|
Size: 625
Comment:
|
Size: 3359
Comment: improve phrasing
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| For unknown reasons the Index page has been marked as immutable, thus I have to add link here * BuildingFromGIT Notes for ~GnuPG users on several platforms (except maybe Windows) |
Notes for ~GnuPG users on several platforms |
| Line 10: | Line 5: |
| Always use a current version of GnuPG Version >= 2. (There are only a few rare execptions to this rule.) |
Always use a current, supported version of GnuPG (which are versions >= 2.2 at 2020-04-22) (There are only a few rare exceptions to this rule.) == Ubuntu gnome-keyring or seahorse may pose as gpg-agent, but known versions today (2015-03) are not fully compatible with the gpg-agent protocol. So applications may show errors or cannot work when they believe they are talking to gpg-agent and try to use its features. Examples: {{{ERR 280 not implemented}}} or a protocol error in the Kleopatra self-tests. You can detect the situation with GnuPG 2.0.x when checking the environment variable on a shell like {{{echo $GPG_AGENT_INFO}}}. You are talking to a gpg-agent for good, if it has something with {{{gpg-agent}}} in it and a corresponding gpg-agent process is running. Otherwise the connection has probably been taken over. Solution: Disable gnome-keyring, some hints on how to disable it are within the [[https://www.programmierecke.net/howto/gpg-ssh.html|notes on how to use gpg-agent with ssh]] (you need only the disable part, not the ssh part) or [[http://lists.gnupg.org/pipermail/gnupg-users/2014-September/050812.html|here]]. (TODO link or describe better solution, link/create reports for ubuntu and gnome) For some Details see this [[http://lists.gnupg.org/pipermail/gnupg-users/2014-September/050800.html|gnupg-users post]]. Also see the [[GnomeKeyring|general problem with Gnome-Keyring page]]. |
| Line 15: | Line 25: |
| Note that the gnupg2 Package may look in different systems paths compared to a vanilla build and what its documentation says. |
Note that the gnupg2 Package may search for files in paths that differ from the paths of a vanilla build and what its written in the documentation. |
| Line 18: | Line 28: |
| E.g: wheezy looks in {{{/etc/gnupg2/trustlist.txt}}} but the docs differ ([[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725804|Debian defect #725804]]). | E.g: The gpgsm[2.0.19-2+deb7u1] in Wheezy looks in {{{/etc/gnupg2/trustlist.txt}}} but the docs differ ([[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725804|Debian defect #725804]]). == Mac OS X * http://sourceforge.net/p/gpgosx/docu/Home/ * https://gpgtools.org == Android * https://guardianproject.info/code/gnupg/ ported GnuPG to Android, see https://guardianproject.info/2013/05/09/gnupg-for-android-progress-we-have-an-app/ and integrated the changes to GnuPG upstream and supported there (e.g. [[https://lists.gnupg.org/pipermail/gnupg-users/2017-October/059335.html|gnupg-users@ 2017-10]]). The app itself used to be available from [[https://f-droid.org/wiki/page/info.guardianproject.gpg|Fdroid]] but is now looking for a new maintainer (last checked 2018-01-04). * For a different implementation see OpenPGP-Keychain via OtherFreeSoftwareOpenPGP * The 2016 study [[https://wiki.gnupg.org/Gpg4all2015?highlight=(OpenPGP%20auf%20Android)|Nutzung von OpenPGP auf Android]] (in German) offers a more detailed look at the available options on Android at that time. == Webbrowser * https://webpg.org/ , successor of ~FireGPG. //provides an interface to GnuPG by way of an [[https://en.wikipedia.org/wiki/NPAPI|NPAPI]] plugin// * For different implementations see users of openpgp.js via OtherFreeSoftwareOpenPGP * http://thinkst.com/tools/cr-gpg/ a Chromium extension. TODO: License ? alpha, last activity 2012 * The 2016 study [[https://wiki.gnupg.org/Gpg4all2015?highlight=(OpenPGP%20in%20Webanwendungen)|Nutzung von OpenPGP in Webanwendungen]] (in German) offers a more detailed look at the available options for web applications at that time. |
Notes for GnuPG users on several platforms
General Remarks
Always use a current, supported version of GnuPG (which are versions >= 2.2 at 2020-04-22) (There are only a few rare exceptions to this rule.)
Ubuntu
gnome-keyring or seahorse may pose as gpg-agent, but known versions today (2015-03) are not fully compatible with the gpg-agent protocol. So applications may show errors or cannot work when they believe they are talking to gpg-agent and try to use its features. Examples: ERR 280 not implemented or a protocol error in the Kleopatra self-tests.
You can detect the situation with GnuPG 2.0.x when checking the environment variable on a shell like echo $GPG_AGENT_INFO. You are talking to a gpg-agent for good, if it has something with gpg-agent in it and a corresponding gpg-agent process is running. Otherwise the connection has probably been taken over.
Solution: Disable gnome-keyring, some hints on how to disable it are within the notes on how to use gpg-agent with ssh (you need only the disable part, not the ssh part) or here.
(TODO link or describe better solution, link/create reports for ubuntu and gnome) For some Details see this gnupg-users post. Also see the general problem with Gnome-Keyring page.
Debian
Note that the gnupg2 Package may search for files in paths that differ from the paths of a vanilla build and what its written in the documentation.
E.g: The gpgsm[2.0.19-2+deb7u1] in Wheezy looks in /etc/gnupg2/trustlist.txt but the docs differ (Debian defect #725804).
Mac OS X
Android
- https://guardianproject.info/code/gnupg/ ported GnuPG to Android, see https://guardianproject.info/2013/05/09/gnupg-for-android-progress-we-have-an-app/ and integrated the changes to GnuPG upstream and supported there (e.g. gnupg-users@ 2017-10). The app itself used to be available from Fdroid but is now looking for a new maintainer (last checked 2018-01-04).
- For a different implementation see OpenPGP-Keychain via OtherFreeSoftwareOpenPGP
- The 2016 study Nutzung von OpenPGP auf Android (in German) offers a more detailed look at the available options on Android at that time.
Webbrowser
- https://webpg.org/ , successor of FireGPG. provides an interface to GnuPG by way of an NPAPI plugin
- For different implementations see users of openpgp.js via OtherFreeSoftwareOpenPGP
- http://thinkst.com/tools/cr-gpg/ a Chromium extension. TODO: License ? alpha, last activity 2012
- The 2016 study Nutzung von OpenPGP in Webanwendungen (in German) offers a more detailed look at the available options for web applications at that time.