| Yubico Forum https://forum.yubico.com/ |
|
| Windows Kleopatra and decrypting / signing email? https://forum.yubico.com/viewtopic.php?f=26&t=2512 |
Page 1 of 1 |
| Author: | jero0en [ Thu Dec 29, 2016 8:11 pm ] |
| Post subject: | Windows Kleopatra and decrypting / signing email? |
Hi, I want to decrypt and sign email and use my NEO for SSH logons. I've mostly used the tutorial @<https://github.com/drduh/YubiKey-Guide>. Actions and results:
- Keys:
- Encryption key on NEO. - Signing key on NEO. - Authentication key on NEO.
- Installed Kleopatra and GPG agent on Windows 10. - Logons to Ubuntu with PuTTY and NEO work: success!
- gpg --card-status etc.: success. - gpg encryptedmessage.asc: success. So the NEO is used for decryption. In short: the setup seems to work perfectly fine. However I've got a problem: I cannot get Kleopatra to work with the NEO setup. What I've tried - similar to above but in Kleopatra:
- Decrypt encryptedmessage.asc (same file as above): "Verification failed: general error". Question: how can I get Kleopatra to work with my NEO? Thanks, Jeroen |
|
| Author: | Mathieulh [ Fri Jan 20, 2017 11:18 am ] |
| Post subject: | Re: Windows Kleopatra and decrypting / signing email? |
jero0en wrote: Hi, I want to decrypt and sign email and use my NEO for SSH logons. I've mostly used the tutorial @<https://github.com/drduh/YubiKey-Guide>. Actions and results:
- Keys:
- Encryption key on NEO. - Signing key on NEO. - Authentication key on NEO.
- Installed Kleopatra and GPG agent on Windows 10. - Logons to Ubuntu with PuTTY and NEO work: success!
- gpg --card-status etc.: success. - gpg encryptedmessage.asc: success. So the NEO is used for decryption. In short: the setup seems to work perfectly fine. However I've got a problem: I cannot get Kleopatra to work with the NEO setup. What I've tried - similar to above but in Kleopatra:
- Decrypt encryptedmessage.asc (same file as above): "Verification failed: general error". Question: how can I get Kleopatra to work with my NEO? Thanks, Jeroen -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 You clearly need to read up on PGP. Encrypting is done with the public key (which you did import, though you could have done this an easier way using the fetch command along with the gpg --card-edit if you did set url to your key) Decrypting is however done with the private subkey (which is supposed to be stored on your card Try doing the following: Upload your public key somewhere (preferably a keyserver such as pgp.mit.edu or keybase.io) Set the url to your pgp card/yubikey using the gpg --card-edit command, then the admin command and finally the url command. Delete your key entirely from your computer (public and private stubs) Use gpg --card-edit command then fetch command Finally use the gpg --card-status command -----BEGIN PGP SIGNATURE----- iQFfBAEBCgBJQhxNYXRoaWV1IEhFUlZBSVMgKEdlbmVyYXRlZCBmb3IgWXViaWtl eSBORU8pIDxtYXRoaWV1bGhAZ21haWwuY29tPgUCWIHjqwAKCRCmuJwc9wJSCM+D B/9GoHl7sycgDcHke3FwfTr1YI65EZb34HepmkcPxUnwHxRykTHbGU3PK27x0vOV UzfNNc/C3bvWm2UXfaM2b00vDws1n/L8TN63dm6AY42RM2MWjB9MEd2AsMn8zIMR wpZQAoqKgMgTCFQTuC11P4gMAGzzrMzjm2WebqD3oCnTNRrvBLLiyS7e08BTRGKN 6zYRu+aDU2PJfRk8C0x3UBWfPtrcAOncNf/4a3yKKyFV4B7DotAgKaHvGT4Wbnre 67Aerkl0LENGLb5iDJa46ZvAkpGOI1FMleEmf+oZ/bP2lZ2OiX3D3WIhMm6mdKN5 XLAt7/qufEsy9l3k7bIUmtZ4 =yF3X -----END PGP SIGNATURE----- |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|