Mailing List Archive

On Sun, Oct 31, 2004 at 11:24:58PM +0100, Erik Wasser wrote:
> I read "Using OpenPGP and PGP/MIME with KMail >= 1.7"[1] and installed a
> few libraries on my Gentoo System:
>
> dev-libs/pth-1.4.0
> dev-libs/libksba-0.9.8
> dev-libs/libassuan-0.6.6
> app-crypt/gnupg-1.9.10
> app-crypt/gpgme-0.9.0-r1
> dev-libs/libgcrypt-1.1.94
>
> The installation is so great that I can do the
>
> > echo "test" | gpg -ase -r 0xDEADBEEF | gpg

Whoch version of Kmail are you trying CVS from this week?

> 'trick' and the 'eval "$(gpg-agent --daemon)"' is working fine. I can
> read decrypted mails but I can't encrypting mails in kmail and that is
> bad. When I try to send a decrypted mail I enter the pass phrase and
> everything seems okay but when kmail really sends the mail I got an
> error box with
>
> "Encyption failed: Brocken pipe"
>
> What is the error here? What can I test so solve this problem? Any
> ideas? Is this a plugin error or an kmail error?

A) Start the log watcher from extras and enable debugging.
B) Try to decrypt the email on the command line.
(More difficult, you need to save the encrypted part in the right
format.)


> I read also the bug reports[2][3] in kmail but I unsure what is the
> problem here.
>
> [1] http://kmail.kde.org/kmail-pgpmime-howto.html
> [2] http://bugs.kde.org/show_bug.cgi?id=85009
> [3] http://bugs.kde.org/show_bug.cgi?id=83086
>
> --
> So long... Fuzz
>
> _______________________________________________
> Gpa-dev mailing list
> Gpa-dev@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gpa-dev

--
Professional Service for Free Software (intevation.net)
The FreeGIS Project (freegis.org)
FSFE (fsfeurope.org)

On Friday 05 November 2004 17:23, Bernhard Reiter wrote:

> > > echo "test" | gpg -ase -r 0xDEADBEEF | gpg
>
> Whoch version of Kmail are you trying CVS from this week?

Ich don't use KMail from CVS. I'm using the version KMail 1.7 from KDE
3.3.0. Is this version too old? I'm not very up-to-date with this
things.

> > What is the error here? What can I test so solve this problem? Any
> > ideas? Is this a plugin error or an kmail error?
>
> A) Start the log watcher from extras and enable debugging.

I set the 'debug-level' to 'guru'. I hope this is the option you mean.
B-)

Here is the log:

gpg-agent[14631]: NOTE: this is a development version!
gpg-agent[14631]: listening on socket `/tmp/gpg-Njqs17/S.gpg-agent'
gpg-agent[14632]: handler for fd 0 started
gpg-agent[14632.0x8075db0] DBG: -> OK Pleased to meet you
gpg-agent[14632.0x8075db0] DBG: <- OPTION display=:0
gpg-agent[14632.0x8075db0] DBG: -> OK
gpg-agent[14632.0x8075db0] DBG: <- OPTION ttyname=/dev/tty
gpg-agent[14632.0x8075db0] DBG: -> OK
gpg-agent[14632.0x8075db0] DBG: <- OPTION ttytype=xterm
gpg-agent[14632.0x8075db0] DBG: -> OK
gpg-agent[14632.0x8075db0] DBG: <- OPTION lc-ctype=de_DE@euro
gpg-agent[14632.0x8075db0] DBG: -> OK
gpg-agent[14632.0x8075db0] DBG: <- OPTION lc-messages=de_DE@euro
gpg-agent[14632.0x8075db0] DBG: -> OK
gpg-agent[14632.0x8075db0] DBG: <- GET_PASSPHRASE
59B1C97855BA33FDB0540D6E63DDC9B6247DB795 X X
You+need+a+passphrase+to+unlock+the+secret+key+for+user:
%0A"Erik+Wasser+<erik.wasser@iquer.de>"%0A1024-bit+DSA+key,
+ID+247DB795,+created+2001-01-05%0A
gpg-agent[14632]: DBG: agent_get_cache
`59B1C97855BA33FDB0540D6E63DDC9B6247DB795'...
gpg-agent[14632]: DBG: ... miss
gpg-agent[14632]: starting a new PIN Entry
gpg-agent[14632]: DBG: connection to PIN entry established
gpg-agent[14632]: DBG: agent_put_cache
`59B1C97855BA33FDB0540D6E63DDC9B6247DB795'
gpg-agent[14632.0x8075db0] DBG: -> [Confidential data not shown]
gpg-agent[14632.0x8075db0] DBG: <- [EOF]
gpg-agent[14632]: handler for fd 0 terminated

I don't see any error here. B-)

> B) Try to decrypt the email on the command line.
> (More difficult, you need to save the encrypted part in the right
> format.)

Ups... Sorry! My mistake. Decryption is fine and working. Sending an
encrypted is a problem. The logfile was created during the send process
of kmail.

I'm very clueless. B-(((

Thanks for the help.

--
So long... Fuzz

Hi Erik,

On Mon, Nov 08, 2004 at 12:26:42PM +0100, Erik Wasser wrote:
> On Friday 05 November 2004 17:23, Bernhard Reiter wrote:
> > Whoch version of Kmail are you trying CVS from this week?
>
> Ich don't use KMail from CVS. I'm using the version KMail 1.7 from KDE
> 3.3.0. Is this version too old? I'm not very up-to-date with this
> things.

The lastest and greatest improvements from Ägypten2 are
in later versions. However I do not see why it should not working..

First: Are you trying to use OpenPGP or S/MIME?
Secondly: Try to do all operations on the command line first
too seperate if KMail is your problem or the crypto setup itself.

> > > What is the error here? What can I test so solve this problem? Any
> > > ideas? Is this a plugin error or an kmail error?
> >
> > A) Start the log watcher from extras and enable debugging.
>
> I set the 'debug-level' to 'guru'. I hope this is the option you mean.

Guru is fine and will leave files in directory, too.
So "expert" is sufficient most of the time.


> gpg-agent[14632]: DBG: connection to PIN entry established

So you do see a pinentry?

> I don't see any error here. B-)

True.

> > B) Try to decrypt the email on the command line.
> > (More difficult, you need to save the encrypted part in the right
> > format.)
>
> Ups... Sorry! My mistake. Decryption is fine and working. Sending an
> encrypted is a problem. The logfile was created during the send process
> of kmail.

No it was also my mistake, I wasn't reading closely enough.
Try your operation on the command line, like

# OpenPGP
gpg -e -r buddy@home.where x >x.enc

or
# X509
gpgsm -e -r buddy@home.where x >x.enc

On Tuesday 09 November 2004 22:48, Bernhard Reiter wrote:

> The lastest and greatest improvements from Ägypten2 are
> in later versions. However I do not see why it should not working..

I've just upgraded to KDE 3.3.1 and KMail 1.7.1.

> First: Are you trying to use OpenPGP or S/MIME?

OpenPGP.

> Secondly: Try to do all operations on the command line first
> too seperate if KMail is your problem or the crypto setup itself.

Okay, where we go:

> > gpg-agent[14632]: DBG: connection to PIN entry established
>
> So you do see a pinentry?

Is this the box for entering the password? Yes, it came up the first
time and cached the password correctly for further tries.

% gpg -e -r buddy@home.where x >x.enc

Crap, see for yourself:

% gpg -e -r someone@somewhere.tld hosts
Secure memory is not locked into core
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: someone@somewhere.tld: skipped: Unusable public key
gpg: /etc/hosts: encryption failed: Unusable public key

What does that 'Unusable public key' mean in this case?

Thanks for your great support!

--
So long... Fuzz

On Wed, 10 Nov 2004 12:53:27 +0100, Erik Wasser said:

> What does that 'Unusable public key' mean in this case?

You used a key not capable of encryption or expired or without a valid
user ID. --debug 64 gives more more detailed info. Check the output
of gpg --check-sigs someone.

Werner

On Wednesday 10 November 2004 13:29, Werner Koch wrote:

> On Wed, 10 Nov 2004 12:53:27 +0100, Erik Wasser said:
> > What does that 'Unusable public key' mean in this case?
>
> You used a key not capable of encryption or expired or without a
> valid user ID. --debug 64 gives more more detailed info.

% gpg --debug 64 -e -r someone@somewhere.tld hosts
Secure memory is not locked into core
gpg: NOTE: no default option file `/home/fuzz/.gnupg/options'
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: DBG: finish_lookup: checking key 33EAF336 (one)(req_usage=0)
gpg: DBG: using key 33EAF336
gpg: DBG: finish_lookup: checking key C59447D8 (one)(req_usage=0)
gpg: DBG: using key C59447D8
gpg: DBG: finish_lookup: checking key 33EAF336 (one)(req_usage=0)
gpg: DBG: using key 33EAF336
gpg: DBG: cache_user_id: already in cache
gpg: DBG: finish_lookup: checking key 45C922BF (one)(req_usage=0)
gpg: DBG: using key 45C922BF
gpg: DBG: finish_lookup: checking key 33EAF336 (all)(req_usage=2)
gpg: DBG: no suitable subkeys found - trying primary
gpg: DBG: primary key not valid
gpg: DBG: no suitable key found - giving up
gpg: someone@somewhere.tld: skipped: Unusable public key
gpg: hosts: encryption failed: Unusable public key
secmem usage: 1344/32768 bytes in 2 blocks

Okay the key is unusable. So far so bad. B-)

> Check the
> output of gpg --check-sigs someone.

pub 2048R/33EAF336 2002-04-29 Real Name <someone@somewhere.tld>
sig! 36F3EA33 2002-04-29 [User id not found]

Stupid question (again): what does *that* mean?

Thanks for the support.

--
So long... Fuzz

On Wed, 10 Nov 2004 13:42:30 +0100, Erik Wasser said:

> pub 2048R/33EAF336 2002-04-29 Real Name <someone@somewhere.tld>
> sig! 36F3EA33 2002-04-29 [User id not found]

> Stupid question (again): what does *that* mean?

Your key is broken and there is no subkey usable for encryption. For
a valid key you should get such a listing:

pub 1024D/9CD9FD55 2000-12-14
uid Joe Random Hacker
sig!3 9CD9FD55 2000-12-14 Joe Random Hacker
sub 1024g/381701C4 2000-12-14
sig! 9CD9FD55 2000-12-14 Joe Random Hacker

(gpg 1.2 merges the first "uid" line with the "pub" line)

You can see the user ID with a self-signature and a subkey with the
key binding self-signature. If you do a gpg --list-keys --with-colons
you even get more information:

pub:f:1024:17:AF82244F9CD9FD55:976803034:::q:::scaESCA:
uid:f::::976803034::18652B8DFEFDC53FBD2553FC289B6D3FC2033BC0::\
Joe Random Hacker:
sub:f:1024:16:087DD7E0381701C4:976803037::::::e:

Note the "scaESCA" in the first line. The capitalized letters say,
the entiere key (primary and subkeys) may be used for: encryption,
signing, certification and authentication. If you do this for your
key you will notice that there is no E in it.


Shalom-Salam,

Werner

On Wednesday 10 November 2004 15:41, Werner Koch wrote:
> On Wed, 10 Nov 2004 13:42:30 +0100, Erik Wasser said:
> > pub 2048R/33EAF336 2002-04-29 Real Name <someone@somewhere.tld>
> > sig! 36F3EA33 2002-04-29 [User id not found]
> >
> > Stupid question (again): what does *that* mean?
>
> Your key is broken and there is no subkey usable for encryption. For
> a valid key you should get such a listing:
>
> pub 1024D/9CD9FD55 2000-12-14
> uid Joe Random Hacker
> sig!3 9CD9FD55 2000-12-14 Joe Random Hacker
> sub 1024g/381701C4 2000-12-14
> sig! 9CD9FD55 2000-12-14 Joe Random Hacker
>
> (gpg 1.2 merges the first "uid" line with the "pub" line)
>
> You can see the user ID with a self-signature and a subkey with the
> key binding self-signature. If you do a gpg --list-keys --with-colons
> you even get more information:
>
> pub:f:1024:17:AF82244F9CD9FD55:976803034:::q:::scaESCA:
> uid:f::::976803034::18652B8DFEFDC53FBD2553FC289B6D3FC2033BC0::\
> Joe Random Hacker:
> sub:f:1024:16:087DD7E0381701C4:976803037::::::e:
>
> Note the "scaESCA" in the first line. The capitalized letters say,
> the entiere key (primary and subkeys) may be used for: encryption,
> signing, certification and authentication. If you do this for your
> key you will notice that there is no E in it.

Yes, you're right. I've requestet the public key from this guy again:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

mQENAzzNVBsAAAEIALGAXwx4mTqrSI15itb0mtSwRG3msRP41KK3zCQ//xSf4zWN
[...]
aCMiZak=
=kA+s
-----END PGP PUBLIC KEY BLOCK-----

When I try to import it:

% gpg --import <publickey
Secure memory is not locked into core
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: key 33EAF336: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1

Well what does that mean? What is this user ID about? Do I have to use
PGP instead of GPG? Why? I don't understand this at all. B-)

--
So long... Fuzz

On Sunday 14 November 2004 22:02, Erik Wasser wrote:
> When I try to import it:
>
> % gpg --import <publickey
> Secure memory is not locked into core
> gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
> gpg: It is only intended for test purposes and should NOT be
> gpg: used in a production environment or with production keys!
> gpg: key 33EAF336: no valid user IDs
> gpg: this may be caused by a missing self-signature
> gpg: Total number processed: 1
> gpg: w/o user IDs: 1
>
> Well what does that mean? What is this user ID about? Do I have to
> use PGP instead of GPG? Why? I don't understand this at all. B-)

A user ID connects a key and its owner. Usually it contains the key
owner's name and his email address. If a user ID is not self-signed
then it could have been added by anyone to the key. I think some very
old versions of PGP created user IDs without self-signature. You have
to ask the key owner to sign his user ID if you want to use the key.

Regards,
Ingo

On Sunday 14 November 2004 23:41, Ingo Klöcker wrote:

> A user ID connects a key and its owner. Usually it contains the key
> owner's name and his email address. If a user ID is not self-signed
> then it could have been added by anyone to the key. I think some very
> old versions of PGP created user IDs without self-signature. You have
> to ask the key owner to sign his user ID if you want to use the key.

I played a little bit with PGP810 for windows. This version can create
three different versions of key pairs.

1) Diffie-Hellmann/DSS (standard)
2) RSA
3) RSA-Legacy

The first two are no problem (I'm talking about importing the public key
into GPG). But the third one is the problem here. It gives me the old
error code:

Secure memory is not locked into core
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: key 1DE27EF7: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1

Is this is PGP or an GPG issue? Is this key just too legacy or is gpg
just to new? Can I update the PGP key so it will have this user ID?

The FAQ from GNUPG[1] says to GnuPG and RSA the following: "RSA is
included as of GnuPG version 1.0.3." Does this yes-to-RSA-statement
includes 'RSA-legacy' keys?

Comments? Ideas? B-)

[1]http://www.gnupg.org/(en)/documentation/faqs.html#q3.3

--
So long... Fuzz

On Tuesday 16 November 2004 00:28, Erik Wasser wrote:
> On Sunday 14 November 2004 23:41, Ingo Klöcker wrote:
> > A user ID connects a key and its owner. Usually it contains the key
> > owner's name and his email address. If a user ID is not self-signed
> > then it could have been added by anyone to the key. I think some
> > very old versions of PGP created user IDs without self-signature.
> > You have to ask the key owner to sign his user ID if you want to
> > use the key.
>
> I played a little bit with PGP810 for windows. This version can
> create three different versions of key pairs.
>
> 1) Diffie-Hellmann/DSS (standard)
> 2) RSA
> 3) RSA-Legacy
>
> The first two are no problem (I'm talking about importing the public
> key into GPG). But the third one is the problem here. It gives me the
> old error code:
>
> Secure memory is not locked into core
> gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
> gpg: It is only intended for test purposes and should NOT be
> gpg: used in a production environment or with production keys!
> gpg: key 1DE27EF7: no valid user IDs
> gpg: this may be caused by a missing self-signature
> gpg: Total number processed: 1
> gpg: w/o user IDs: 1
>
> Is this is PGP or an GPG issue? Is this key just too legacy or is gpg
> just to new? Can I update the PGP key so it will have this user ID?

It's a flaw in the original specification. The key is just too legacy.
To make gpg accept the key you just have to self-sign the user ID.

> The FAQ from GNUPG[1] says to GnuPG and RSA the following: "RSA is
> included as of GnuPG version 1.0.3." Does this yes-to-RSA-statement
> includes 'RSA-legacy' keys?

Yes.

Regards,
Ingo

On Tuesday 16 November 2004 00:51, Ingo Klöcker wrote:

> It's a flaw in the original specification. The key is just too
> legacy. To make gpg accept the key you just have to self-sign the
> user ID.

Thanks for helping. The next problem is arising.

I created a RSA-legacy key pair version with PGP 8.1 for testing.

The tree structure consists of 3 three entries:

- Full name <email> RSA legacy key pair
|
+ Full name <email> User ID
|
+ Full name <email> RSA exportable signature

When I try to sign the first or second entry the PGP already says
"Cannot sign 'Full name <email>' The Key is already signed be the
specified signing key".

The third entry can't be signed because it's only the signature.

So I'am stuck again here. Can someone test this 'behavior' of PGP. I
know this is a ML for GPG, but when I know the bug is in PGP I will go
there. Promised! B-)

--
So long... Fuzz

On Tue, 16 Nov 2004 00:28:35 +0100, Erik Wasser said:

> The FAQ from GNUPG[1] says to GnuPG and RSA the following: "RSA is
> included as of GnuPG version 1.0.3." Does this yes-to-RSA-statement
> includes 'RSA-legacy' keys?

Yes.

For some reasons your self-signature is not valid. If you want me to
have a look at that key, please send me the public key.


Salam-Shalom,

Werner

On Tuesday 16 November 2004 10:11, Werner Koch wrote:

> For some reasons your self-signature is not valid. If you want me to
> have a look at that key, please send me the public key.

Thanks for your offer. You find the keys in the attachment of this mail:

pierre.asc - This is the key that started the whole thing. It's from my
brother and was created with PGPfreeware 6.5.8. It's a RSA legacy pair.

erik.asc - This is my test key. It's an RSA legacy pair too from PGP
8.1.

Both can't be imported in my gpg-1.9.10: 'no valid user IDs'.

Thanks for your help and work with me. B-)

--
So long... Fuzz

On Tue, 16 Nov 2004 10:45:31 +0100, Erik Wasser said:

> erik.asc - This is my test key. It's an RSA legacy pair too from PGP
> 8.1.

I had no problems importing that key.

> Both can't be imported in my gpg-1.9.10: 'no valid user IDs'.

Ah well, you should not use gpg2 (the OpenPGP part of GnuPG 1.9). It
is way behind the development of decent gpg 1.2.x or 1.3.x.

Please install gnupg-1.3.92 - if coexists without problems with gnupg
1.9.x (at least with the latest one). There is a reason why it is
called gpg2 and not gpg in 1.9.

hth,

Werner

On Tuesday 16 November 2004 12:01, Werner Koch wrote:

> I had no problems importing that key.

Everytime I think that all my problems are solved with the next answer
mail from the ML everything gets worse. B-)

> > Both can't be imported in my gpg-1.9.10: 'no valid user IDs'.
>
> Ah well, you should not use gpg2 (the OpenPGP part of GnuPG 1.9). It
> is way behind the development of decent gpg 1.2.x or 1.3.x.

Can you tell me something about the different parts?

gnupg-1.2.6 is the stable version.
gnupg-1.3.92 is the unstable version (what's new in this branch?)
gnupg-1.9.10 is another unstable version (what's different in this
branch?
gpgme-1.0.1 is a interoperability library for kmail vs. gpg, right?

I want to use GPG for securing my mails including the attachements. So I
can't use the deprecated "inline OpenPGP" method.

I've found the Aegypten2 project page[1] and the requirements are: gnupg
(>= 1.9.10). Or is that the requirement only for the SMIME standard?

> Please install gnupg-1.3.92 - if coexists without problems with gnupg
> 1.9.x (at least with the latest one). There is a reason why it is
> called gpg2 and not gpg in 1.9.

Thanks. After installing I made some softlinks[2] but now everything
seems fine. I'm now waiting for a feedback of my crypted mail.

Thanks for your great support.

[1]Using OpenPGP and PGP/MIME with KMail:
http://kmail.kde.org/kmail-pgpmime-howto.html

[2]
ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg
ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg2

--
So long... Fuzz

On Tue, Nov 16, 2004 at 01:19:18PM +0100, Erik Wasser wrote:
> On Tuesday 16 November 2004 12:01, Werner Koch wrote:

> > > Both can't be imported in my gpg-1.9.10: 'no valid user IDs'.
> >
> > Ah well, you should not use gpg2 (the OpenPGP part of GnuPG 1.9). It
> > is way behind the development of decent gpg 1.2.x or 1.3.x.
>
> Can you tell me something about the different parts?
>
> gnupg-1.2.6 is the stable version.

Ready for production use.
Conservative updates only.

> gnupg-1.3.92 is the unstable version (what's new in this branch?)

To become 1.4.0 eventually.
(Werner know more about the differences, you can see much
in reading the announcements archive
http://lists.gnupg.org/pipermail/gnupg-announce/)

> gnupg-1.9.10 is another unstable version (what's different in this
> branch?

It merged gpgsm (doing smime) and gpg.

> gpgme-1.0.1 is a interoperability library for kmail vs. gpg, right?

Almost. ;)

http://www.gnupg.org/(en)/related_software/gpgme/index.html
GnuPG Made Easy (GPGME) is a library designed to make access
to GnuPG easier for applications. It provides a High-Level Crypto
API for encryption, decryption, signing, signature verification and
key management.

It can use gpg 1.9.x and thus provide crypto operations
needed for S/MIME and OpenPGP.

> I want to use GPG for securing my mails including the attachements. So I
> can't use the deprecated "inline OpenPGP" method.

That is correct, do not use it.

> I've found the Aegypten2 project page[1] and the requirements are: gnupg
> (>= 1.9.10). Or is that the requirement only for the SMIME standard?

It is for S/MIME.


> > Please install gnupg-1.3.92 - if coexists without problems with gnupg
> > 1.9.x (at least with the latest one). There is a reason why it is
> > called gpg2 and not gpg in 1.9.
>
> Thanks. After installing I made some softlinks[2] but now everything
> seems fine. I'm now waiting for a feedback of my crypted mail.

> [1]Using OpenPGP and PGP/MIME with KMail:
> http://kmail.kde.org/kmail-pgpmime-howto.html
>
> [2]
> ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg
> ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg2

You do not need the link to gpg2.
gnupg1.9.x builds gpg2 just so it can coexist.

On Tuesday 16 November 2004 14:28, Bernhard Reiter wrote:

> [...]

Thanks for your explanations and patience.

> > [2]
> > ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg
> > ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg2
>
> You do not need the link to gpg2.
> gnupg1.9.x builds gpg2 just so it can coexist.

Well... not here. B-)

% cd ~/src/gnupg-1.3.92
% ./configure --prefix=/usr/local/gnupg-1.3.92
% make
% make install
% ls -l /usr/local/gnupg-1.3.92/bin
total 4188
-rwxr-xr-x 1 fuzz 504 2798663 Nov 16 12:48 gpg
-rwxr-xr-x 1 fuzz 504 147687 Nov 16 12:48 gpgsplit
-rwxr-xr-x 1 fuzz 504 1321164 Nov 16 12:48 gpgv
%

B-)

--
So long... Fuzz

On Tuesday 16 November 2004 14:47, Erik Wasser wrote:
> On Tuesday 16 November 2004 14:28, Bernhard Reiter wrote:
> > [...]
>
> Thanks for your explanations and patience.
>
> > > [2]
> > > ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg
> > > ln -s to /usr/local/gnupg-1.3.92/bin/gpg /usr/bin/gpg2
> >
> > You do not need the link to gpg2.
> > gnupg1.9.x builds gpg2 just so it can coexist.
>
> Well... not here. B-)
>
> % cd ~/src/gnupg-1.3.92
> % ./configure --prefix=/usr/local/gnupg-1.3.92
> % make
> % make install
> % ls -l /usr/local/gnupg-1.3.92/bin
> total 4188
> -rwxr-xr-x 1 fuzz 504 2798663 Nov 16 12:48 gpg
> -rwxr-xr-x 1 fuzz 504 147687 Nov 16 12:48 gpgsplit
> -rwxr-xr-x 1 fuzz 504 1321164 Nov 16 12:48 gpgv
> %

I think you misunderstood Bernhard. Let me rephrase:

gnupg-1.3.92 builds gpg.
gnupg-1.9.x builds gpg2.
gpg and gpg2 can coexist.

So you should install gnupg-1.3.x (or the latest gnupg-1.2.x) and
gnupg-1.9.x. On the command line you should only use gpg. gpg2 is
currently only used by the Aegypten2 stuff.

Regards,
Ingo

On Tue, 16 Nov 2004 23:29:21 +0100, Ingo Klöcker said:

> gnupg-1.9.x. On the command line you should only use gpg. gpg2 is
> currently only used by the Aegypten2 stuff.

Actually gpg2 is not used at all. The current CVS version even displays:

log_info ("WARNING: This version of gpg is not very matured and\n");
log_info ("WARNING: only intended for testing. Please keep using\n");
log_info ("WARNING: gpg 1.2.x, 1.3.x or 1.4.x for OpenPGP\n");

Given all the problems I consider to not having build it at all unless
a configure option has been given.


Shalom-Salam,

Werner

On Wednesday 17 November 2004 08:27, Werner Koch wrote:
> On Tue, 16 Nov 2004 23:29:21 +0100, Ingo Klöcker said:
> > gnupg-1.9.x. On the command line you should only use gpg. gpg2 is
> > currently only used by the Aegypten2 stuff.
>
> Actually gpg2 is not used at all.

It's not used for OpenPGP by Aegypten2? Interesting. But it's surely
used for S/MIME, isn't it?

Regards,
Ingo

On Wed, 17 Nov 2004 22:22:32 +0100, Ingo Klöcker said:

> It's not used for OpenPGP by Aegypten2? Interesting. But it's surely
> used for S/MIME, isn't it?

gpgsm is used for S/MIME. The gnupg 1.9 package contains several
modules which are all used by the S/MIME backend. There is also a
module named gpg2 but that one is more or less for development reasons
included - it is not needed and should not be used. OTOH, the packages
gnupg 1.2.x and gnupg 1.3.x do only include one module: gpg - which is
used for OpenPGP.

What a mess; I should have better not included the gpg2 with gnupg 1.9.

Werner

On Thu, Nov 18, 2004 at 01:26:22PM +0100, Werner Koch wrote:
> On Wed, 17 Nov 2004 22:22:32 +0100, Ingo Klöcker said:
> What a mess; I should have better not included the gpg2 with gnupg 1.9.

Well the idea would be to actually make gnupg-1.9.
be the integrated development line. ;)

On Wednesday 17 November 2004 08:27, Werner Koch wrote:

> Actually gpg2 is not used at all. The current CVS version even
> displays:

I don't know if this adds something the discussion but anyway have a
look at this:

% cd /usr/bin
% dir -al gpg*
lrwxrwxrwx 1 root root 24 Nov 18 11:38 gpg
-> /usr/local/gnupg/bin/gpg
lrwxrwxrwx 1 root root 24 Nov 22 18:23 gpg2
-> /usr/local/gnupg/bin/gpg

gnupg-1.3.92 is installed in '/usr/local/gnupg'.

When I remove the gpg2 link the OpenGPG support vanished in KMail (KMail
1.7.1, KDE 3.3.1). The icons are disabled etc... I just can't select it
anymore and it's doesn't working anymore.

What does that mean? B-)

--
So long... Fuzz