Page MenuHome GnuPG
Feed Advanced Search

Aug 2 2021

JW-D added a comment to T5539: Key generation on OpenPGP Version 3.4 card fails.

Thank you! But let me mention, that my older smart cards (Version 2,2) holding also RSA-4096 keys. They could be generated on card without any problem. I had the problem only with OpenPGP cards version 3,4. This I would like to strenghten.

Aug 2 2021, 8:35 AM · can't replicate, OpenPGP, scd, Bug Report, gpg4win
JW-D added a comment to T5539: Key generation on OpenPGP Version 3.4 card fails.

My setting is RSA-4096 key. Also it showed "pipe was broken", but it disappeared too quickly, so I do not have a screenshot from that.

Aug 2 2021, 7:40 AM · can't replicate, OpenPGP, scd, Bug Report, gpg4win

Aug 1 2021

JW-D created T5539: Key generation on OpenPGP Version 3.4 card fails.
Aug 1 2021, 9:57 PM · can't replicate, OpenPGP, scd, Bug Report, gpg4win

Jul 18 2020

JW-D added a comment to T4992: ssh Yubikey not recognized, but Yubikey works with GPG well.

I started "gpgconf --launch gpg-agent" and afterwards PuTTY. Then I am asked to "login as:". After entering the username, the error "PuTTY Fatal Error: No supported authentication methods available (server sent: publickey)" occurred.

Jul 18 2020, 9:05 PM · ssh, yubikey, Bug Report, gpg4win

Jul 15 2020

JW-D added a comment to T4992: ssh Yubikey not recognized, but Yubikey works with GPG well.

I used already the mentioned blog ass base of my work. But the Yubikey is not recognized in ssh and I do not know how to mitigate.

Jul 15 2020, 1:50 PM · ssh, yubikey, Bug Report, gpg4win

Jul 14 2020

JW-D added a comment to T4992: ssh Yubikey not recognized, but Yubikey works with GPG well.

Sorry, my fault. I found this command line in the internet (I am relatively new) so I mixed it up. Ok, skip ssh-add, it was my mistake! But the problem is that my Yubikey is not recognized by PuTTY in an ordinary ssh session. In the cmd window and in Cleopatra it works, but not with PuTTY.

Jul 14 2020, 8:54 AM · ssh, yubikey, Bug Report, gpg4win
JW-D added a comment to T4992: ssh Yubikey not recognized, but Yubikey works with GPG well.

No, you are wrong, I speak not about OpenSSH!!! I speak from PuTTY. As explained in my first message, if I copy my ssh key on an USB stick and if I use PuTTY in combination with this stick, it is fine, I can connect to my server. If want to use my Yubikey 5NFC in combination with PuTTY, ssh authentication fail!

Jul 14 2020, 8:06 AM · ssh, yubikey, Bug Report, gpg4win

Jul 11 2020

JW-D created T4992: ssh Yubikey not recognized, but Yubikey works with GPG well.
Jul 11 2020, 2:12 PM · ssh, yubikey, Bug Report, gpg4win

Mar 4 2020

JW-D added a comment to T4863: Yubikey 5Ci for iPhone.

The new Yubikey 5Ci does NOT work with NFC, this is wrong. This Yubikey is delivered with two connectors: A lightning and an USB-C, see: https://www.mtrix.de/shop/yubikey-5ci/. The key can be connected to a laptop and an iPhone by plug-in. So the new Yubikey 5Ci does not require NFC at all. You refer to the Yubikey 5 NFC. This technology is not supported by developers because they do not have experiences there. With the plug and play functionality of a lightning connector it is easier and few application already exist (e.g. Yubico authenticator and several password manager in the professional edition). Hope this information will be useful for you.

Mar 4 2020, 7:04 PM · yubikey, Feature Request

Mar 1 2020

JW-D created T4863: Yubikey 5Ci for iPhone.
Mar 1 2020, 5:17 PM · yubikey, Feature Request

Jan 14 2020

JW-D added a comment to T4802: Yubikey not recognized.

At least one configuration error I could identify by myself: Kleopartra -> GnuPG-System -> Smartcard -> Connecting Reader with port N. If it is written: Yubico YubiKey OTP+FIDO+CCID 0 then Yubikey is recognized. I forgot to write "Yubico Yubikey" at the beginning and the "0" at the end. Now smart cards and Yubikeys are working for gpg. What is still a problem is SSH. A SSH key is on smart card or the Yubikey.

Jan 14 2020, 8:38 PM · Bug Report, gpg4win

Jan 12 2020

JW-D added a comment to T4802: Yubikey not recognized.

Werner, no silly questions exist, only silly answers are existing. However, Yubikey is enabled for usb. I using Yubikey Manager a GUI, for the USB interface it is enabled: OTP, FIDO, FIDO U2F, OpenPGP, PIV and OATH. Thanks also for the suggested command line test. Indeed an error code shows up:

Jan 12 2020, 3:56 PM · Bug Report, gpg4win

Jan 9 2020

JW-D added a comment to T4802: Yubikey not recognized.

Please, note the following uncommon behavior:

Jan 9 2020, 9:30 PM · Bug Report, gpg4win

Jan 8 2020

JW-D created T4802: Yubikey not recognized.
Jan 8 2020, 7:27 PM · Bug Report, gpg4win

Dec 22 2019

JW-D created T4790: German special characters will not be decrypted in a proper way.
Dec 22 2019, 11:10 AM · Bug Report, gpg4win

Sep 9 2019

JW-D added a comment to T4687: GpgOL does not show signature validation of German Buerger-Cert-Warnings for some months.

Today a new signed message from BSI Buerger CERT was received. The PGP signature could be verified by first opening of the document. As I opened the file some hours later again, it failed, as I opened it a third time (shortly after the second time), the signature was verified. Outlook was not closed between the second and third opening. Signature verification appears unstable.

Sep 9 2019, 4:52 PM · gpgol, Bug Report, gpg4win
JW-D added a comment to T4687: GpgOL does not show signature validation of German Buerger-Cert-Warnings for some months.

The signature of the latest communication from German Buerger CERT Warnings could be read and the signature could be verified. I tried also with Hasso-Plattner-Institute (Identiy leak checker), the same result. I do not understand, why all signature verification failed last week, and they can be verified this week. However, at the moment it seems to work fine.

Sep 9 2019, 9:33 AM · gpgol, Bug Report, gpg4win

Sep 4 2019

JW-D added a comment to T4687: GpgOL does not show signature validation of German Buerger-Cert-Warnings for some months.

I have the same problem since today with Outlook 2016. In the past months / weeks GpgOL version 2.4.2 worked fine. I received some mails today signed by the German Buerger CERT warnings. The signature as "asc" file was attached, but could not be verified. Today I received also a PGP signed e-mail from Hasso-Plattner-Institute (Identity leak checker), also this signature could not be checked. Both worked fine in the past and the public keys stored in Kleopatra are valid.

Sep 4 2019, 6:17 PM · gpgol, Bug Report, gpg4win

Jul 27 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

The card was replaced by the vendor. It seems to be a problem with the specific card. All other cards so far worked well. The issue can be closed.

Jul 27 2019, 2:37 PM · scd, Bug Report

Jul 20 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I applied the following with gpg-connect-agent --hex:

Jul 20 2019, 3:46 PM · scd, Bug Report

Jul 19 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I do not wonder, that you face difficulties to reproduce it. It happened only with one card from my six cards; so five cards working fine. Therefore, I thought that this particular card was may dead at arrival and I contacted the vendor. They refused to replace it with the comment, it would be a well known issue. Do you know a test where I can demonstrate that the card is dead at arrival?

Jul 19 2019, 8:21 AM · scd, Bug Report

Jul 18 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I use the internal driver.

Jul 18 2019, 8:37 PM · scd, Bug Report
JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

All my keys are RSA 4096. It worked fine with OpenPGP smart cards and with two Yubikey 5. On all devices a set of RSA 4096 keys were geneated on the device itself. Only one card failed. But even the card which failed, generated at least the signature key in RSA 4096.

Jul 18 2019, 8:18 AM · scd, Bug Report

Jul 17 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I should may add, that on the card which failed, only the signature key was generated and written to the card. The authentication and encryption keys could not be generated..

Jul 17 2019, 8:06 AM · scd, Bug Report

Jul 16 2019

JW-D created T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.
Jul 16 2019, 8:27 PM · scd, Bug Report

Jul 10 2019

JW-D added a comment to T4517: de-mail and GPG with Smart Card no decryption.

Hi Maximilian,

Jul 10 2019, 12:55 PM · Bug Report, gpg4win

Jul 2 2019

JW-D added a comment to T4517: de-mail and GPG with Smart Card no decryption.

Thanks, this is excellent news! I´ll check it, if the new Mailvelope version is available and I´ll let you know about the outcome. If the new version is released, let me know!

Jul 2 2019, 8:27 PM · Bug Report, gpg4win

May 16 2019

JW-D added a comment to T4517: de-mail and GPG with Smart Card no decryption.

The problem could be narrowed as follows: According to Mailvelope Add-on, GnuPG must be installed for smart card support. Screenshots show that GnuPG is not recognized by Mailvelope. Of course actual versions off all programs were installed. Therefore, e-mails sent out ecrypted with public key work fine, because the public key is stored in Mailvelope. Is the encrypted message arrives and should be decrypted. Mailvelope does not find GnuPG and therefore, no private key. I´ll send some screenshots to you.

May 16 2019, 2:48 PM · Bug Report, gpg4win

May 15 2019

JW-D created T4517: de-mail and GPG with Smart Card no decryption.
May 15 2019, 4:18 PM · Bug Report, gpg4win

May 2 2019

JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

On think should be mentioned. Both accounts are IMAP, but the Posteo account has one particular feature. All inbound traffic from their server to my client (receiving e-mails) is encrypted with my own public S/MIME certificate (they call it "Eingangsverschlüsselung") so all non-encrypted e-mail will be treated between Posteo server and my client as S/MIME end-to -end encrypted e-mails. This is not the case with the t-online account (there it is just TLS encrypted). However, I believe a PGP signature verification should happen after S/MIME decryption on the client.

May 2 2019, 10:20 AM · Bug Report, gpg4win
JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

This account is IMAP, nothing special, I´ll send a screenshot from the add-ins by e-mail.

May 2 2019, 10:01 AM · Bug Report, gpg4win
JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

Well, I deinstalled gpg 3.1.7 and reinstalled it. For some reason my two gnupg smart cards work fine, but my two Yubikeys cannot be detected anymore (no such device). But in the last weeks, they were deteced, only the switching between Yubikey and Smart Card made some trouble. That they cannot be recognized is new and makes real trouble. If you think it would maybe helpful, I can submit a scdaemon.log file by e-mail.

May 2 2019, 9:52 AM · Windows, kleopatra, Bug Report, gpg4win
JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

The debug file will be sent by e-mail to you immediately. THANKS

May 2 2019, 9:38 AM · Bug Report, gpg4win

Apr 30 2019

JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

So long I change between smart cards, I can do it multiple times. If a Yubikey is recognized and a smart card follows next it will not work. Most recently I face also problems to detect the Yubikey (Message: no such device), but Smart Cards still working fine.

Apr 30 2019, 10:18 AM · Windows, kleopatra, Bug Report, gpg4win
JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

Did you get the screenshots from Thunderbird (works fine in both accounts) and Outlook (failure in one account)? If not, please provide e-mail address.

Apr 30 2019, 10:09 AM · Bug Report, gpg4win

Apr 24 2019

JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

Screenshots were sent by e-mail to you. Thunderbird and Outlook screenshots are different.

Apr 24 2019, 4:46 PM · Bug Report, gpg4win
JW-D added a comment to T4463: GpgOL with different accounts in Office 2016 does not work in every account.

I am quite sure! Because, (1) I opened both mails on another computer were Thunderbird is installed. Both signatures can be verified on both accounts with Thunderbird. Both mails were sent out with PGP signature by HPI Identity Leak Checker Team, so the signature generally works fine. (2) If I save the key which is as asc file in the attachment (in the account which does not work) on computer and perform then a check of the signature, I receive a input / output error in Kleopatra. I will make some screenshots, and I´ll send it by mail to you.

Apr 24 2019, 4:04 PM · Bug Report, gpg4win

Apr 18 2019

JW-D created T4463: GpgOL with different accounts in Office 2016 does not work in every account.
Apr 18 2019, 12:21 PM · Bug Report, gpg4win

Apr 13 2019

JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

By installation from version 2.3 an error occurred, I´ll send you a screenshot by e-mail. However, I have some comments to the current version which may also help: I have three keys, two on smart cards and one on a Yubikey. So long as only smart cards are used, it is no problem to change between the cards and they work fine. Problems occur, if a Yubikey comes in. (i) Not always a Yubikey is recognized by pressing F5. (ii) It the Yubikey is recognized and next a key from a smart card is needed, a computer restart is required.
I tried also command: gpgconf --kill gpg-agent
It was possible to change from smart card to Yubikey with the command. However, if the Yubikey 5 NFC was recognized, the only way to change back to the smart card was a restart of the computer.

Apr 13 2019, 5:02 PM · Windows, kleopatra, Bug Report, gpg4win

Apr 8 2019

JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

I´ll give it a try for sure! Probaly next weekend, so my feedback will be sent next week. Please, keep the file open. THANKS

Apr 8 2019, 3:52 PM · Windows, kleopatra, Bug Report, gpg4win
JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

After re-start, the smart card will be recognized in proper way and it works. I assume it has something to do with using Yubikey and smart cards with different keys alternatively. The Yubikey was not found originally, so I modified the following:

Apr 8 2019, 12:12 PM · Windows, kleopatra, Bug Report, gpg4win
JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

Kleopatra recognizes the smart card, shows the correct version number and keys in the "smart card - management" window. In the Keylist I can´t find the key. Currently GnuPG 2.2.15 is installed. Do you know then version 2.3. will be released?

Apr 8 2019, 9:44 AM · Windows, kleopatra, Bug Report, gpg4win
JW-D added a comment to T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.

Well, I can narrow the root case. A Yubikey 5 was successfull installed and can be used. Then I started to test the OpenPGP card. I recognized, that by pressing F5 in Kleopatara a change between YubiKey and Smart Card happens. However, if I test it via command line, Yubikey does not change, although it is dismounted and the smart card is inserted. Probably therefore, the private key cannot be found. It should be mentioned that I have a computer with integrated smart card reader. First I configured the card, then the Yubikey. I started to test the Yubikey first. Therefore, I believe it is a mess in detection of smart card / Yubikey if used parallel.

Apr 8 2019, 8:02 AM · Windows, kleopatra, Bug Report, gpg4win

Apr 7 2019

JW-D created T4451: Kleopatra: OpenPGP Smart Card decription / private key not found.
Apr 7 2019, 2:25 PM · Windows, kleopatra, Bug Report, gpg4win

Feb 27 2019

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I agree! THANKS

Feb 27 2019, 2:47 PM · gpgol, gpg4win

Jan 9 2019

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Indeed in view of this data, it seems to be that the problem occurs by Microsoft. It fits also with the fact, that all other signatures are working fine from my experience.

Jan 9 2019, 1:34 PM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

A pristine file I do not have, because every file passes GpgOL before displayed. I suggest, you subscribe to the service and if you de-install GpgOL, you should obtain a pristine file.

Jan 9 2019, 11:41 AM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

No, I can´t confirm it, I get no reason displayed. The key which I use is shown in my screenshot (I´ll send by e-mail)

Jan 9 2019, 9:43 AM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I must make a correction of my earlier statement from today. The three Microsoft messages were not displayed in the same order on the screen on both machines. I must say, that on Outlook 2016 AND Thunderbird PGP verification still fails by "Microsoft Security Update Releases". It is the same situation as last year, nothing has been changed. I sent two files in EML format and some screenshots to A.Heinecke today.

Jan 9 2019, 9:33 AM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Yesterday Microsoft issued three PGP signed mails. It is the first communication after MSRC confirmed failure of verification and promised to have internal procedures changed. I received those mails on two different machines, one equipped with Outlook 2016, the other with Thunderbird. Last year all messages failed on Outlook and Thunderbird, if the were issued from "Microsoft Security Update Releases".

Jan 9 2019, 9:13 AM · gpgol, gpg4win

Jan 7 2019

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Please, provide e-mail address, then I´ll send it asap

Jan 7 2019, 10:42 AM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Very strange, but I tried it by myself, after your mail. The same for me. However, I can offer you to send two mails to you as EML files, one works, the other not. I using GnuPG also for verification from BSI newsletter, it works fine there. The problem is only with newsletters from "Microsoft security update releases", other Microsoft security notifications can be verified as well.

Jan 7 2019, 10:18 AM · gpgol, gpg4win
JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Yes, GpgOL in version 2.3.2 fails to verify the original message, it is labeled as "not-secure". But it happens only to "Microsoft security update releases", not to other Microsoft Security Notifications which I receive on regular base. I contacted Microsoft Security Responce Center (MSRC) and they confirmed the failure of signature verification in this case. They were not aware about it, but checked it by them self after my mail. They had no explanation for that. Labeling the message as "not-secure" would may indicate that it would be altered in transport, but MSRC did not say that. Therefore, I still assume, that we have a bug in GnuPG.

Jan 7 2019, 9:19 AM · gpgol, gpg4win

Dec 28 2018

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I contacted Microsoft Security Response Center (MSRC) in regard to this matter. They confirmed the failed PGP key verification, but have not yet any explanation for that.

Dec 28 2018, 4:12 PM · gpgol, gpg4win

Dec 21 2018

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

Sure, I zipped the eml which failed and I´ll send it by e-mail to you

Dec 21 2018, 9:38 AM · gpgol, gpg4win

Dec 20 2018

JW-D added a comment to T4299: Problem to verify PGP key used by Microsoft.

I checked my mails in detail, and I can confirm that the error occurs only with "Microsoft security update releases". Indeed "Microsoft security advisory notification" and "Microsoft security update summary for..." will be verified correctly.

Dec 20 2018, 9:39 PM · gpgol, gpg4win
JW-D created T4299: Problem to verify PGP key used by Microsoft.
Dec 20 2018, 8:38 AM · gpgol, gpg4win

Nov 18 2018

JW-D added a comment to T4203: Problems with attachment contnuous.

My problem isn´t linked to forwarding encrypted e-mails and / or attachments. It occurs by ordinary PGP mails WITH attachments which are not ASCII format. Encrypted e-mails without attachmoments or in ASCII format will be delivered.

Nov 18 2018, 9:41 AM · Bug Report, gpg4win

Nov 13 2018

JW-D added a comment to T4131: Sending a mail with Office attachments fails on Outlook 2016 with gpg4win 3.1.3 (GPGOL 2.3.0).

Default settings in Outlook are as following: (i) S/MIME encryption disabled, (ii) S/MIME signature enabled.

Nov 13 2018, 10:16 AM · gpgol, Bug Report

Nov 10 2018

JW-D added a comment to T4203: Problems with attachment contnuous.

Indeed, I use a S/MIME certificate in Outlook for signing by default all e-mails. However, if I intend to send a PGP mail, I manually disable this feature and I manually opt for PGP signature & encryption. I am sure, that this standard procedure applied in this case. Therefore, I am surprised, that the message appears.

Nov 10 2018, 3:06 PM · Bug Report, gpg4win

Oct 22 2018

JW-D added a comment to T4203: Problems with attachment contnuous.

Thanks for the quick reply!

Oct 22 2018, 12:11 PM · Bug Report, gpg4win
JW-D created T4203: Problems with attachment contnuous.
Oct 22 2018, 7:50 AM · Bug Report, gpg4win

Oct 16 2018

JW-D added a comment to T4162: Mails with attachments cannot be sent.

I decided today to install the beta version and give it a try, because the final version is not yet released. I still facing major problems, see attachment. The mail will not be delivered, but Outlook does not crash as before.

Oct 16 2018, 12:02 PM · Bug Report, gpg4win

Sep 30 2018

JW-D created T4162: Mails with attachments cannot be sent.
Sep 30 2018, 9:03 AM · Bug Report, gpg4win