Skip to main content

Questions tagged [pgp]

Pretty Good Privacy (PGP)

Filter by
Sorted by
Tagged with
39 votes
2 answers
66k views

How to verify a file using an asc signature file?

As an example, this project offers an *.asc file with a PGP signature to verify the contents of the download (as opposed to a checksum, you can see the empty column): https://ossec.github.io/downloads....
user8897013's user avatar
18 votes
5 answers
24k views

Using PGP keys for SSH

I use a 4096 byte RSA PGP key; since SSH also uses the RSA standard, is it at all possible to use the PGP key as an SSH key without installing additional software on the server (and as little as ...
user18725's user avatar
  • 181
15 votes
1 answer
9k views

Automatically sign all commits with git [closed]

With git 1.7.9, it's possible to sign a commit with the -S option. Is it possible to set it default through git config --global? So instead of git commit -S -m 'Commit message', it would be just git ...
tamasd's user avatar
  • 253
14 votes
4 answers
9k views

Validating signature trust with gpg?

We would like to use gpg signatures to verify some aspects of our system configuration management tools. Additionally, we would like to use a "trust" model where individual sysadmin keys are signed ...
larsks's user avatar
  • 45.6k
13 votes
2 answers
10k views

Is it possible to use a gpg public key to encrypt a message without importing the key?

Sometimes I might want to use someone's gpg key to send a message but will have no need to ever use the key again. Importing the key in this instance seems unnecessary. I've searched, but can't find ...
Patrick Keery's user avatar
12 votes
6 answers
9k views

Generate entropy for PGP key

I'm logged onto a VM remotely and trying to generate a 4096bit PGP key, it just hangs forever because there is no entropy and since I'm working through remote desktop it probably does not detect the ...
redic's user avatar
  • 121
10 votes
3 answers
93k views

apt-key add on Debian Stretch: no valid OpenPGP data found

I'm trying to follow the installation instructions for Debian provided on Docker website. Unfortunately adding a GPG key fails for me: $ curl -fsSL https://download.docker.com/linux/debian/gpg | apt-...
Tad Lispy's user avatar
  • 201
8 votes
3 answers
4k views

Force the use of a gpg-key as an ssh-key for a given server

I configured ssh to use GPG as my ssh-agent and if I remove the ~/.ssh folder, I can ssh into my server fine using my gpg key. However, my ~/.ssh folder has over a dozen different ssh keys in it, and ...
Mike D's user avatar
  • 318
7 votes
1 answer
1k views

Mailing list + PGP/GPG support

I would like to create such mailing list where every contributor must sign his/her messages with PGP/GPG, otherwise mailing list software would block unsigned message. All PGP/GPG public keys of ...
user avatar
6 votes
2 answers
365 views

Sending HIPAA compliant e-mails

At a small office, my clients' HR department needs to communicate with some vendors regarding HIPAA-covered material. How do most companies deal with securely sending e-mails regarding HIPAA. I ...
Brett G's user avatar
  • 2,013
5 votes
3 answers
450 views

PGP: on the web, what if everything was tampered?

I am trying to wrap my head around how Public Key Cryptography can really work in a secure manner. From what I can gather, you go to example.com and download their PGP/GPG Public Key and add it to ...
Ken R.'s user avatar
  • 63
5 votes
3 answers
386 views

GPG/PGP Signatures & Encryption - An Academic Security Question

Digital Signatures Digital signatures take place whereby you apply your private key to a particular message (or the hash of that message in most cases). The recipient then takes your public key - ...
khosrow's user avatar
  • 4,173
5 votes
1 answer
3k views

Why does duplicity need a passphrase for OpenPGP encryption?

I'd like to use duplicity to backup files and I'd like to encrypt them with GnuPG. I was wondering why duplicity asks for a passphrase to encrypt the files. For asymmetric encryption the passphrase is ...
user avatar
4 votes
2 answers
580 views

Digital signatures and encryption in GMail

I just wonder if there is a way to use SSL certificates or PGP keys for signing my email. At the moment I have to setup S/MIME in Outlook (or another thick client) to send signed messages via SMTP. ...
Antonio's user avatar
  • 740
4 votes
1 answer
387 views

Implementing a PGP Key Server

I am fairly new to PGP and crypto in general. Let's say I have around 200 users and they are all going to have a PGP key for email encryption. I want to have a key server that can assign them keys and ...
user avatar
3 votes
3 answers
798 views

Exchange Encryped Email with PGP

My organization is currently looking into encrypting our emails internally as well as the occasional message to come outside recipients. The requirements are currently a bit overwhelming and I am not ...
user49349's user avatar
  • 101
3 votes
1 answer
4k views

Store PGP keys on Active Directory/Exchange?

I am looking to implement a transparent plugin for Outlook that would need no configuration at all. I was thinking of maybe using Active Directory/Exchange to store each user's public key and be able ...
Aki's user avatar
  • 210
3 votes
2 answers
5k views

PGP decryption fails with error for one file

We store database backups encrypted with PGP Command Line 9.7.0. Files look like 2009.bak.pgp Here's command line used to backup these files: pgp --encrypt F:\2009.bak --recipient [email protected] ...
user avatar
3 votes
1 answer
1k views

How to securely deploy PGP in a medium-sized business?

What are the best practices for deploying PGP in a medium-sized business? The idea I had was: Setup a PGP key server that all mail clients use Create a PGP for [email protected] All users ...
paj28's user avatar
  • 163
2 votes
3 answers
6k views

Best PGP/GPG Encrypt/Decrypt Script

Is there are good default python or simple shell script that I can use to encrypt and decrypt files via PGP/GPG? I would be running this script every 5 minutes.
Daniel's user avatar
  • 3,791
2 votes
3 answers
5k views

Update apt gpg key over puppet

The puppet apt repository PGP key has expired some days ago /etc/apt/trusted.gpg.d//puppetlabs-keyring.gpg ---------------------------------------------- pub 4096R/4BD6EC30 2010-07-10 [expired: ...
olliiiver's user avatar
  • 256
2 votes
2 answers
11k views

Generate fingerprint with PGP Public Key

I have a PGP public key and I need to get the fingerprint for it. My Public key is as such: -----BEGIN PGP PUBLIC KEY BLOCK----- mQlDBF4w............................ . . . =uYgH -----END PGP PUBLIC ...
Mervin Hemaraju's user avatar
2 votes
2 answers
3k views

Recovering from a Time Machine backup encrypted with PGP Whole Disk Encryption

Our entire organization requires PGP Whole Disk Encryption (WDE) to be used on all laptop and desktop computers. For Macs running Mac OS X 10.5 or later that are using Time Machine, the (local) Time ...
John Siracusa's user avatar
2 votes
3 answers
437 views

Threading of PGP Whole Disk Encryption on server

I wish to use a 2010 vintage quad core Xeon server to periodically encrypt 500GB eSATA drives. I have three questions: 1) I assume the current version of WDE is fully multi-threaded and throughput ...
Lunatik's user avatar
  • 133
2 votes
1 answer
4k views

Error logging with PHP and mod_fcgid

I have a mediawiki install that is acting up. Whenever I try to save an article, it goes to a blank screen. All though if I refresh that blank screen, it will go on to work. I have no idea why it's ...
nbv4's user avatar
  • 603
2 votes
2 answers
6k views

How to setup secure blackberry email that uses PGP encryption?

Im looking to setup private, secure email accounts. I'd like to use PGP encryption. What are my options for doing so?
user avatar
2 votes
2 answers
217 views

Workstation imaging on top of full disk encryption

Is it possible to use imaging tools (e.g. Acronis Snap Deploy, or possibly SystemImager) to deploy workstation images to laptops that have PGP full disk encryption? How could I go about doing this? ...
mortabis's user avatar
2 votes
1 answer
2k views

Decrypt incoming pgp mail with procmail

Currently I have a running Postfix server which delivers incoming mail through procmail. That works fine but now I want to decrypt any incoming mail which is encrypted with pgp automatically. So I ...
user2626702's user avatar
2 votes
2 answers
774 views

How can I confirm which specific S/MIME public key was used to encrypt an email?

CentOS 5.8 Is there an easy way to tell what specific public key was used to encrypt an email? My email gateway isn't able to decrypt an inbound S/MIME message and I'm suspecting that the remote ...
Mike B's user avatar
  • 12.1k
2 votes
1 answer
198 views

Are PGP Universal keys compatible with the openPGP standard?

I'm having issues importing a PGP Universal Public key on a system that supports openPGP. Are these two different standards/formats? Should they be compatible?
Mike B's user avatar
  • 12.1k
2 votes
1 answer
118 views

Single IP address accessing private URLs in emails I'm sending

I'm the IT/programmer guy at a small translation company. I just sent out emails to our translators around the world with an unique URL for them to come into our site and update their password. eg: ...
KiteTranslator's user avatar
2 votes
1 answer
177 views

PGP - MailCloak/Gpg4Win/etc

I have used Gpg4Win in the past along with FireGPG to have encryption on my emails. I am needing to roll this out to quite a few more people and was wondering if anyone else had some products they ...
user avatar
1 vote
6 answers
538 views

Encrypted Email and Proxy to Bypass the Great Firewall [closed]

I have some friends travelling to China, and they would like to get email, use Skype, and browse the web without the fear of the government looking over their shoulder. My first thought is to set up ...
Lance Fisher's user avatar
1 vote
2 answers
300 views

Need convincing PGP public key needs to be changed

So the situation is thus. We're working with another company and as part of some file distribution processing we have to encrypt some files before they are sent. The company in question sent us ...
djhworld's user avatar
  • 113
1 vote
2 answers
101 views

Certificate Security in intranet Environment?

We have this topology in our company : A new rule says that each document being sent by outlook should be encrypted. we decided using PGP. We already have a certificate ( self signed). the ...
Royi Namir's user avatar
1 vote
1 answer
215 views

Retrieving data from "literal data packet" or store file

I regularly receive data using pgp encryption. Typically if I run a gpg --list-packets on a file I see the file as a "pubkey enc packet" then an item about my private key. At that point I ...
RunThor's user avatar
  • 209
1 vote
2 answers
446 views

How to drop keys from internal sks keyserver

How do I drop keys from an internal SKS keyserver. SKS fingerprints are in SHA1, but sks drop command is looking for an md5, how do I properly get the MD5 fingerprint from a key on an sks keyserver. ...
Jacob Evans's user avatar
  • 8,076
1 vote
1 answer
909 views

Querying SKS (PGP key server) database directly?

I have an SKS server set up on Ubuntu 16, currently with a manifest of keys from dumps provided by the MIT PGP key server. I'd like to be able extract public keys / subkeys and associated user info (...
huertanix's user avatar
  • 217
1 vote
1 answer
418 views

Reliable PGP / GnuPG decryption for Mac OSX Mail

I'm developing a web app which emails encrypted data (from a web form) to a client who uses Macs/OSX exclusively in their office. I'd like to know: Is there are any reliable solutions for PGP / GnuPG ...
Prembo's user avatar
  • 937
1 vote
1 answer
252 views

decrypt gpg file with specific key ?? (OS = WindowsXp)

please how i can decrypt file with specific key in batch file mode ? for example i want to :- decrypt file X.txt with key X.pub
Mohammad AL-Rawabdeh's user avatar
1 vote
1 answer
91 views

Is it possible that apache will verify signed php files before using it

I will for better security configure apache to verify php scripts, which should be signed with my key. Is it possible? And is it possible not to serve not signed files?
Ishayahu's user avatar
  • 187
1 vote
0 answers
572 views

GPG4Win Decrypt Multiple files to a Different Directory

I have a requirement to download PGP files from a 3rd Party SFTP server and then decrypt them and move to a the company file server. I am going to use WinSCP to download the files to an Inbound ...
WelshPretender's user avatar
1 vote
1 answer
368 views

Multiple files encrypted with multiple GPG keys - how to easily add/remove/manage keys, automate key change tasks?

We have a bunch of files that contain sensitive information, that need to be accessed by several teams, but need to be unreadable to everyone else. Currently, each team member needs to generate their ...
Florin Andrei's user avatar
1 vote
1 answer
347 views

encrypt files by external GPG public key tools?

how i can encrypt files by eternal GPG public key ? for example user A generate public key A.pub and sent to me A.pub and you need from me to encrypt file by a.pub and sent it to you how i can do ...
Mohammad AL-Rawabdeh's user avatar
1 vote
1 answer
1k views

PGP encryption key with split-knowledge and dual control

An auditor recommends: We recommend that PGP environment be re-keyed using the industry required (ISO x9.8 and x9.24) standards of “split-knowledge and dual control” Is there something that we're ...
Leo's user avatar
  • 1,048
0 votes
1 answer
2k views

Encrypting files with different public keys

How can I encrypt three different files, each with its own public key? For instance, there are three companies (X, Y and Z). Each company sends me its own public key. I want to send a file to each ...
Mohammad AL-Rawabdeh's user avatar
0 votes
2 answers
7k views

Setting up PGP FTP

I have a situation where I need to setup a FTP server with PGP encryption. Currently I use FileZilla w/ SSL, but in this case we are required to use PGP. Any recommended products/procedures from ...
Malnizzle's user avatar
  • 1,441
0 votes
2 answers
85 views

PGP Package Recommendations

I need to use a client's public key to encrypt some csv files as part of an automated package in a windows 2003 domain. Can anyone recommend a PGP package (preferably opensource).
mike42's user avatar
  • 86
0 votes
1 answer
820 views

Where to store private key on Linux build server

On my Debian 3.2.54-2 build server I'd like to sign the build artifacts (JAR files) with my private key to ensure their authenticity. I've created a private key secring.gpg using GnuPG and protected ...
Matthias Braun's user avatar
0 votes
0 answers
25 views

monitor pgp expiration date from ciphermail gateway

I can lookup the expiration date of my public keys (PGP) in the webui of ciphermail. But is there a more convenient way of monitoring the expiration date of the PGP public keys?
Medera's user avatar
  • 131