JP Mens<p>For years now I’ve had a bit of a bee under my cap: would it be possible to unlock a Vault file with a GnuPG-compatible smart card? And what if the smart card were local and the unlocking had to be triggered remotely?</p><p>Forwarding GnuPG agent over SSH</p><p><a href="https://jpmens.net/2025/04/04/forwarding-gnupg-agent-over-ssh/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jpmens.net/2025/04/04/forwardi</span><span class="invisible">ng-gnupg-agent-over-ssh/</span></a></p><p><a href="https://mastodon.social/tags/gpg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gpg</span></a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ansible</span></a></p><p>Edit: I have amended the sentence regarding distinct machines. Works fine on two different Linux boxes.</p>
lepoulsdumonde.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Small french Mastodon instance for friends, family and useful bots
Administered by:
Server stats:
52active users
lepoulsdumonde.com: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.4
#gpg
3 posts · 2 participants · 0 posts today
JP Mens<p>Overriding GnuPG's PIN entry</p><p><a href="https://jpmens.net/2025/04/04/overriding-gnupg-s-pin-entry/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jpmens.net/2025/04/04/overridi</span><span class="invisible">ng-gnupg-s-pin-entry/</span></a></p><p><a href="https://mastodon.social/tags/gpg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gpg</span></a></p>
Preston Maness ☭<p><span class="h-card" translate="no"><a href="https://mastodon.ml/@Xeniax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Xeniax</span></a></span> Totally nerdsniped :D I'd love to be a part of the study.</p><p>I don't think that <a href="https://tenforward.social/tags/KeyServers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeyServers</span></a> are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at <a href="https://keys.openpgp.org/about" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org/about</span><span class="invisible"></span></a> . More generally, I believe that <a href="https://tenforward.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> / <a href="https://tenforward.social/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> / <a href="https://tenforward.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like <a href="https://tenforward.social/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a>, <a href="https://tenforward.social/tags/SignalMessenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SignalMessenger</span></a>) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the <a href="https://tenforward.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeyOxide</span></a> project).</p><p>Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: <a href="https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crypto.stackexchange.com/quest</span><span class="invisible">ions/9268/is-asynchronous-perfect-forward-secrecy-possible</span></a>).</p><p>To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with <a href="https://tenforward.social/tags/PKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PKI</span></a> leaves me green with envy.</p>
Nonilex<p>“Unless you are using <a href="https://masto.ai/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a>, email is not end-to-end encrypted, & the contents of a message can be intercepted & read at many points, including on Google’s email servers,” said Eva Galperin, director of <a href="https://masto.ai/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> at the Electronic Frontier Foundation.<br>
<a href="https://masto.ai/tags/NationalSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NationalSecurity</span></a> experts have expressed alarm over the <a href="https://masto.ai/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a> admin’s denial that the leaked <a href="https://masto.ai/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> chat contained <a href="https://masto.ai/tags/classified" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>classified</span></a> information.</p><p><a href="https://masto.ai/tags/Gmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gmail</span></a> <a href="https://masto.ai/tags/Signalgate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signalgate</span></a> <a href="https://masto.ai/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> <a href="https://masto.ai/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://masto.ai/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://masto.ai/tags/military" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>military</span></a> <a href="https://masto.ai/tags/idiocracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>idiocracy</span></a> <a href="https://masto.ai/tags/kakistocracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kakistocracy</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload