Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [openpgp]

OpenPGP is a standard for encrypting and decrypting data (RFC 4880) . PGP stands for Pretty Good Privacy (not to be confused with gpg: Gnu Privacy Guard)

18 questions
231
votes
4 answers

How to export a GPG private key and public key to a file

I have generated keys using GPG, by executing the following command gpg --gen-key Now I need to export the key pair to a file; i.e., private and public keys to private.pgp and public.pgp, respectively.  How do I do it?
rocky
  • 2,413
  • 2
  • 7
  • 5
34
votes
2 answers

GPG Hangs When Private Keys are Accessed

I like to sign my git commits with my PGP key, so I was quite alarmed when I went to git commit -S but instead of prompting for my PGP key passphrase, git just started hanging. I haven't made a change to my GPG setup in several months and have made…
John Leuenhagen
  • 1,147
  • 1
  • 7
  • 16
17
votes
1 answer

Why do GnuPG 2 and gpg-connect-agent fail with "ERR 67108983 No SmartCard daemon"?

Using Debian Jessie and GnuPG 2, each time I try to use GnuPG 2 (gpg2) or gpg-connect-agent together with an OpenPGP smartcard (in my case a YubiKey), the operation fails with a message $ gpg-connect-agent --hex "scd apdu 00 f1 00 00" /bye ERR…
Jens Erat
  • 2,233
  • 2
  • 21
  • 33
5
votes
2 answers

How to correctly change the passphrase of GPG's secret key?

I'm trying to change the passphrase of my GPG's secret key. I actually changed it using seahorse (Also tried gpg --edit-keys and passwd, but when I tried to export my private key it asks me for two passphrase now (Both new and old one) and uses the…
FooBar
  • 183
  • 2
  • 8
2
votes
1 answer

PGP key export is very long - how to shorten?

I recently needed to publish my PGP key. However the export is veeery long: $ gpg2 --list-secret-keys --keyid-format LONG /home/user/.gnupg/pubring.kbx ----------------------------- sec rsa4096/51DAE9B7C1AE9161 2015-06-17 [SCA] [expires:…
NicoHood
  • 131
  • 3
2
votes
4 answers

GPG error when I want to apt update

I just installed Kali NetHunter and I'm trying to do a simple apt update but it looks like a public key is missing root@kali:~# apt-get update  0% [Waiting for headers] [Connected to packages.microsoft.com (13.8Get:2…
Yox
  • 131
  • 1
  • 1
  • 5
2
votes
1 answer

Is there a standard XDG location for user secrets?

XDG defines ~/.config, ~/.cache and other shell-agnostic locations for user configuration files. Some applications define their own locations for user secrets, like ~/.ssh and ~/.gpg. Is there an XDG-defined location for user secrets? For example,…
lofidevops
  • 2,967
  • 6
  • 39
  • 58
2
votes
1 answer

GPG seems to alter imported keys

So I've never used gpg (2.0.14) before this week and I'm no cryptography pro, but the results I've been getting with gpg seem odd. When I import keys (e.g. gpg --import public.key) that were generated by OpenPGP, gpg seems to process them…
EricZ
  • 21
  • 2
2
votes
0 answers

How will libpam-poldi work with ecryptfs

I'd like to authenticate myself to my machine using my PGP SmartCard. I'm under the impression that I can do this using libpam-poldi. However, I also have directories that are encrypted using ecryptfs that are decrypted when I supply my unix…
llldino
  • 81
  • 3
1
vote
1 answer

How to know with which key a repository is signed by (and vice versa)?

I want to use the signed-by option on all the repositories of my /etc/apt/sources.list.d/debian.sources, point to the keys in /usr/share/keyrings instead of /etc/apt/trusted.gpg.d before disabling this directory, as I have understood, this old way…
Some_user
  • 33
  • 1
  • 7
1
vote
1 answer

Correct way to verify PGP signature in BASH script (pinning exact long fingerprint)

I have: A file A detached PGP signature of that file in ASCII armor format and A 40-character (long-format) fingerprint identifying the one key that must have a valid signature What is the correct way to write a BASH script to verify that the…
Michael Altfield
  • 172
  • 11
1
vote
0 answers

Mutt asks "Enter keyID", does not accept any IDs

I am trying to use Mutt with GPG to encrypt emails. Whenever I try to encrypt, I am asked to "Enter keyID for user@domain". No matter what I enter, it asks me to enter the value. I definitely have the key in my keystore. I have entered the full key…
Farhan Yusufzai
  • 211
  • 4
  • 7
1
vote
1 answer

How to use NFC-Only smartcard with GnuPG?

I'm trying to use an Android smartcard emulator (to see if a smartcard can fit into my workflow) with GnuPG on Debian Sid. I have libNFC configured with a pn532 breakout that can see the applet on the phone. I have spent a literal hour googling this…
BaconWaifu
  • 11
  • 3
0
votes
0 answers

Export GPG Private Key WITHOUT knowning the passphrase

so I spent many hours on this now and I hope someone can give me any useful input. I want to export an encrypted secret key from GPG (which lies in ~/.gnupg/private-keys-v1.d) but I do not have the passphrase. So the normal gpg --armor…
xyzabc123
  • 1
  • 1
0
votes
2 answers

Is it possible to reuse a GnuPG key in another installation?

I have a GPG key which I use to sign and submit packages to Launchpad. Is it possible to reuse that key in another installation, or do I always have to create a new key for the new installation of a GNU/Linux operating system?
Archisman Panigrahi
  • 309
  • 1
  • 3
  • 15
1
2