Skip to main content
Information Security

Questions tagged [gnupg]

Ask Question

GNU Privacy Guard (GnuPG or GPG) is an open source implementation of PGP, a file encryption and signature tool widely used for emails

786 questions
Newest Active Bountied Unanswered
0 votes
1 answer
54 views

Passing password through terminal when using pass + gpg

I'm planning to use the pass to store passwords for a web service. My service will need to store passwords for many database servers. So my idea is store these passwords with the Linux pass command. I ...
cstff's user avatar
cstff
  • 3
0 votes
0 answers
9 views

What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]

I use linux and tend to distro hop a lot. I've noticed often that the distributions offer that you verify the download with a sha256sum hash and a GPG key. My understanding is that a file, e.g. a ...
dbqp's user avatar
dbqp
  • 1
1 vote
1 answer
68 views

Restructure PGP Keys

How do I restructure my keys from current/old setup to new setup? The new setup would allow better key-management: isolation of primary-key and rotation of sub-keys. Current/Old Setup: PrimaryKey - CS ...
R G's user avatar
R G
  • 31
1 vote
0 answers
62 views

How to verify the downloaded Mozilla Firefox binary? [duplicate]

I'm wondering about the correct steps when you want to download Firefox from their server and validate it has not been tampered with. Assume you download the latest Firefox tar-bz2-package from https:/...
Gere's user avatar
Gere
  • 147
1 vote
1 answer
315 views

Now that `sshcontrol` has been deprecated, how to use gpg key for ssh authentication with an agent?

The GnuPG Manual states that: This [sshcontrol] file is deprecated in favor of the "Use-for-ssh" attribute in the key files. What is now the correct way to configure gpg / gpg-agent to use ...
a2k42's user avatar
a2k42
  • 123
0 votes
0 answers
39 views

Types of certificate? [duplicate]

What types of certificates are there? I was checking online and I found several different types, some at the level of the format of the certificate (x509, PEM, DER), and one at the application level (...
anonymous's user avatar
anonymous
  • 67
0 votes
1 answer
135 views

Launch a process with secrets as environment variables

I have a process that needs secret keys to be passed as environment variables. That is for historical reasons. I have a AWS machine where this process runs but I do not want to store these keys in ...
Henrique Bucher's user avatar
Henrique Bucher
  • 103
0 votes
2 answers
74 views

gpg security on a shared Linux machine

AFAIK, the few ways private information from gpg can get leaked to other users on a shared Linux machine is: someone with root access can access gpg's files someone with root access can access gpg's ...
aackmann's user avatar
aackmann
  • 29
1 vote
1 answer
155 views

GnuPG (gpg) specify multiple keyservers

Specifying multiple keyservers doesn't seem to work correctly, and gpg always uses just the first key server. I have the following two lines in my dirmngr.conf: keyserver hkps://keys.openpgp.org ...
aackmann's user avatar
aackmann
  • 29
1 vote
1 answer
116 views

GPG deleted key/disassociation

I had a key that I accidentally deleted from the keyring a while ago and I'd like to dissociate my name from it. I still have the key as well as the revocation certificate. I made another keypair ...
primeCEOstack's user avatar
primeCEOstack
  • 23
1 vote
1 answer
310 views

GPG can't decrypt my data because of an invalid packet

I have an encrypted data containig some of my data that I am unable to decrypt. It is archived with tar, compressed with gzip and encrypted with gnupg. Today I tried to decrypt it with gpg and it ...
Nicolas Dumitru's user avatar
Nicolas Dumitru
  • 111
0 votes
1 answer
62 views

Does gpg support storing public keys in encrypted state?

I know this might sound counter-intuitive, but is it possible to configure gpg to store public keys in encrypted state on disks? Such that when encrypting a message to someone, user would be asked to ...
aackmann's user avatar
aackmann
  • 29
0 votes
0 answers
22 views

How to recover my password from my file.key [duplicate]

I don't remember my passphrase for my PGP key that was created several years ago. How can I decrypt my file.key to recover it? Or what should I do to recover it from my file.key?
BitCoinsBank's user avatar
BitCoinsBank
  • 1
0 votes
1 answer
219 views

Convert PGP key to X.509?

Can I convert a PGP key to X.509, using OpenSSL or GNUPG? Aren't these only container/wrapper formats?
Geremia's user avatar
Geremia
  • 1,783
4 votes
1 answer
602 views

Should one really disable AEAD for recent GnuPG created PGP keys?

Apparently, there are some problems with the new defaults that are set when one creates a PGP key using a recent version of GnuPG (2.4). I ran into this after generating a new ECC/ED25519 key to ...
Tobias Leupold's user avatar
Tobias Leupold
  • 143

15 30 50 per page
1
2 3 4 5
53