Feb 1, 2021 · The steps depend on your specific environment, but checking (or creating) the pinentry-program option in ~/.gnupg/gpg-agent.conf is a good place to start. In my case (on OS X with Homebrew-installed gpg and pinentry-mac ) I had …

Apr 30, 2024 · The GnuPG Manual states that: This [sshcontrol] file is deprecated in favor of the "Use-for-ssh" attribute in the key files. What is now the correct way to configure gpg / gpg-agent to ...

Apr 18, 2015 · TL;DR: For GnuPG 1.0 and 2.0, default is Cast5, for GnuPG 2.1 it is AES-128. Recipient's Preferences. Per default, GnuPG will read the recipient's algorithm preferences and take the first algorithm in that list it supports (in other words, it takes the most-preferred supported algorithm the recipient asks for).

Is it possible to make OpenSSL and GnuPG (for key generation for instance) use the output of that TRNG as source of randomness? Even better: make these tools making a "mix" of their original randomness source (/dev/random I suppose) and the TRNG source? I can't fully trust this TRNG (especially because the drivers for it aren't open-sourced).

Jun 1, 2015 · But be aware, that GnuPG will automatically add 3DES, SHA1, uncompressed and those are the minimum set of algorithms all implementations must or should support. If you don't choose any compression algorithm, also ZIP will be added to the list.

GnuPG version 2.1 uses AES (128 bit key) as the default, so if you have that version you don't need to tweak the default at all. Older versions default to CAST5, but if they support AES it is worthwhile to override that default. (Neglecting to do so shouldn't be a cause for alarm, however.)

Aug 26, 2022 · gpg-agent has OpenSSH agent emulation. If you already use the GnuPG suite, you might consider using its agent to also cache your SSH keys. Additionally, some users may prefer the PIN entry dialog GnuPG agent provides as part of its passphrase management. I see this post talking about why we should use gpg to sign commits for git. Looking around ...

Oct 9, 2019 · The version of gnupg that comes with Amazon Linux is too old to support ECC cryptography. If you look at the output of gpg --list-key 40BXFE61 , you can check for any pub or sub entries that have cv25519 or nistp256 in them, e.g.:

Jul 22, 2020 · It's designed to work like GnuPG, as the README begins: This is a GnuPG-like unix program for encryption and signing that uses only quantum-computer-resistant algorithms: McEliece cryptosystem (compact QC-MDPC variant) for encryption Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures

Dec 18, 2015 · The signature is correct, but GnuPG could not verify the key's validity, thus the signature is not deemed valid. With other words, GnuPG explains you that while the signature is issued by a totally valid key, the key could have issued by anybody (you can create keys for arbitrary mail addresses, there is no central instance verifying them ...