search for: gpg2

Where do I get an update for gpg2 (GnuPG) for CentOS 6.10 that is compliant with CVE-2018-12020? I'm trying to update gpg2 (GnuPG GNU Privacy Guard) on my fully updated CentOS 6.10 computer to comply with CVE-2018-12020. My system has gpg2 package? gnupg2-2.0.14-8.el6.x86_64.rpm This package does not appear to be compliant with...

...eer > virt-builder: error: external command ‘'curl' -q --config > '/tmp/virt-builder.sVjrSV/guestfscurl53f9ac.conf'’ exited with error 56 Possibly a problem reaching http://builder.libguestfs.org/ ? It might be blocked in some countries. > this is detailed: > /usr/bin/gpg2 --homedir /tmp/virt-builder.sVjrSV/vb.gpghome.1AUiGm --verify --status-file '/tmp/virt-builder.sVjrSV/vbstatc04e44.txt' '/tmp/virt-builder.sVjrSV/vbcache1f47e5.txt' > gpg: Signature made Tue 16 Jun 2020 07:48:27 PM CST using RSA key ID E1B768A0 > gpg: Good signature from &quot...

All of the GPG commands we run are compatible with either v1 or v2, so this simply involves looking for either gpg2 or gpg binaries at runtime. --- builder/builder.ml | 10 ++++------ builder/cmdline.ml | 8 +++++++- builder/virt-builder.pod | 7 +++++-- docs/guestfs-building.pod | 2 +- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/builder/builder.ml b/builder/builder.ml in...

...ads. -=item gpg +=item GNU Privacy Guard (GnuPG, gpg) v1 or v2 Optional. Used by virt-builder for checking digital signatures. +Either version 1 or version 2 or fallback from v2 to v1 may be used by +specifying: + + ./configure --with-gnupg="gpg" + + ./configure --with-gnupg="gpg2" + + ./configure --with-gnupg="gpg2 gpg" + +Additionally the end user can override the choice using the +virt-builder I<--gpg> option. + +B<NB:> Do not confuse C<gpg2> with C<gpgv2>. The latter is for +B<v>erifying signatures only, and will not work as...

...: error: external command ‘'curl' -q --config &gt; '/tmp/virt-builder.sVjrSV/guestfscurl53f9ac.conf'’ exited with error 56 Possibly a problem reaching http://builder.libguestfs.org/ ? It might be blocked in some countries. &gt;&nbsp; this is detailed: &gt; /usr/bin/gpg2 --homedir /tmp/virt-builder.sVjrSV/vb.gpghome.1AUiGm --verify --status-file '/tmp/virt-builder.sVjrSV/vbstatc04e44.txt' '/tmp/virt-builder.sVjrSV/vbcache1f47e5.txt' &gt; gpg: Signature made Tue 16 Jun 2020 07:48:27 PM CST using RSA key ID E1B768A0 &gt; gpg: Good signature fr...

[Clearly, this question is intimately connected to the previous...] I need a way to ''preprocess'' or at least intercept password changes, because i need to propagate them to other ''legacy'' systems. I've looked around and found syncpasswords / getpassword samba-tool commands, but really i've not understood how they work. Seems to me that can be useful in

...sufficient (at least to me) to understand. > Wiki seems have nothing on this topic. > > > Someone can explain to me? Thanks. > Here are some instructions I have from our implementation on CentOS 7 and Samba 4.5. - configure gpg encrypted password for syncing to external system # gpg2 --gen-key # gpg2 --list-keys --keyid-format LONG - add the pub key to "password hash gpg key ids" in smb.conf - configure password script # samba-tool user syncpasswords --script=/some_folder/some_script.py --cache-ldb-initialize --decrypt-samba-gpg --attributes=virtualClearTextUTF8...

Parse the gpg status output directly within import_keyfile, returning just the key fingerprint. Just code motion, no actual behaviour changes. --- builder/sigchecker.ml | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/builder/sigchecker.ml b/builder/sigchecker.ml index 0c292fb..a1a4220 100644 --- a/builder/sigchecker.ml +++ b/builder/sigchecker.ml

...etc/skel/.gnupg/gpg.conf I am wondering if my issue is related to my gpg configuration but I don't even know where the hell the user specific configuration is kept now. /etc/gnupg for system-wide configuration exists but is empty. No idea if the gpg configuration could be the issue, and the gpg2 man page doesn't seem to indicate where the configuration file is kept now. It does reference a gpg.conf-2 but that file doesn't exist either. What's kind of sad, every single RPM signing howto I can find does not address the SHA1/SHA256 issue and when they do show the signature, it...

When running gpg to validate a signature, use also --batch in non-verbose mode to avoid the extra "Good signature" messages that are printed by gpg2 even in quiet mode. We are parsing the status output anyway to check the validation result, so this should be harmless (and the full gpg output is printed in verbose mode anyway). --- builder/sigchecker.ml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builder/sigchecker.ml b/...

...s related to my gpg configuration but I > don't even know where the hell the user specific configuration is kept > now. I think it's normally created when you create your keys, but it doesn't seem to be needed. > No idea if the gpg configuration could be the issue, and the gpg2 man > page doesn't seem to indicate where the configuration file is kept now. Yes, it does. The file is gpg.conf in --homedir (which defaults to ~/.gnupg).

I've started to sign release tarballs: http://libguestfs.org/download/1.21-development/ The *.tar.gz.sig file is a PGP ASCII-armored signature of the corresponding *.tar.gz file. It is signed using gpg2 with this key: pub 4096R/E1B768A0 2011-10-11 Key fingerprint = F777 4FB1 AD07 4A7E 8C87 67EA 9173 8F73 E1B7 68A0 uid Richard W.M. Jones <rjones at redhat.com> uid Richard W.M. Jones <rich at annexia.org> sub 4096R/2D07308A 2011-10-...

Good Morning-- I'm looking to shore up security in my system and with communications. Can you point me to the proper version of GnuPG for CentOS 5.3 (Final)? Thanks, Dick -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." --Benjamin Franklin 1755

On 01/20/2016 04:52 AM, Johnny Hughes wrote: > On 01/20/2016 04:48 AM, Johnny Hughes wrote: >> On 01/20/2016 04:39 AM, Johnny Hughes wrote: >>> On 01/20/2016 01:37 AM, Alice Wonder wrote: >>>> hi, >>>> >>>> I noticed that RPM packages I sign use SHA1 >>>> >>>> Signature : RSA/SHA1, Fri 08 Jan 2016 10:50:58 AM PST, Key

https://bugzilla.mindrot.org/show_bug.cgi?id=2472 Bug ID: 2472 Summary: Add support to load additional certificates Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs at