- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Apr 29 2021
Apr 28 2021
@gniibe can you provide any commentary on why the gnupg ccid udev rule is so much smaller than the one debian maintains? Is the debian one considered authoritative these days?
The patch references the following bug:
Should be mostly done. What's missing is selection of groups in the approval dialog. Groups are not (yet) supported by the KeySelectionCombo.
when I insert: gpg --verify -v Bisq-64bit-1.6.2.exe.asc at the command line (at windows), I get the answer:
gpg: cannot open "Bisq-64bit-1.6.2.exe.asc": No such file or directory
gpg: verify signatures failed: No such file or directory
Please try to verify on the command line (cmd.exe):
Thanks @gniibe, that's very helpful advice and pointers. Very appreciated, cheers.
Thank you all for the help. I thought this was a bug with pinentry itself but appears to be dbus related based on the above command.
Perhaps, if a distro haven't offered setting of USB, it would be better to configure GnuPG build with --disable-ccid-driver and only support scdaemon with PC/SC. GPG for Windows does so.
- It's a breaking change for system with both of PC/SC and CCID. T4673 due to T3300
- If you configure with no libusb, users don't need 'disable-ccid' option.
- I don't know how "wide".
- In Debian, it is maintained here: https://salsa.debian.org/debian/gnupg2/-/blob/debian/main/debian/scdaemon.udev
- Yes.
To set DISPLAY, dbus-update-activation-environment is your friend.
FYI, for me, on a machine with Debian GNU/Linux, I use Sway, it works fine with pinentry-gnome3.
Backported in rC3f48e3ea37ad: ecc: Check the input length for the point..
I have installed the Gnome keyring prompter and there seems to be a problem using the Wayland display
Apr 27 2021
The curve is not defined to be used for ECDH (encryption); in fact it should in general only be used with the EdDSA
algorithm. You need to use "Key-Type: eddsa". Note that the EdDSA signing algorithm is different than the commonly used ECDSA signing algorithm.
Can you please port this also to 1.8?
Thanks for the quick response Werner. I knew I could use it with quick-gen-key and I’ve updated my config file to have it as default.
But, just for my understanding, is there a reason ed25519 cannot be used with full-gen-key and gen-key in batch mode?
You can't use ecdh with ed25519.
Apr 26 2021
Hi, as a contributor to NixOS I'd also like some guidance. I'm testing the 2.3 upgrade ahead of 2.4, and it "breaks" Yubikey UX that I know many of us use. This might be because we appear to not yet install gnupg's CCID udev rules installed. A few questions:
Please install the Gnome Key Ring prompter tool or use the plain GTK pinentry.
I do have the same Problem.
It started about 2 weeks ago.
Update:
It looks like OpenSSH version 8 now supports ssh-agent's handling REQUEST_IDENTITIES.
Apr 25 2021
Thank you for the suggestion of disable-ccid that seems to have solved the problem.
Apr 24 2021
Apr 23 2021
Searching the web "Why UAC is important" finds a lot of explanations https://www.digitalcitizen.life/uac-why-you-should-never-turn-it-off/
I've also suggested 3.1.14, but the changelog for 3.1.15 lists two potential important defects fixed for GPGOL (the empty recipient and the auto-retrieve).
My suggestion would be to just keep using 3.1.14 But yeah there will be a 3.1.16 / 4 Beta soonish.
I can confirm disable-ccid works, thank you!
Please have a look at the log:
https://wiki.gnupg.org/Gpg4win/RunAsUser has more explanation about this, and I had to give this to quite a number of people in support. (An improvement to the could be a link to a very good external or official explanation, does somebody know one? I've searched briefly but was not successfull to find strong recommendations by Microsoft.)
Thank you.
I'll report the original message problem.
Applied and pushed.