 bits of random noise put into Base64. Second, they seem to be completely missing the distinction between the length of an asymmetric key and the entropy of that asymmetric key. My 128-bit Google passphrase, which I've committed to memory and have no trouble inputting by hand, is about as hard to break as a 3072-bit RSA key. Should you use short passphrases on sites that you care about? Absolutely not. But it's just *flat* *wrong* to say that web services don't and cannot use strong encryption. "4-If you want to access your emails on computers that are not yours (at the library, at work, at a printing store), you have to do cryptography on their computer, and therefore you're never really sure that you don't compromise your whole cryptographic system, you are effectively giving the power to the computer's owner to break it." And how is this cured, *in any way*, by using a stranger's computer to access your email over HTTPS? That stranger could store a local copy of your email, your keystrokes into the terminal for your passphrase, etc... "5- It is controversial whether JavaScript as a language, is actually able to perform good quality encryption at all." Dunno. I'm a pretty sharp guy but I'm not qualified to have an opinion on this one. This puts me slightly ahead of these guys, who appear just as unqualified but don't know it. I'm friends with Dr. Terri Oda, whose Ph.D. research was in JavaScript security. I'll ask her what she thinks. If she tells me that these guys are champs and I'm completely in the wrong, y'all have my word I'll come clean. "This is not only theoritical. The company hushmail, providing an email service with java/javascript client-side encryption, has allready spied on its users. [3]. If they could do it and did it, how do you know other companies won't?" Hushmail was ordered by a court to cooperate with an investigation. In order to make things easier for users, they allowed users to do crypto *server-side*. They advised users this was less secure. People still did it anyway, because convenience is more important to most people than security. Hushmail was ordered to compromise their *server-side* crypto for a small number of users in order to cooperate with a legitimate Canadian investigation. Remember what this FAQ question is about? "Why shouldn't I trust any cloud email service with JavaScript encryption on the client-side?" Why would someone present an instance of a company compromising *server-side* encryption as an argument against trusting *client-side* encryption? The only reason I can think of is to scare you. "To conclude, it should be said that a broken cryptography implies not only that your future emails can be watched, but also that all your past emails can also retroactively be read by spies." This is true for OpenPGP. This isn't true for any system that employs, e.g., perfect forward secrecy. Break a message in a system that employs PFS and you can neither read previous traffic nor future traffic. "Also you should not forget how aggressive the attempts are to break cryptography. There have been several attempts from the US government in the past to add flaws in the Linux kernel, in order to break cryptography [4]. So it is very dangerous to leave that many security holes opened, which are easy ways for NSA and other organizations to break in." All this obsession with the NSA. One wonders if they think the Chinese Ministry of State Security is any less aggressive, or any less of a threat. Obsessing on one three-letter agency to the omission of all others is a sign of someone who has not done a very good job of thinking through the problem. Sometime, ask the kernel.org guys who they think was responsible for the big intrusion back in 2012-2013, and what they think the goal was. I'm not at liberty to say, since it was told to me in a personal conversation, but I will say it wasn't American in origin... From dkg at fifthhorseman.net Mon Sep 28 19:03:10 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 28 Sep 2015 13:03:10 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <20150928001420.GA9772@sony> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> Message-ID: <87pp12lbn5.fsf@alice.fifthhorseman.net> On Sun 2015-09-27 20:14:20 -0400, SGT. Garcia wrote: > i use pass to manage my passwords: > http://www.passwordstore.org/ > > all passwords are encrypted with one single passphrase which is what i would > like to have in *sync* with pam's OK on user's successful authentication. This suggests that you're interested in a pam module that verifies that you can unlock any secret key associated with the ID stored in ~/.password-store/.gpg-id, then the user can log in. Does that sound right? Or maybe you want your PAM module to test that given ~/.gnupg and ~/.password-store, the user-supplied password is capable of decrypting some specific entry in pass? either way, i think you're asking for something that is custom to your setup. >> Potentially even scarier, if i can convince you to import key material, >> i could give you a secret key that is set with a passphrase that i >> know. Once you've done that, if the PAM module allows me to connect >> if i can unlock any key, then i could use it to unlock your account! > > import where? i'm not sure if i follow. pass only manages passwords for my email > accounts, so far at least, and i don't see how this comes into play. would care > to elaborate please? i send you a file dkg.asc that contains my OpenPGP certificate, and ask you to import it into your keyring. you do "gpg --import dkg.asc". But in that file, in addition to my actual OpenPGP certificate, i've included an additional certificate that has your own user ID on it ("SGT. Garcia "), uses a novel secret key, and that secret key is encrypted by a password i know (let's say it's a terrible password, like "bananas"). Now, if your proposed setup is in place, and ~/.password-store/.gpg-id contains "SGT. Garcia ", i will be able to log in to your account with the password "bananas". Does this attack make sense? --dkg From dkg at fifthhorseman.net Mon Sep 28 19:05:38 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 28 Sep 2015 13:05:38 -0400 Subject: An update on poldi? [was: Re: unlock keychain with pam authentication] In-Reply-To: <20150928020440.GB9772@sony> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928020440.GB9772@sony> Message-ID: <87mvw6lbj1.fsf@alice.fifthhorseman.net> On Sun 2015-09-27 22:04:40 -0400, SGT. Garcia wrote: > On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote: >> You might be interested in libpam-poldi: >> >> http://www.g10code.com/p-poldi.html > > i get 'not found' error. google finds me this: > http://www.schiessle.org/howto/poldi.html > > assuming they're the same thing it mentions gnupg smartcards; not sure what that > is but i'm guessing the module can be used with pam regardless even without the > card; correct? Cc'ing gniibe, who might be able to give us some feedback on the state of poldi. --dkg From aarcane at aarcane.org Mon Sep 28 19:06:12 2015 From: aarcane at aarcane.org (Schlacta, Christ) Date: Mon, 28 Sep 2015 10:06:12 -0700 Subject: PAM authentication with gpg or ssh key Message-ID: Hello list. I know this isn't exactly on topic, but I think it's asymptotically close enough to justify asking here. I'm looking for a way to authenticate myself to PAM (Specifically sudo) on a remote server over SSH, though possibly also on a local server using ssh-agent. if my gpg key is unlocked. This is particularly relevant as I store my gpg key in a smart card, and use it to authenticate to the servers initially. It would be nice if, while I was out and about doing remote administrative tasks, I didn't have to take the security risk of typing in my password where people could shoulder-surf it. As I'm using a hardware crypto token (Yubikey Neo actually), I could actually enable static passwords, or other crypto measures alongside my yubikey, however, the two best alternative options have less desirable side-effects. namely the yubikey-pam module requires communication with the yubico servers to authenticate a key, and the static password option can easily accidentally dump the plaintext password into, say, an e-mail or notepad. Therefore, I'm looking for a way to have PAM query the ssh-agent remotely, or optionally locally in rare instances if possible, for authentication. I've tried googling for this, but was unable to come up with anything, and was hoping someone here would know a way. If it's possible to redirect gpg-agent over ssh as a gpg agent instead of an ssh agent, it would also be more than sufficient, if not preferable, so long as it can authenticate to PAM effectively. It's worth noting that my primary use case is connecting from windows + gpg2.1 + putty --> Linux + whatever version of gpg comes from repos. Current platforms include deb 7,8, and ubuntu 14.04 and 15.04, but in the future plan to incldue freebsd and openbsd. From darwinskernel at gmail.com Mon Sep 28 19:16:06 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Mon, 28 Sep 2015 13:16:06 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <87pp12lbn5.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> Message-ID: <20150928171606.GB6087@sony> On Mon, Sep 28, 2015 at 01:03:10PM -0400, Daniel Kahn Gillmor wrote: > On Sun 2015-09-27 20:14:20 -0400, SGT. Garcia wrote: > > i use pass to manage my passwords: > > http://www.passwordstore.org/ > > > > all passwords are encrypted with one single passphrase which is what i would > > like to have in *sync* with pam's OK on user's successful authentication. > > This suggests that you're interested in a pam module that verifies that > you can unlock any secret key associated with the ID stored in > ~/.password-store/.gpg-id, then the user can log in. Does that sound > right? > > Or maybe you want your PAM module to test that given ~/.gnupg and > ~/.password-store, the user-supplied password is capable of decrypting > some specific entry in pass? > > either way, i think you're asking for something that is custom to your > setup. i think neither is what i'm asking. the following particular use case should explain it better. on my user's first login into this machine i run 'notmuch new' this calls mbsync to sync my email with gmail but in order for mbsync to do so it has to get my password from pass. pass in turn has encrypted all my passwords and for that i have to provide the passphrase *manually*. i would like it to happen automatically on user login. hence the pam integration. note that i already have a user systemd service to run 'notmuch new' on user login. it of course fails until i run the command first to unlock my email passwords. > >> Potentially even scarier, if i can convince you to import key material, > >> i could give you a secret key that is set with a passphrase that i > >> know. Once you've done that, if the PAM module allows me to connect > >> if i can unlock any key, then i could use it to unlock your account! > > > > import where? i'm not sure if i follow. pass only manages passwords for my email > > accounts, so far at least, and i don't see how this comes into play. would care > > to elaborate please? > > i send you a file dkg.asc that contains my OpenPGP certificate, and ask > you to import it into your keyring. you do "gpg --import dkg.asc". > > But in that file, in addition to my actual OpenPGP certificate, i've > included an additional certificate that has your own user ID on it > ("SGT. Garcia "), uses a novel secret key, and > that secret key is encrypted by a password i know (let's say it's a > terrible password, like "bananas"). > > Now, if your proposed setup is in place, and ~/.password-store/.gpg-id > contains "SGT. Garcia ", i will be able to log > in to your account with the password "bananas". > > Does this attack make sense? > > --dkg that would be my email account not my local user account, correct? sgt From wk at gnupg.org Mon Sep 28 19:40:00 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 28 Sep 2015 19:40:00 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <56092334.7020308@mail.ru> (listo factor's message of "Mon, 28 Sep 2015 11:23:32 +0000") References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> Message-ID: <87d1x2fnnz.fsf@vigenere.g10code.de> On Mon, 28 Sep 2015 13:23, listofactor at mail.ru said: > Unless you have specific reasons for transitioning to gpg2, stick > with gpg (GnuPG) 1.4.16. It is just as secure, and much easier ^^^^^^^^^^ That is definitely not the case. All improvements go into 2.1 and some are backported to 2.0. We only add necessary fixes to 1.4. The crypto code in 1.4 is way older than what we use in 2.0 - over there we use Libgcrypt which has received a lot more attention than the old code in 1.4 and it is much faster for large data. BTW, the close to 2 years old 1.4.16 misses a couple of security fixes and should asap be updated to 1.4.19. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Mon Sep 28 19:59:26 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 28 Sep 2015 19:59:26 +0200 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <5609723E.8090408@sixdemonbag.org> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> Message-ID: <56097FFE.4090809@digitalbrains.com> On 28/09/15 19:00, Robert J. Hansen wrote: > Cryptography is not like virginity, where once you lose it it's gone > forever. I think they mean that your private key material is compromised, meaning "?ey"[1] can decrypt any future messages encrypted to that key. Sloppily formulated, but I don't think they mean you've lost your crypto virginity . I agree with the rest of what you say, they are full of crap. Just nitpicking here. Peter. [1] Hey, I just thought of a way to ominously spell "they" as a sort of three-letter agency thingy; just use a thorn! -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From rjh at sixdemonbag.org Mon Sep 28 20:12:03 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 14:12:03 -0400 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <56097FFE.4090809@digitalbrains.com> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> <56097FFE.4090809@digitalbrains.com> Message-ID: <560982F3.4040109@sixdemonbag.org> >> Cryptography is not like virginity, where once you lose it it's >> gone forever. > > I think they mean that your private key material is compromised, > meaning "?ey"[1] can decrypt any future messages encrypted to that > key. Sloppily formulated, but I don't think they mean you've lost > your crypto virginity . First, I love the Thorn Letter Agency: I'm going to have to steal it. I don't know whether it should be used sincerely as an "insert agency here", or snarkily as a "oh, right, *?ey* are out to get you". Maybe both. :) Second, I dunno, man. I read that paragraph a few times just trying to understand what they meant before I tore into them, and I came up with realizing that not only didn't I know what they meant, but I doubted they knew either. The troubling line for me was, "Using these browsers for cryptography, even once, leaves these companies full power to forever break your cryptography." So if I use Google Chrome, and it's not compromised, and I use it only once, after that I switch to Firefox and use that for all my web needs... and then, later on, Google decides to toggle the evil bit... suddenly Google Chrome is going to jump in the TARDIS, travel back to when it was trustworthy, and become evil then, and send my key material forwards in time? I mean, taken at their word, that's what they seem to be saying, right? You could be right. Absolutely you could be. But their language is so weird that I don't think I'm willing to give them the benefit of the doubt. From peter at digitalbrains.com Mon Sep 28 20:22:00 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 28 Sep 2015 20:22:00 +0200 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <560982F3.4040109@sixdemonbag.org> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> <56097FFE.4090809@digitalbrains.com> <560982F3.4040109@sixdemonbag.org> Message-ID: <56098548.3070106@digitalbrains.com> On 28/09/15 20:12, Robert J. Hansen wrote: > First, I love the Thorn Letter Agency: I'm going to have to steal it. Hehe, go ahead ;). > I mean, taken at their word, that's what they seem to be saying, right? Absolutely. And it's curious that they're sprinkling technical terms in the rest of what they say, yet completely dumb it down there. It doesn't matter what they meant; the rest of what they write completely disqualifies their ramblings anyway. Just another company jumping on the Snowden revelations bandwagon. I don't know, maybe they mean well, but you need someone who also knows what they're doing instead for it to be more than snake oil. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From dkg at fifthhorseman.net Mon Sep 28 20:35:58 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 28 Sep 2015 14:35:58 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <20150928171606.GB6087@sony> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> Message-ID: <87bncml7ch.fsf@alice.fifthhorseman.net> On Mon 2015-09-28 13:16:06 -0400, SGT. Garcia wrote: > i think neither is what i'm asking. the following particular use case should > explain it better. > > on my user's first login into this machine i run 'notmuch new' this calls mbsync > to sync my email with gmail but in order for mbsync to do so it has to get my > password from pass. pass in turn has encrypted all my passwords and for that i > have to provide the passphrase *manually*. i would like it to happen > automatically on user login. hence the pam integration. note that i already have > a user systemd service to run 'notmuch new' on user login. it of course fails > until i run the command first to unlock my email passwords. if you want it to happen on user login, you're asking for an additional PAM module that would authenticate you to the local system. With PAM, you could configure your system to do this as an additional authentication step (in which case it's the same as your current scenario, but you're prompted by the login greeter instead of your own shell initialization scripts) or as the only authentication required (in which case my attack against your local user account applies). > that would be my email account not my local user account, correct? The attack i described is an attack against your local user account, though i suspect it could be leveraged into an attack against your e-mail account as well. --dkg From darwinskernel at gmail.com Mon Sep 28 21:39:13 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Mon, 28 Sep 2015 15:39:13 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <87pp12lbn5.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> Message-ID: <20150928193913.GA472@sony> On Mon, Sep 28, 2015 at 01:03:10PM -0400, Daniel Kahn Gillmor wrote: > > i send you a file dkg.asc that contains my OpenPGP certificate, and ask > you to import it into your keyring. you do "gpg --import dkg.asc". > > But in that file, in addition to my actual OpenPGP certificate, i've > included an additional certificate that has your own user ID on it > ("SGT. Garcia "), uses a novel secret key, and > that secret key is encrypted by a password i know (let's say it's a > terrible password, like "bananas"). > > Now, if your proposed setup is in place, and ~/.password-store/.gpg-id > contains "SGT. Garcia ", i will be able to log > in to your account with the password "bananas". > > Does this attack make sense? > > --dkg hmm, it pinenty asked me for passphrase, how did that happen? gnupg imports the new key automatically? sgt From marcus.ilgner at gmail.com Mon Sep 28 21:53:22 2015 From: marcus.ilgner at gmail.com (Marcus Ilgner) Date: Mon, 28 Sep 2015 19:53:22 +0000 Subject: Decryption fails with 4096bit key on SmartCard In-Reply-To: <5608E65F.4090404@fsij.org> References: <8737y6q0sb.fsf@vigenere.g10code.de> <1442927248.12719.1.camel@fsij.org> <560347F5.7000708@fsij.org> <5608E65F.4090404@fsij.org> Message-ID: On Mon, 28 Sep 2015 at 09:04 NIIBE Yutaka wrote: > On 09/25/2015 02:55 PM, Marcus Ilgner wrote: > [...] > Thanks for the help, I have a feeling we're making some headway towards a > > solution. > > The error code of 6A88 is a kind of strange for me. If it's > OpenPGPcard v3.x with AES symmetric key decryption support, I think > that we could see the error of 6A88, though. > > It would be possible this error occurs on other Nitrokey Pro (or other > OpenPGPcard v2.1 implementation), if this were firmware issue. > Ok, I'm not sure whether someone from the Nitrokey team is following this list, so I'll contact them and ask them to reproduce this. The card claims to support 4096bit and since the key is on the card it should be possible to use it, too... Fingers crossed... ;) All the best and thanks again for the assistance so far Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From listofactor at mail.ru Mon Sep 28 22:00:14 2015 From: listofactor at mail.ru (listo factor) Date: Mon, 28 Sep 2015 20:00:14 +0000 Subject: Should I be using gpg or gpg2? In-Reply-To: <87d1x2fnnz.fsf@vigenere.g10code.de> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> Message-ID: <56099C4E.8090904@mail.ru> On 09/28/2015 05:40 PM, Werner Koch - wk at gnupg.org wrote: > On Mon, 28 Sep 2015 13:23, listofactor at mail.ru said: > >> Unless you have specific reasons for transitioning to gpg2, stick >> with gpg (GnuPG) 1.4.16. It is just as secure, and much easier > ^^^^^^^^^^ > > That is definitely not the case. All improvements go into 2.1 > and some are backported to 2.0. We only add necessary > fixes to 1.4. Most od 2.x "improvements" have little to do with security. I can't offer any conclusive evidence for this, but it is my honest estimate that more real-world sensitive traffic volume is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any was insecure, this would be of significantly greater benefit to a whole class of large institutional web-traffic attackers than if 2.x was insecure. So, if 1.4.x is indeed in any way insecure, that should merit more serious and immediate attention that if 2.x was insecure. From darwinskernel at gmail.com Mon Sep 28 22:00:38 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Mon, 28 Sep 2015 16:00:38 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <87bncml7ch.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> Message-ID: <20150928200038.GB472@sony> On Mon, Sep 28, 2015 at 02:35:58PM -0400, Daniel Kahn Gillmor wrote: > On Mon 2015-09-28 13:16:06 -0400, SGT. Garcia wrote: > > i think neither is what i'm asking. the following particular use case should > > explain it better. > > > > on my user's first login into this machine i run 'notmuch new' this calls mbsync > > to sync my email with gmail but in order for mbsync to do so it has to get my > > password from pass. pass in turn has encrypted all my passwords and for that i > > have to provide the passphrase *manually*. i would like it to happen > > automatically on user login. hence the pam integration. note that i already have > > a user systemd service to run 'notmuch new' on user login. it of course fails > > until i run the command first to unlock my email passwords. > > if you want it to happen on user login, you're asking for an additional > PAM module that would authenticate you to the local system. > > With PAM, you could configure your system to do this as an additional > authentication step (in which case it's the same as your current > scenario, but you're prompted by the login greeter instead of your own > shell initialization scripts) or as the only authentication required > (in which case my attack against your local user account applies). i really want it as the only authentication required that is open password from user logs him in and decrypts the passwords. > > that would be my email account not my local user account, correct? > > The attack i described is an attack against your local user account, > though i suspect it could be leveraged into an attack against your > e-mail account as well. > > --dkg how does it work, does gnupg phone home? i suspect not. i did not agree to import anything but apparently my mail client (mutt) and/or gnupg took the initiative to do so. if that's true then that's a misconfiguration or bad default configuration of mutt and/or gnupg, i think. sgt From sam_uk at riseup.net Mon Sep 28 20:39:43 2015 From: sam_uk at riseup.net (sam_uk at riseup.net) Date: Mon, 28 Sep 2015 19:39:43 +0100 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <56098548.3070106@digitalbrains.com> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> <56097FFE.4090809@digitalbrains.com> <560982F3.4040109@sixdemonbag.org> <56098548.3070106@digitalbrains.com> Message-ID: <20150928193943.Horde.EZFzsuP9nef34WDawYbvtb-@slackmail.co.uk> Hi all > maybe they mean well, but you need someone who also knows what > they're doing instead for it to be more than snake oil. Thanks for your comments, not exactly a ringing endorsement! Some of their linguistic quirks could be excused given they are French, But I'm glad I asked the question before backing them.. If PGP implementations aren't too far off topic for this list what do you all think of https://www.mailpile.is/ Another attempt to hasten PGP use amongst non-techs but with a software rather than hardware approach: Mailpile is an e-mail client! Mailpile is a search engine and a personal webmail server. Mailpile is an easy way to encrypt your e-mail. Mailpile is software you run yourself, on your own computer. Mailpile is an effort to reclaim private communication on the Internet. A project to rescue our personal lives from the proprietary cloud and prevent our conversations from being strip-mined for corporate profit and government surveillance. Thanks Sam > > Peter. > > -- > I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. > You can send me encrypted mail if you want some privacy. > My key is available at -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-keys Size: 1348 bytes Desc: PGP Public Key URL: From dkg at fifthhorseman.net Mon Sep 28 22:10:10 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 28 Sep 2015 16:10:10 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <20150928200038.GB472@sony> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> Message-ID: <874miel2zh.fsf@alice.fifthhorseman.net> On Mon 2015-09-28 16:00:38 -0400, SGT. Garcia wrote: > i really want it as the only authentication required that is open password from > user logs him in and decrypts the passwords. > >> > that would be my email account not my local user account, correct? >> >> The attack i described is an attack against your local user account, >> though i suspect it could be leveraged into an attack against your >> e-mail account as well. > > how does it work, does gnupg phone home? i suspect not. i did not agree to > import anything but apparently my mail client (mutt) and/or gnupg took the > initiative to do so. if that's true then that's a misconfiguration or bad > default configuration of mutt and/or gnupg, i think. There is no phoning home. Do you ever import keys that other people send you? or keys you find on the web? or keys attached to e-mail messages? Are you sure the things imported can't include a secret key? Apparently i'm not doing a great job at communicating this scenario to you. sorry about that. Maybe someone else can try to explain it more clearly than i can. I understand what you're asking for, and i see how it would be a useful thing. However, i think you should constrain it much more tightly than what you appear to be asking for, and i don't think that such a thing already exists. It would be a bit of engineering work to make sure that it's functional, but i'd be happy to review something like this if somebody wants to propose it. --dkg From rjh at sixdemonbag.org Mon Sep 28 22:26:35 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 16:26:35 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <56099C4E.8090904@mail.ru> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> Message-ID: <5609A27B.70200@sixdemonbag.org> > Most od 2.x "improvements" have little to do with security. Per NIST, RSA-2048 is believed safe until 2030. That means that if you need to keep secrets longer than fifteen years, you need to move away from RSA completely. RSA-3072 is not all that much stronger than RSA-2048, and RSA-4096 adds even less. The future is clear: 512-bit ECC, which is about as resistant to brute-forcing as AES256. GnuPG 2.1 has it. GnuPG 1.4 *will never get it*. That means each day that moves forward is one day closer to GnuPG 1.4's obsolescence. Other major improvements: the codebase is cleaner. There's more separation of code. Most crypto operations are now handled by libgcrypt, which is a great move. The more libgcrypt gets used by outside people, the better a chance we have of spotting bugs before they become problems. There are a lot of important improvements in 2.0. I'm not saying I'm a fan of all the decisions the development team made, but on balance I think it's a much better product than 1.4 ever was. > I can't offer any conclusive evidence for this, but it is my > honest estimate... If your name were Vint Cerf, Admiral Mike Rogers, Whit Diffie, or someone of that caliber -- then yes, I might be able to look at who you are, your professional history, your accomplishments, and come to a reasoned evaluation of how much credence I should lend to your honest estimates. But I don't know you. I don't know your reputation, I don't know who's worked with you that will vouch for you... nothing. Without that, why should I consider your estimates to be any more reliable than a Ouija board? From rjh at sixdemonbag.org Mon Sep 28 22:29:47 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 16:29:47 -0400 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <20150928193943.Horde.EZFzsuP9nef34WDawYbvtb-@slackmail.co.uk> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> <56097FFE.4090809@digitalbrains.com> <560982F3.4040109@sixdemonbag.org> <56098548.3070106@digitalbrains.com> <20150928193943.Horde.EZFzsuP9nef34WDawYbvtb-@slackmail.co.uk> Message-ID: <5609A33B.2090600@sixdemonbag.org> > If PGP implementations aren't too far off topic for this list what do > you all think of https://www.mailpile.is/ I've run into some of the Mailpile people at various conferences and on various mailing lists. I've yet to hear anything unusually foolish from them.[1] I can't recommend them because I haven't looked at their product very much, but so far I've yet to find anything to make me suspect them, either. [1] Usual foolishness is, of course, expected. We're all human. I'm as usually foolish as the next person. It's only unusual degrees of foolishness that are cause for concern. From listofactor at mail.ru Mon Sep 28 22:52:44 2015 From: listofactor at mail.ru (listo factor) Date: Mon, 28 Sep 2015 20:52:44 +0000 Subject: Should I be using gpg or gpg2? In-Reply-To: <5609A27B.70200@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> Message-ID: <5609A89C.8010504@mail.ru> On 09/28/2015 08:26 PM, Robert J. Hansen wrote: >> Most od 2.x "improvements" have little to do with security. > > Per NIST, RSA-2048 is believed safe until 2030. That means that if you > need to keep secrets longer than fifteen years, you need to move away > from RSA completely. RSA-3072 is not all that much stronger than > RSA-2048, and RSA-4096 adds even less. Most of those that use gpg because they really, really need to keep their secrets from their adversaries are concerned with this year and next, not about A.D. 2030. Their enemy is mistakes caused by overly complex interfaces, much more than residual differences in the cryptographic primitives. (Kind of AK-47 vs M16 thing). > If your name were Vint Cerf, Admiral Mike Rogers, Whit Diffie, or > someone of that caliber... I'm obviously not one of those gentlemen; my "caliber" is that of a half-educated practitioner toiling in the trenches. But sometimes those can offer observations that escape the admirals and generals... From rjh at sixdemonbag.org Mon Sep 28 23:36:19 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 28 Sep 2015 17:36:19 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <5609A89C.8010504@mail.ru> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <5609A89C.8010504@mail.ru> Message-ID: <5609B2D3.2090609@sixdemonbag.org> > Most of those that use gpg because they really, really need to keep > their secrets from their adversaries are concerned with this year > and next, not about A.D. 2030. Without knowing the basis for this claim, I have to reject it. > I'm obviously not one of those gentlemen; my "caliber" is that of a > half-educated practitioner toiling in the trenches. But sometimes > those can offer observations that escape the admirals and generals... To paraphrase the movie _A Few Good Men_, it doesn't matter what you know, it only matters what you can prove. You could tell us all what the winning lottery numbers would be, but unless you had some way to prove your accuracy ahead of the drawing your prediction would mean little. You may very well have excellent insights to share, but without having any way to evaluate their likelihood of correctness how can we have any confidence in them? This week's lucky numbers may very well be 7, 8, 24, 29 and 31, but how can we know? How can we have confidence? Why should we listen? From daniele at grinta.net Mon Sep 28 22:29:02 2015 From: daniele at grinta.net (Daniele Nicolodi) Date: Mon, 28 Sep 2015 22:29:02 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <56099C4E.8090904@mail.ru> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> Message-ID: <5609A30E.2010508@grinta.net> On 28/09/15 22:00, listo factor wrote: > On 09/28/2015 05:40 PM, Werner Koch - wk at gnupg.org wrote: > > On Mon, 28 Sep 2015 13:23, listofactor at mail.ru said: > > > >> Unless you have specific reasons for transitioning to gpg2, stick > >> with gpg (GnuPG) 1.4.16. It is just as secure, and much easier > > ^^^^^^^^^^ > > > > That is definitely not the case. All improvements go into 2.1 > > and some are backported to 2.0. We only add necessary > > fixes to 1.4. > > Most od 2.x "improvements" have little to do with security. Even assuming that this is true, there "most" in not all, thus there are some improvements in the 2.0 ad 2.1 release series that are not in the 1.4 one. That alone is a good reason to move to the modern GPG implementations. > I can't offer any conclusive evidence for this, but it is my > honest estimate that more real-world sensitive traffic volume > is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any > was insecure, this would be of significantly greater benefit to > a whole class of large institutional web-traffic attackers than > if 2.x was insecure. So, if 1.4.x is indeed in any way insecure, > that should merit more serious and immediate attention that if > 2.x was insecure. As much as I like conclusions based on anecdotal evidence, I don't really see what you want to say with that statement. GnuPG 1.4 receives all the bug fixes it needs based on known bugs, however, code improvement and architectural changes that make the system more secure are implemented only in 2.1 and partially in 2.0. I don't see anything wrong or worrisome with that. Cheers, Daniele From gniibe at fsij.org Tue Sep 29 04:44:17 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 29 Sep 2015 11:44:17 +0900 Subject: An update on poldi? [was: Re: unlock keychain with pam authentication] In-Reply-To: <87mvw6lbj1.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928020440.GB9772@sony> <87mvw6lbj1.fsf@alice.fifthhorseman.net> Message-ID: <5609FB01.5020902@fsij.org> Thank you, dkg for Cc-ing. On 09/29/2015 02:05 AM, Daniel Kahn Gillmor wrote: > On Sun 2015-09-27 22:04:40 -0400, SGT. Garcia wrote: >> On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote: >>> You might be interested in libpam-poldi: >>> >>> http://www.g10code.com/p-poldi.html >> >> i get 'not found' error. google finds me this: >> http://www.schiessle.org/howto/poldi.html >> >> assuming they're the same thing it mentions gnupg smartcards; not sure what that >> is but i'm guessing the module can be used with pam regardless even without the >> card; correct? > > Cc'ing gniibe, who might be able to give us some feedback on the state > of poldi. Poldi works with smartcard, specifically OpenPGPcard compatible. It doesn't work without OpenPGPcard compatible smartcard. I maintain Poldi and Scute for Debian. Since those two projects are orphaned by upstream, I only do small changes. Last year, I did small changes for Poldi, when a person asked me if Poldi can still work on Fedora. Those changes are in the repository: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=poldi.git;a=summary He said that he would be able to have a little budget for further development of Poldi, but it seems that my unpaid work of last year was just enough for him, and it didn't proceed further. Personally, I think that the use case for Poldi for login authentication is fundamentally different than the use case of OpenPGPcard for SSH authentication. I tend to assume ownership of computer and OpenPGPcard is by its users, but in some (or most) cases, Poldi is used in the situation where computer owner is a company and OpenPGPcard owner is also a company (and a company let employees use their computers). Who controls what, is different. Thus, in my opinion, Poldi is an experimental project, just for seeking the technical possibility, which doesn't go anywhere. * * * For authentication of sudo on remote machine, I think that we can use pam_ssh_agent [0] together with GnuPG, if we can configure correctly. I don't have any experiences, though. It would be good if we can also do similar thing directly by gpg-agent remote access. [0] pam_ssh_agent: http://pamsshagentauth.sourceforge.net/ -- From listofactor at mail.ru Tue Sep 29 05:55:48 2015 From: listofactor at mail.ru (listo factor) Date: Tue, 29 Sep 2015 03:55:48 +0000 Subject: Should I be using gpg or gpg2? In-Reply-To: <5609B2D3.2090609@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <5609A89C.8010504@mail.ru> <5609B2D3.2090609@sixdemonbag.org> Message-ID: <560A0BC4.2090907@mail.ru> On 09/28/2015 09:36 PM, Robert J. Hansen wrote: > To paraphrase the movie _A Few Good Men_, it doesn't matter what you > know, it only matters what you can prove. I'm not here to prove anything. An Internet mailing list is not about proving things. It lacks both the procedural rigour and an impartial umpire; two things that are sine qua non for the concept of "proving". The observations I'm offering here are simply that; observations of a user of the product. The only reason they might be worth reader's time is that they come from someone familiar with the world of end-users with limited resources combined with a real need for the facilities this product has to offer. From guanx.bac at gmail.com Tue Sep 29 10:52:56 2015 From: guanx.bac at gmail.com (Guan Xin) Date: Tue, 29 Sep 2015 10:52:56 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <5609EEF5.9080909@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <5609EEF5.9080909@sixdemonbag.org> Message-ID: On Tue, Sep 29, 2015 at 3:52 AM, Robert J. Hansen wrote: > Please respond on-list; I generally don't like answering questions off-list. Sorry, was too sleepy last night and did not click on "Reply to all". > So if ECC falls, well -- so will RSA. Ok quite clear, that means if RSA falls, so had ECC already. > If we ever reach the point where we have large-scale quantum computers, > the solution isn't going to be RSA: it's going to be quantum-resistant > algorithms like McEliece or lattice cryptography or Goppa codes or > Lamport signatures or... Didn't know these cryptosystems before. Thanks very much for pointing out to these keywords! This is readlly helpful. Guan From darwinskernel at gmail.com Tue Sep 29 00:16:17 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Mon, 28 Sep 2015 18:16:17 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <874miel2zh.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> <874miel2zh.fsf@alice.fifthhorseman.net> Message-ID: <20150928221617.GB1174@sony> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote: > On Mon 2015-09-28 16:00:38 -0400, SGT. Garcia wrote: > > i really want it as the only authentication required that is open password from > > user logs him in and decrypts the passwords. > > > >> > that would be my email account not my local user account, correct? > >> > >> The attack i described is an attack against your local user account, > >> though i suspect it could be leveraged into an attack against your > >> e-mail account as well. > > > > how does it work, does gnupg phone home? i suspect not. i did not agree to > > import anything but apparently my mail client (mutt) and/or gnupg took the > > initiative to do so. if that's true then that's a misconfiguration or bad > > default configuration of mutt and/or gnupg, i think. > > There is no phoning home. Do you ever import keys that other people > send you? or keys you find on the web? or keys attached to e-mail > messages? Are you sure the things imported can't include a secret key? this is the first time i hear about *importing* to be honest. after reading, yes just reading, your email a new key was added and on the next run of 'notmuch new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds in attachments. > Apparently i'm not doing a great job at communicating this scenario to > you. sorry about that. Maybe someone else can try to explain it more > clearly than i can. it's not your fault. i think i'm missing some background on this. > I understand what you're asking for, and i see how it would be a useful > thing. However, i think you should constrain it much more tightly than > what you appear to be asking for, and i don't think that such a thing > already exists. It would be a bit of engineering work to make sure that > it's functional, but i'd be happy to review something like this if > somebody wants to propose it. > > --dkg for now i just nuked my old .gnupg directory and created a new one without passphrase. seems to accomplish the same thing, i.e. no more annoying passphrase dialog. i will have to confirm on the next boot though. sgt From andrewg at andrewg.com Tue Sep 29 14:53:32 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Tue, 29 Sep 2015 13:53:32 +0100 Subject: unlock keychain with pam authentication In-Reply-To: <20150928221617.GB1174@sony> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> <874miel2zh.fsf@alice.fifthhorseman.net> <20150928221617.GB1174@sony> Message-ID: <560A89CC.3030107@andrewg.com> On 28/09/15 23:16, SGT. Garcia wrote: > On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote: >> >> Do you ever import keys that other people >> send you? or keys you find on the web? or keys attached to e-mail >> messages? Are you sure the things imported can't include a secret key? > > this is the first time i hear about *importing* to be honest. after reading, yes > just reading, your email a new key was added and on the next run of 'notmuch > new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds > in attachments. Surely that 'feature' needs removing asap? Andrew. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From malte at wk3.org Tue Sep 29 16:03:49 2015 From: malte at wk3.org (Malte) Date: Tue, 29 Sep 2015 16:03:49 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <56099C4E.8090904@mail.ru> References: <14017153.kx2cm4khmE@fedora> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> Message-ID: <1516097.7NsdhjtWNe@localhost> > I can't offer any conclusive evidence for this, but it is my > honest estimate that more real-world sensitive traffic volume > is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any > was insecure, this would be of significantly greater benefit to > a whole class of large institutional web-traffic attackers than > if 2.x was insecure. So, if 1.4.x is indeed in any way insecure, > that should merit more serious and immediate attention that if > 2.x was insecure. The other, and in my opinion much more sensible, course of action would be to migrate all these systems that still use 1.4 to 2.1. Version numbers are like entropy: They only increase, never decrease. Sincerely, Malte From peter at digitalbrains.com Tue Sep 29 16:16:32 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 29 Sep 2015 16:16:32 +0200 Subject: Own Mail: PGP running on local server; Is it secure In-Reply-To: <20150928193943.Horde.EZFzsuP9nef34WDawYbvtb-@slackmail.co.uk> References: <20150926113657.Horde.oqbo4_PTIvtpEXqQNLv9yrE@slackmail.co.uk> <5609723E.8090408@sixdemonbag.org> <56097FFE.4090809@digitalbrains.com> <560982F3.4040109@sixdemonbag.org> <56098548.3070106@digitalbrains.com> <20150928193943.Horde.EZFzsuP9nef34WDawYbvtb-@slackmail.co.uk> Message-ID: <560A9D40.100@digitalbrains.com> On 28/09/15 20:39, sam_uk at riseup.net wrote: > Hi all Hi! > Thanks for your comments, not exactly a ringing endorsement! Well, for some reason I never got the mail that started this discussion, a reply by Robert J. Hansen was the first I saw of it. And I didn't check the website. But the quotes from the website he put in a subsequent reply miss the mark by far, and that is a red flag to me. I wouldn't need any more background for myself at that point. If they can't get that right, I've lost trust. Crypto requires care, and I don't see that reflected in what he quoted. I don't think my viewpoint is too idealistic for the real world, but maybe I'm wrong about that. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From dkg at fifthhorseman.net Tue Sep 29 16:28:17 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 29 Sep 2015 10:28:17 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <560A89CC.3030107@andrewg.com> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> <874miel2zh.fsf@alice.fifthhorseman.net> <20150928221617.GB1174@sony> <560A89CC.3030107@andrewg.com> Message-ID: <878u7pz4e6.fsf@alice.fifthhorseman.net> On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher wrote: > On 28/09/15 23:16, SGT. Garcia wrote: >> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote: >>> >>> Do you ever import keys that other people >>> send you? or keys you find on the web? or keys attached to e-mail >>> messages? Are you sure the things imported can't include a secret key? >> >> this is the first time i hear about *importing* to be honest. after reading, yes >> just reading, your email a new key was added and on the next run of 'notmuch >> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds >> in attachments. > > Surely that 'feature' needs removing asap? I'm surprised to hear that notmuch has this feature, and i haven't seen it happen myself. I'm one of the people who helped contribute to notmuch's OpenPGP mechanisms. This sounds like something to be raised on the notmuch mailing list, though. --dkg From andrewg at andrewg.com Tue Sep 29 16:33:38 2015 From: andrewg at andrewg.com (Andrew Gallagher) Date: Tue, 29 Sep 2015 15:33:38 +0100 Subject: unlock keychain with pam authentication In-Reply-To: <878u7pz4e6.fsf@alice.fifthhorseman.net> References: <20150922151338.GB3664@sony> <8737y3dwk7.fsf@alice.fifthhorseman.net> <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> <874miel2zh.fsf@alice.fifthhorseman.net> <20150928221617.GB1174@sony> <560A89CC.3030107@andrewg.com> <878u7pz4e6.fsf@alice.fifthhorseman.net> Message-ID: <560AA142.2040803@andrewg.com> On 29/09/15 15:28, Daniel Kahn Gillmor wrote: > On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher wrote: >> On 28/09/15 23:16, SGT. Garcia wrote: >>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote: >>>> >>>> Do you ever import keys that other people >>>> send you? or keys you find on the web? or keys attached to e-mail >>>> messages? Are you sure the things imported can't include a secret key? >>> >>> this is the first time i hear about *importing* to be honest. after reading, yes >>> just reading, your email a new key was added and on the next run of 'notmuch >>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds >>> in attachments. >> >> Surely that 'feature' needs removing asap? > > I'm surprised to hear that notmuch has this feature, and i haven't seen > it happen myself. I'm one of the people who helped contribute to > notmuch's OpenPGP mechanisms. > > This sounds like something to be raised on the notmuch mailing list, > though. I was referring to mutt (allegedly) importing random secret keys that it finds attached to arbitrary mails... but yes, a discussion for elsewhere. A -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From darwinskernel at gmail.com Tue Sep 29 17:02:19 2015 From: darwinskernel at gmail.com (SGT. Garcia) Date: Tue, 29 Sep 2015 11:02:19 -0400 Subject: unlock keychain with pam authentication In-Reply-To: <560AA142.2040803@andrewg.com> References: <20150928001420.GA9772@sony> <87pp12lbn5.fsf@alice.fifthhorseman.net> <20150928171606.GB6087@sony> <87bncml7ch.fsf@alice.fifthhorseman.net> <20150928200038.GB472@sony> <874miel2zh.fsf@alice.fifthhorseman.net> <20150928221617.GB1174@sony> <560A89CC.3030107@andrewg.com> <878u7pz4e6.fsf@alice.fifthhorseman.net> <560AA142.2040803@andrewg.com> Message-ID: <20150929150219.GA458@sony> On Tue, Sep 29, 2015 at 03:33:38PM +0100, Andrew Gallagher wrote: > On 29/09/15 15:28, Daniel Kahn Gillmor wrote: > > On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher wrote: > >> On 28/09/15 23:16, SGT. Garcia wrote: > >>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote: > >>>> > >>>> Do you ever import keys that other people > >>>> send you? or keys you find on the web? or keys attached to e-mail > >>>> messages? Are you sure the things imported can't include a secret key? > >>> > >>> this is the first time i hear about *importing* to be honest. after reading, yes > >>> just reading, your email a new key was added and on the next run of 'notmuch > >>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds > >>> in attachments. > >> > >> Surely that 'feature' needs removing asap? > > > > I'm surprised to hear that notmuch has this feature, and i haven't seen > > it happen myself. I'm one of the people who helped contribute to > > notmuch's OpenPGP mechanisms. > > > > This sounds like something to be raised on the notmuch mailing list, > > though. > > I was referring to mutt (allegedly) importing random secret keys that it > finds attached to arbitrary mails... but yes, a discussion for elsewhere. > > A > mutt indeed; not notmuch. notmuch; well in fact in my setting isync is going to sync _everything_ with upstream imap repo regardless. my best guess is that it's mutt that imports the key. i will resend a copy of this to mutt's mailing list. sgt From johanw at vulcan.xs4all.nl Tue Sep 29 17:28:22 2015 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Tue, 29 Sep 2015 17:28:22 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <5609A27B.70200@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> Message-ID: <560AAE16.3070508@vulcan.xs4all.nl> On 28-09-2015 22:26, Robert J. Hansen wrote: > RSA-3072 is not all that much stronger than RSA-2048, and RSA-4096 adds even less. AFAIK RSA-3072 (and ElGamal-3072) are comparable to AES-128. That's strong enough for the forseable future; the only known thing they are vyulnerable to (except for rubber-hose cryptography, keyloggers and other "cheats") is a working quantum computer But if we have that, this: > The future is clear: 512-bit ECC, which is about as resistant to > brute-forcing as AES256. won't help either and you need things like lattice cryptography (with even bigger keys unfortunately). -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From rjh at sixdemonbag.org Tue Sep 29 18:04:59 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 29 Sep 2015 12:04:59 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <560AAE16.3070508@vulcan.xs4all.nl> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <560AAE16.3070508@vulcan.xs4all.nl> Message-ID: <560AB6AB.40201@sixdemonbag.org> > AFAIK RSA-3072 (and ElGamal-3072) are comparable to AES-128. No: they're comparable to AES-128 *at our present level of mathematical knowledge*. That's a very important qualifier. Back in the mid-to-late '80s, Ron Rivest declared that 1024-bit RSA keys would be unbreakable for at least the next century. The initial releases of PGP 2.6 offered 512-bit, 768-bit, and 1024-bit keys, and people recommended against using 1024-bit keys the same way we recommend against 16384-bit keys today. And, at the time these predictions were made, there was every reason to think they were accurate. They just all made the same error, which was thinking the quadratic field sieve couldn't be improved upon. That was a conjecture. It turned out to be false. When the general number field sieve was invented, almost immediately afterwards factoring records began to fall. Today, 512- and 768-bit keys are considered grossly inadequate, and a 1024-bit key is on the razor's edge of adequacy. I don't know when the next mathematical revolution (something like the general number field sieve) will come along. But when it does, it's going to really upend the apple cart and our RSA-3072 keys aren't going to be equivalent to AES-128 any more. > That's strong enough for the forseable future; the only known thing > they are vyulnerable to (except for rubber-hose cryptography, > keyloggers and other "cheats") is a working quantum computer. No, they're vulnerable to some graduate student slurping up a bowl of ramen who looks at something on the blackboard and says, "hey, that's weird." It's happened before: look into George Dantzig. Dan Boneh has already published an awe-inspiring paper showing that RSA isn't anywhere near as safe as we think it is: http://crypto.stanford.edu/~dabo/abstracts/no_rsa_red.html Breaking RSA is not equivalent to factoring; it's possible to break RSA without needing to factor large numbers. We just don't know how and we've made precisely zero headway on that question. But you never know when a George Dantzig will appear. And that means I think your long-term confidence in RSA is misplaced. From rjh at sixdemonbag.org Tue Sep 29 18:18:47 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 29 Sep 2015 12:18:47 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <560AB6AB.40201@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <560AAE16.3070508@vulcan.xs4all.nl> <560AB6AB.40201@sixdemonbag.org> Message-ID: <560AB9E7.1020507@sixdemonbag.org> > Dan Boneh has already published an awe-inspiring paper showing that RSA > isn't anywhere near as safe as we think it is: Eh. Correction: *may* not be anywhere near as safe it is. Definitely shows that our confidence in RSA probably isn't as well-founded as we'd like. I did a pretty long writeup of the implications of the paper a couple of years ago. Read: https://lists.gnupg.org/pipermail/gnupg-users/2013-September/047466.html From leo at gaspard.io Tue Sep 29 18:18:05 2015 From: leo at gaspard.io (Leo Gaspard) Date: Tue, 29 Sep 2015 18:18:05 +0200 Subject: Should I be using gpg or gpg2? In-Reply-To: <560AB6AB.40201@sixdemonbag.org> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <560AAE16.3070508@vulcan.xs4all.nl> <560AB6AB.40201@sixdemonbag.org> Message-ID: <560AB9BD.8090000@gaspard.io> On 09/29/2015 06:04 PM, Robert J. Hansen wrote: > But you never know when a George Dantzig will appear. And that means I > think your long-term confidence in RSA is misplaced. Does that mean long-term confidence in elliptic curves would be better placed? Does ECC rely on a stronger mathematical basis, or is it just vulnerable to another kind of George Dantzig? From rjh at sixdemonbag.org Tue Sep 29 19:37:56 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 29 Sep 2015 13:37:56 -0400 Subject: Should I be using gpg or gpg2? In-Reply-To: <560AB9BD.8090000@gaspard.io> References: <14017153.kx2cm4khmE@fedora> <56092334.7020308@mail.ru> <87d1x2fnnz.fsf@vigenere.g10code.de> <56099C4E.8090904@mail.ru> <5609A27B.70200@sixdemonbag.org> <560AAE16.3070508@vulcan.xs4all.nl> <560AB6AB.40201@sixdemonbag.org> <560AB9BD.8090000@gaspard.io> Message-ID: <560ACC74.5090306@sixdemonbag.org> > Does that mean long-term confidence in elliptic curves would be better > placed? I don't know. Sorry. :( What I do know is that, judging from past experience, our projections on key lengths need to take into account the possibility of radical improvements in mathematics that make our original projections optimistic. ECC-256 is probably good enough for any imaginable purpose for the foreseeable future, at least up until quantum computers come along. That's why I favor using ECC-512 instead. :) > Does ECC rely on a stronger mathematical basis Different, but I'm not sure I'd say stronger. And yes, it's still susceptible to mathematical breakthroughs. From laurent at elanor.org Tue Sep 29 21:00:18 2015 From: laurent at elanor.org (Laurent Blume) Date: Tue, 29 Sep 2015 21:00:18 +0200 Subject: Non-interactive PIN not accepted, gpg hangs Message-ID: <560ADFC2.4050000@elanor.org> Hello all, I'm trying to setup automatic file decryption using a smartcard to store the private key. Interactively, it all works fine, I get the PIN request, enter it, decryption works, all good. Non-interactively, however, I can't get it to work: gpg-agent always spawns a pinentry in the background, and gpg waits for it indefinitely, instead of using the PIN provided on the command line. Here's a short example: # eval $(gpg-agent --daemon) # echo 123456 | gpg --batch --passphrase-fd 0 --quiet --decrypt file.gpg ^C gpg: signal Interrupt caught ... exiting # ps -edf | grep pinentry root 26216 26035 0 11:33 ? 00:00:00 /usr/bin/pinentry-curses Running gpg-agent with --debug-level guru shows it starts scdaemon, finds the card, decides it needs the PIN and asks for it. If the PIN is entered once interactively, then the command above succeeds, because the card is unlocked (ie the command-line PIN is still ignored). It's on RHEL6 using the system's 2.0.14 version, and a Nitrokey Pro card. Thanks in advance for any help, Laurent From heiko at hfolkerts.de Tue Sep 29 21:51:56 2015 From: heiko at hfolkerts.de (Heiko Folkerts) Date: Tue, 29 Sep 2015 21:51:56 +0200 Subject: adding card keys and make them non exportable Message-ID: <004c01d0faf0$4bf29af0$e3d7d0d0$@hfolkerts.de> Hi all, I am new to this list and have a question I couldn't find answered either in the docs or in the FAQ. I just started using a smart card with GPG namely the nitro key www.nitrokey.com . It behaves like a smart card so this shouldcorrespond to any GPG card as well. I already had a key pair with some signatures so I decided to add a card sub key to my main key as explained in the manual. I did this by Gpg --edit-key b5f8d556 (ny main key ID) Addcardkey I created all three kinds of keys and they show up in the main key. I now can export the secret sub keys with Gpg --export-secret-subkeys Or one by one specifying the single key IDS. AFAIK the trick to smart cards ist hat the keys are not exportable from them. So while exporting the keys to a backup was helpful to me I'd like to know how to keep them only on the card and make them no longer exportable. AFAIK the exports contain a valid looking key block. Keytocard Resulted in the message that the keys are already on the card (which is OK) but still they can be exported. So how to proceed? Thanks in advance Heiko Machen Sie mit und teilen Sie Ihr Wissen auf www.besonderetipps.de Bitte sch?tzen Sie meine und Ihre privatsph?re und verwenden Sie PGP. pub 2048R/B5F8D556 2014-08-06 Schl.-Fingerabdruck = 758D DA37 1DA1 1E2F 7CDD 60A2 F3F4 1E8D B5F8 D556 uid [ uneing.] Heiko Folkerts uid [ uneing.] Heiko Folkerts uid [ uneing.] Heiko Folkerts sub 4096g/BC0D1006 2015-08-27 [verf?llt: 2016-08-26] From dgouttegattat at incenp.org Tue Sep 29 23:07:11 2015 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Tue, 29 Sep 2015 23:07:11 +0200 Subject: adding card keys and make them non exportable In-Reply-To: <004c01d0faf0$4bf29af0$e3d7d0d0$@hfolkerts.de> References: <004c01d0faf0$4bf29af0$e3d7d0d0$@hfolkerts.de> Message-ID: <560AFD7F.5040607@incenp.org> On 09/29/2015 09:51 PM, Heiko Folkerts wrote: > AFAIK the exports contain a valid looking key block. It *looks like* a valid key block, but--if the keytocard operation was indeed successful--it's actually only a "stub" that does not contain any private material. You can check the actual contents of the exported data with the --list-packets option: $ gpg --list-packets your_exported_private_keys.gpg Look for the following lines in the output: :secret sub key packet: [...] gnu-divert-to-card S2K, [...] serial-number: You should see those lines once for each subkey that you moved to the card. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From gniibe at fsij.org Wed Sep 30 01:39:26 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 30 Sep 2015 08:39:26 +0900 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560ADFC2.4050000@elanor.org> References: <560ADFC2.4050000@elanor.org> Message-ID: <560B212E.8080909@fsij.org> On 09/30/2015 04:00 AM, Laurent Blume wrote: > Non-interactively, however, I can't get it to work: gpg-agent always > spawns a pinentry in the background, and gpg waits for it indefinitely, > instead of using the PIN provided on the command line. As far as I know, you can't provide a PIN by command line. You can provide passphrase from file for symmetric encryption, though. Instead, you can unlock your smartcard beforehand, interactively. $ gpg-connect-agent "SCD CHECKPIN D276000124010200F517000000010000" /bye ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Please change this to your Application ID. gpg --card-status shows it. BTW, I got a report that RSA-4096 decryption doesn't work well on Nitrokey Pro. If you are using RSA-4096 decryption on Nitrokey Pro successfully, please let us know. -- From gniibe at fsij.org Wed Sep 30 02:17:10 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 30 Sep 2015 09:17:10 +0900 Subject: PAM authentication with gpg or ssh key In-Reply-To: References: Message-ID: <560B2A06.3080006@fsij.org> Hello, Yesterday, I included my answer to your question to a different thread. I should have replied to this post. I think that your question is relevant to GnuPG community. On 09/29/2015 02:06 AM, Schlacta, Christ wrote: > Therefore, I'm looking for a way to have PAM query the ssh-agent > remotely, or optionally locally in rare instances if possible, for > authentication. My answer was: ================================= For authentication of sudo on remote machine, I think that we can use pam_ssh_agent [0] together with GnuPG, if we can configure correctly. I don't have any experiences, though. It would be good if we can also do similar thing directly by gpg-agent remote access. [0] pam_ssh_agent: http://pamsshagentauth.sourceforge.net/ ================================= I think that it's good if a user can consolidate his private key management under GnuPG (possibly with OpenPGPcard compatible). Besides, it would be good if OpenPGPcard can have more authentication keys (for different purposes), too. Perhaps, if there are some demands, I should write U2F module using gpg-agent (and revive Scute, accordingly). I believe that this is a way to go, for those users who want to consolidate things cleanly. -- From dkg at fifthhorseman.net Wed Sep 30 05:37:01 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 29 Sep 2015 20:37:01 -0700 Subject: GnuPG User ID expiry In-Reply-To: <87wpvfx7j7.fsf@wi.uni-muenster.de> References: <87wpvfx7j7.fsf@wi.uni-muenster.de> Message-ID: <87wpv84lya.fsf@alice.fifthhorseman.net> Hi Jens-- On Fri 2015-09-25 00:49:48 -0700, Jens Lechtenboerger wrote: > I tried to generate test keys with expired user IDs (under faked > system time), but I failed, with gpg 1.4 as well as 2.1.8. I tried > to use the options default-sig-expire and default-cert-expire as > well as ask-sig-expire and ask-cert-expire when adding user IDs via > --edit-key. > > However, gpg --list-options show-sig-expire --list-sigs > indicates that the signatures expire ?never?. with 2.1.8, i get an expiration prompt for the user ID if i use: gpg2 --full-gen-key However, i agree with you that it seems like the following command ought to generate an expired key: gpg2 --faked-system-time 20100101T000000 --default-cert-expire 1y --quick-gen-key 'Test Key ' But in my tests, it does not. This seems like a bug in the implementation of --default-cert-expire. Maybe someone? should file it at https://bugs.gnupg.org/ :) > How can I generate/add user IDs with expiration dates or change the > expiration date of user IDs? You can do this with "gpg --edit-key $KEYID" In the subprompt GnuPG provides, use "1" (or "2", etc) to select which user ID you want. then use "expire" to change the expiration for that user ID. hth, --dkg From sphericaltriangle at rezozer.net Wed Sep 30 05:00:24 2015 From: sphericaltriangle at rezozer.net (Jerome BENOIT) Date: Wed, 30 Sep 2015 05:00:24 +0200 Subject: PAM authentication with gpg or ssh key In-Reply-To: <560B2A06.3080006@fsij.org> References: <560B2A06.3080006@fsij.org> Message-ID: <560B5048.70602@rezozer.net> Hi ! concerning PAM authentification with SSH, you may want to give a try to libpam-ssh Jerome On 30/09/15 02:17, NIIBE Yutaka wrote: > Hello, > > Yesterday, I included my answer to your question to a different > thread. I should have replied to this post. > > I think that your question is relevant to GnuPG community. > > On 09/29/2015 02:06 AM, Schlacta, Christ wrote: >> Therefore, I'm looking for a way to have PAM query the ssh-agent >> remotely, or optionally locally in rare instances if possible, for >> authentication. > > My answer was: > ================================= > For authentication of sudo on remote machine, I think that we can use > pam_ssh_agent [0] together with GnuPG, if we can configure correctly. > I don't have any experiences, though. It would be good if we can also > do similar thing directly by gpg-agent remote access. > > [0] pam_ssh_agent: http://pamsshagentauth.sourceforge.net/ > ================================= > > I think that it's good if a user can consolidate his private key > management under GnuPG (possibly with OpenPGPcard compatible). > Besides, it would be good if OpenPGPcard can have more authentication > keys (for different purposes), too. > > Perhaps, if there are some demands, I should write U2F module using > gpg-agent (and revive Scute, accordingly). I believe that this is a > way to go, for those users who want to consolidate things cleanly. > From laurent at elanor.org Wed Sep 30 11:20:27 2015 From: laurent at elanor.org (Laurent Blume) Date: Wed, 30 Sep 2015 11:20:27 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560B212E.8080909@fsij.org> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> Message-ID: <560BA95B.8080408@elanor.org> Le 2015/09/30 01:39 +0200, Niibe Yutaka a ?crit: > As far as I know, you can't provide a PIN by command line. > > You can provide passphrase from file for symmetric encryption, though. > > Instead, you can unlock your smartcard beforehand, interactively. I really, really need it to be non-interactive. There's going to be a bunch of critical processes depending on it, the point is replacing passphrases stored in clear in scripts alongside keyrings. I thought PIN (and the user PIN / admin PIN separation) would allow to do just that more securely, so it's rather disappointing. That it gets stuck and leaves zombies behind instead of gracefully failing is not encouraging either. > $ gpg-connect-agent "SCD CHECKPIN D276000124010200F517000000010000" /bye > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Please change this to your Application ID. gpg --card-status shows it. > > BTW, I got a report that RSA-4096 decryption doesn't work well on > Nitrokey Pro. If you are using RSA-4096 decryption on Nitrokey Pro > successfully, please let us know. Good to know. I'm not planning to use beyond 2048 for now, but I'll keep it in mind in case requirements change. Thanks for your reply, Laurent From peter at digitalbrains.com Wed Sep 30 12:54:29 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 30 Sep 2015 12:54:29 +0200 Subject: Local PAM authentication with OpenPGP Card (was Re: PAM authentication with gpg or ssh key) In-Reply-To: <560B2A06.3080006@fsij.org> References: <560B2A06.3080006@fsij.org> Message-ID: <560BBF65.3060000@digitalbrains.com> On 30/09/15 02:17, NIIBE Yutaka wrote: > Perhaps, if there are some demands, I should write U2F module using > gpg-agent (and revive Scute, accordingly). I believe that this is a > way to go, for those users who want to consolidate things cleanly. Personally, my main interest lies with authentication with the OpenPGP card using the PIN of the OpenPGP card. So not as a second factor! My two factors are: possession of the OpenPGP card and knowledge of the OpenPGP card PIN. I find different, difficult passwords for all my machines too cumbersome. I'd rather use multiple smartcards with different PINs. For remote logins, I think the SSH agent already does a great job; thanks NIIBE and Jerome for the pointers to the PAM modules, they might still be useful for things that really, really want me to use a sudo-like construction instead of plainly SSH'ing as root. But for local logins, I'd like authentication to succeed (PAM) when the OpenPGP card is locally attached to the PC in question and I enter the correct PIN. Pinpad support would be nice. I think I really need to restrict the logins to local ones only. In practice, I would like not to use a separate smartcard for each and every machine. In addition to the cards I already use for my OpenPGP key, I would buy one additional card that would not hold my OpenPGP key, but be exclusively used for local authentication on the systems I don't want to have my OpenPGP key. This means the PIN is the same on every system involved. If remote logins would succeed with this card, one compromised PC could connect to the other. If the smartcard needs to be connected locally and is only accepted for local terminals (Linux VT, local X console), this seems to me to be prevented. In fact, the requirement it is only used on local terminals (which is something you can express in PAM with pam_securetty) should already be enough, but it feels better if the OpenPGP card was restricted to local USB ports. I suppose it's not a strong requirement. So that's my scenario. I'm just expressing my idea of what would be cool. If you decide to work on authentication with OpenPGP cards, this is an idea for one way of using it. Thanks! Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Wed Sep 30 13:19:50 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 30 Sep 2015 13:19:50 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BA95B.8080408@elanor.org> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> Message-ID: <560BC556.1070902@digitalbrains.com> On 30/09/15 11:20, Laurent Blume wrote: > I really, really need it to be non-interactive. You can't unlock the card when the server is booted and then leave it unlocked for the whole time the server is up? You could do it in an SSH session, when correctly set up. The OpenPGP Card does not permit operation without a PIN. There's a new feature in 2.1, loopback pinentry. Perhaps that allows you to provide the PIN non-interactively on booting up the server? I haven't tried the feature, though. Loopback pinentry is the replacement for --passphrase-fd, AIUI. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From laurent at elanor.org Wed Sep 30 14:04:03 2015 From: laurent at elanor.org (Laurent Blume) Date: Wed, 30 Sep 2015 14:04:03 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BC556.1070902@digitalbrains.com> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> <560BC556.1070902@digitalbrains.com> Message-ID: <560BCFB3.8070104@elanor.org> Le 2015/09/30 13:19 +0200, Peter Lebbing a ?crit: > On 30/09/15 11:20, Laurent Blume wrote: >> I really, really need it to be non-interactive. > > You can't unlock the card when the server is booted and then leave it > unlocked for the whole time the server is up? You could do it in an SSH > session, when correctly set up. There are human resource issues there, but let's focus on the technical side. I've thought about it, but it's not that obvious to set up. It depends on scdaemon, which is started by gpg-agent. It means I would need to create a gpg-agent service, which would run scdaemon reliably. What would happen if any of them dies for $REASON? Unexpected breakage that would make a lot of people very unhappy. However, I think I will do that using a custom pinentry that feeds the PIN to the card automatically. I can already foresee annoying side effects. Like having to stop the service before doing any key management operation, so I can start a ?normal? gpg-agent, then not forgetting to restart it. It means anything using it will need a layer of checks to be sure it's available. > The OpenPGP Card does not permit operation without a PIN. Sure, but I don't see why the entry of a PIN was artificially forced to be interactive. Even if I get it to work, I'll be worried it's a brittle solution. > There's a new feature in 2.1, loopback pinentry. Perhaps that allows you > to provide the PIN non-interactively on booting up the server? I haven't > tried the feature, though. Loopback pinentry is the replacement for > --passphrase-fd, AIUI. I've heard of it. At this point, 2.1 can't be an option, because there's no official support, no even RPM for it. Laurent From peter at digitalbrains.com Wed Sep 30 14:45:00 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 30 Sep 2015 14:45:00 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BCFB3.8070104@elanor.org> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> <560BC556.1070902@digitalbrains.com> <560BCFB3.8070104@elanor.org> Message-ID: <560BD94C.1030602@digitalbrains.com> On 30/09/15 14:04, Laurent Blume wrote: > There are human resource issues there, but let's focus on the technical > side. Yes, I realise that. > I've thought about it, but it's not that obvious to set up. It depends > on scdaemon, which is started by gpg-agent. > It means I would need to create a gpg-agent service, which would run > scdaemon reliably. What would happen if any of them dies for $REASON? > Unexpected breakage that would make a lot of people very unhappy. Processes dying tend to cause breakages in general. The issue here, though, is indeed that simply restarting the process isn't enough. That's where a custom pinentry could help. In principle, it's not difficult to set up. If you want to account for processes randomly dying, then yes, it gets difficult, I agree. But a custom pinentry could save the day. > However, I think I will do that using a custom pinentry that feeds the > PIN to the card automatically. I can already foresee annoying side > effects. Like having to stop the service before doing any key management > operation, so I can start a ?normal? gpg-agent, then not forgetting to > restart it. It means anything using it will need a layer of checks to be > sure it's available. I think it's not that bad, actually. I think in the general case your gpg-agent/scdaemon with loopback pinentry would be restarted automatically if it wasn't available. So you'd "just" have to switch to a normal pinentry when you need to do something requiring the Admin PIN. Is this really something you foresee happening though? I think switching keys on the card is going to be a downtime-incurring operation anyway, since it's not atomic. On-disk keys are much more flexible in that respect. IMHO, you're using a device meant for personal usage as an HSM. It's possible, but your use case is a relatively unusual one, and might require some tweaking indeed. > I've heard of it. At this point, 2.1 can't be an option, because there's > no official support, no even RPM for it. I take it you mean /downstream/ official support, then. Upstream support is fine :). Anyway, a custom pinentry it is, then :). With 2.0. I wouldn't recommend 1.4 with agent, since it is less seamless, and you're gunning for seamless. When people recommend 1.4 for headless servers, I don't think they mean using a gpg-agent with scdaemon. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From laurent at elanor.org Wed Sep 30 15:37:13 2015 From: laurent at elanor.org (Laurent Blume) Date: Wed, 30 Sep 2015 15:37:13 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BD94C.1030602@digitalbrains.com> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> <560BC556.1070902@digitalbrains.com> <560BCFB3.8070104@elanor.org> <560BD94C.1030602@digitalbrains.com> Message-ID: <560BE589.8000706@elanor.org> Le 2015/09/30 14:45 +0200, Peter Lebbing a ?crit: > Processes dying tend to cause breakages in general. The issue here, > though, is indeed that simply restarting the process isn't enough. > That's where a custom pinentry could help. > > In principle, it's not difficult to set up. If you want to account for > processes randomly dying, then yes, it gets difficult, I agree. But a > custom pinentry could save the day. Ultimately, a lot will depend on that, LUKS volumes, file encryption before transfer (GPG and SMIME), Apache secret keys (I've not dared yet think about that one), maybe some others if the PCI auditor feels like it. > I think it's not that bad, actually. I think in the general case your > gpg-agent/scdaemon with loopback pinentry would be restarted > automatically if it wasn't available. So you'd "just" have to switch to > a normal pinentry when you need to do something requiring the Admin PIN. > Is this really something you foresee happening though? I think switching > keys on the card is going to be a downtime-incurring operation anyway, > since it's not atomic. On-disk keys are much more flexible in that respect. Yes, you are right. It will happen at least once a year, when expiring keys have to be replaced. That really should be a smooth process, but it's somewhat less critical. > IMHO, you're using a device meant for personal usage as an HSM. It's > possible, but your use case is a relatively unusual one, and might > require some tweaking indeed. Ah, that is a really good point. The thing is, I asked around (on some other lists), and had a look at HSM's, we even have a hundred thousands ? worth of HSM, used for something completely different. But that's the thing: those very expensive thingies, they come with an API and a manual, you ?only? need to develop your application around it. The NitroKey (and others like it) are both cheaper and easier to deploy using off-the-shelf software (at least it looks so on paper). That said, maybe the Pro model is not the right one, and I made a mistake there out of ignorance. My impression is that there are no middle-ground options between the cheap, personal use device and the super-expensive brick. If you do have suggestions, they're very welcome. I'm still assessing feasibility, and able to change directions. > I take it you mean /downstream/ official support, then. Upstream support > is fine :). Anyway, a custom pinentry it is, then :). With 2.0. I > wouldn't recommend 1.4 with agent, since it is less seamless, and you're > gunning for seamless. When people recommend 1.4 for headless servers, I > don't think they mean using a gpg-agent with scdaemon. Pretty much, yes,. so 2.0 it will be. I might ask RedHat for some help, but really not holding my breath there. Laurent From peter at digitalbrains.com Wed Sep 30 16:10:36 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 30 Sep 2015 16:10:36 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BE589.8000706@elanor.org> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> <560BC556.1070902@digitalbrains.com> <560BCFB3.8070104@elanor.org> <560BD94C.1030602@digitalbrains.com> <560BE589.8000706@elanor.org> Message-ID: <560BED5C.4060403@digitalbrains.com> On 30/09/15 15:37, Laurent Blume wrote: > Ultimately, a lot will depend on that, LUKS volumes, file encryption > before transfer (GPG and SMIME), Apache secret keys (I've not dared yet > think about that one), maybe some others if the PCI auditor feels like it. Yes. I have no experience in highly available services, let alone GnuPG in one. I'm just an enthousiast. I don't know if an OpenPGP Card is suitable (yet?) for situations where it is critical it always works. Since I upgraded to 2.1 on my laptop, I sometimes encounter issues right after plugging in my USB smartcard reader, which I solve by replugging. It could be that it's all rock solid when you always have it plugged in, or it could be that it sometimes stumbles and requires maintenance. That situation is not critical in personal use. "Have you tried turning it off and on again?". In your case, it might very well be critical. Like with a smartcard or RFID for access control. If the door doesn't open, you just try again. It's not a major issue if sometimes the card doesn't work on first use, and in practice, they don't always work on first use. Just watch out you don't run into the door because you expected it to open. Been there, done that :). > My impression is that there are no middle-ground options between the > cheap, personal use device and the super-expensive brick. You could be right, I don't know. I think it would certainly be useful if there was something in between. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From laurent at elanor.org Wed Sep 30 16:53:47 2015 From: laurent at elanor.org (Laurent Blume) Date: Wed, 30 Sep 2015 16:53:47 +0200 Subject: Non-interactive PIN not accepted, gpg hangs In-Reply-To: <560BED5C.4060403@digitalbrains.com> References: <560ADFC2.4050000@elanor.org> <560B212E.8080909@fsij.org> <560BA95B.8080408@elanor.org> <560BC556.1070902@digitalbrains.com> <560BCFB3.8070104@elanor.org> <560BD94C.1030602@digitalbrains.com> <560BE589.8000706@elanor.org> <560BED5C.4060403@digitalbrains.com> Message-ID: <560BF77B.1060609@elanor.org> Le 2015/09/30 16:10 +0200, Peter Lebbing a ?crit: > Yes. I have no experience in highly available services, let alone GnuPG in one. > I'm just an enthousiast. I don't know if an OpenPGP Card is suitable (yet?) for > situations where it is critical it always works. Since I upgraded to 2.1 on my > laptop, I sometimes encounter issues right after plugging in my USB smartcard > reader, which I solve by replugging. It could be that it's all rock solid when > you always have it plugged in, or it could be that it sometimes stumbles and > requires maintenance. That situation is not critical in personal use. "Have you > tried turning it off and on again?". In your case, it might very well be critical. > > Like with a smartcard or RFID for access control. If the door doesn't open, you > just try again. It's not a major issue if sometimes the card doesn't work on > first use, and in practice, they don't always work on first use. Just watch out > you don't run into the door because you expected it to open. Been there, done > that :). > Ah, yes, I'm well aware of that :) There are contingencies in case of failure, of course. It's repeated, multiple failures that are to be avoided, anything that can't be documented. Also, just to be clear: the super-expensive bricks I mentioned, I've not said they're in any way more reliable. They're not. Full of bugs, they are. Eg, our current ones, the network interface has to be forced at 10 Mbps/HD when they're connected to certain models of Cisco switches. Known issue, no fix. > You could be right, I don't know. I think it would certainly be useful if there > was something in between. There's got to be a market now. The current PCI-DSS requirements just beg for it. Laurent From doark at mail.com Wed Sep 30 19:17:17 2015 From: doark at mail.com (David Niklas) Date: Wed, 30 Sep 2015 13:17:17 -0400 Subject: How to get your first key signed Message-ID: <20150930131717.145e55b7@ulgy_thing> Hello, I create for myself a gpg key and want to get it signed, however I've sent out half a dozen requests and so far I've gotten only negative responses to the effect that I must know so-and-so and we must met in person (considering that the person responds at all). Now, I'm a student (think penny less), and live in a rural area 100mi from the nearest LUG and people out here are _very_ computer illiterate to the point where educated people think that turning a computer off will damage it, or that the computer loses power (1GHz becomes .2GHZ), as it grows older. So no one has a key, at all. And they would not want to help create a web of trust even if I asked and explained it to them. They just don't believe in security around here (Oh, that would never happen to me! There are laws against that! You are a security freak.) I want to develop FOSS and feel obligated to get a key to protect uses of the software I'm modifying from MITM attacks. Thanks, David -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From rjh at sixdemonbag.org Wed Sep 30 21:58:51 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 30 Sep 2015 15:58:51 -0400 Subject: How to get your first key signed In-Reply-To: <20150930131717.145e55b7@ulgy_thing> References: <20150930131717.145e55b7@ulgy_thing> Message-ID: <560C3EFB.4020405@sixdemonbag.org> > I create for myself a gpg key and want to get it signed More important than whether your certificate gets signed is who signs the certificate, who they are connected to, and so on. Some people will sign almost anything. People who get a reputation for signing anything develop a reputation for their signatures being meaningless. Some people have very strong requirements before they'll sign. Their signatures are often worth quite a lot of credibility, but good luck getting them. The good news is this *can be done*. I promise. The best thing you can do right now is to get involved in the community. Get engaged in the mailing lists (here, PGP-Basics, Enigmail-Users are three good ones). And when you post, sign your messages. Over time people will come to trust that your signature connects to the real you, even if they can't promise that your name really is David Niklas, or can't say what you look like. Once you've got a couple of years' track record of consistently using the same certificate, consistently contributing to mailing lists and FOSS projects, consistently being part of the solution and not part of the problem ... I promise, you'll find people who are willing to vouch for you. There is no quick way, no shortcut. But I think you'll find that although it takes a while, it isn't hard, either. :) > Now, I'm a student (think penny less), and live in a rural area 100mi > from the nearest LUG and people out here are _very_ computer illiterate > to the point where educated people think that turning a computer off > will damage it, or that the computer loses power (1GHz becomes .2GHZ), > as it grows older. I grew up on a farm in the middle of nowhere. I know *exactly* what that's like. > I want to develop FOSS and feel obligated to get a key to protect uses > of the software I'm modifying from MITM attacks. So, first, host your software publicly, somewhere that it's easy to find. GitHub works great, but there are a lot of options. On whatever page you use for your FOSS work, put a notice that says "My GnuPG certificate is 0xDEADBEEFDECAFBAD, and you can download signatures for all the tarballs over here." It works. Seriously. :) Welcome to the community! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1016 bytes Desc: OpenPGP digital signature URL: From mateusz at nitrokey.com Wed Sep 30 21:46:37 2015 From: mateusz at nitrokey.com (Mateusz Zalega) Date: Wed, 30 Sep 2015 21:46:37 +0200 Subject: Decryption fails with 4096bit key on SmartCard Message-ID: <560C3C1D.3060407@nitrokey.com> Hi Marcus, > Ok, I'm not sure whether someone from the Nitrokey team is following this > list, so I'll contact them and ask them to reproduce this. The card claims > to support 4096bit and since the key is on the card it should be possible > to use it, too... Fingers crossed... ;) I got a heads-up just today, thanks for sharing your problem! I assumed you're using Nitrokey Pro. I couldn't reproduce your case both using package versions you mentioned and slightly earlier ones available in Debian-testing I use for development. Each time I generated a 4096-bit RSA encryption subkey, successfully copied it to a OpenPGP 2.1 card and decrypted using it. Could you send a detailed list of steps that need to be taken to reproduce this bug? Otherwise I can't really address it. Best, Mateusz -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From kloecker at kde.org Wed Sep 30 22:46:10 2015 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Wed, 30 Sep 2015 22:46:10 +0200 Subject: How to get your first key signed In-Reply-To: <560C3EFB.4020405@sixdemonbag.org> References: <20150930131717.145e55b7@ulgy_thing> <560C3EFB.4020405@sixdemonbag.org> Message-ID: <1744841.Zi8niS1uUW@thufir> On Wednesday 30 September 2015 15:58:51 Robert J. Hansen wrote: > > I create for myself a gpg key and want to get it signed > > More important than whether your certificate gets signed is who signs > the certificate, who they are connected to, and so on. > > Some people will sign almost anything. People who get a reputation > for signing anything develop a reputation for their signatures being > meaningless. Some people have very strong requirements before > they'll sign. Their signatures are often worth quite a lot of > credibility, but good luck getting them. > > The good news is this *can be done*. I promise. > > The best thing you can do right now is to get involved in the > community. Get engaged in the mailing lists (here, PGP-Basics, > Enigmail-Users are three good ones). And when you post, sign your > messages. Over time people will come to trust that your signature > connects to the real you, even if they can't promise that your name > really is David Niklas, or can't say what you look like. Additionally to what Robert wrote you should upload your key (0x9B75C2AE183660FF) to the keyservers. Otherwise, nobody can check your signatures. I tried to download it, but failed: # gpg --recv-keys 0x9B75C2AE183660FF gpg: requesting key 183660FF from hkp server pool.sks-keyservers.net gpgkeys: key 9B75C2AE183660FF not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: This is a digitally signed message part. URL: