tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/27475-determine-gpg-algorithmGPGTools: Discussion 2014-10-21T14:05:04Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/346500472014-09-23T16:49:42Z2014-09-23T16:49:43ZDetermine GPG Algorithm<div><p>Posting encryption and decryption commands used by the
scripts:</p>
<p>Encryption command is: gpg --output "${filename}_${rhost}.gpg"
--encrypt --recipient $recipient $filename</p>
<p>Decryption command is pipelined to a sqlldr statement - here's
the decryption half: echo ${passphrase_value} | gpg --batch
--passphrase-fd 0 --recipient ${recipient_value} --decrypt
\'${file}\'|</p></div>Paultag:gpgtools.tenderapp.com,2011-11-04:Comment/346500472014-09-29T21:43:59Z2014-09-29T21:44:01ZDetermine GPG Algorithm<div><p>You can close this. Co-worker helped me solve with following
commands.</p>
<p>$ sudo su - useracct</p>
<p>$ export GNUPGHOME=/home/useracct/.gnupg</p>
<p>$ gpg --list-keys gpg: WARNING: using insecure memory!<br>
gpg: please see <a href=
"http://www.gnupg.org/faq.html">http://www.gnupg.org/faq.html</a>
for more information</p>
<h2><a class="anchor" name="-home-useracct-gnupg-pubring-gpg" href=
"#-home-useracct-gnupg-pubring-gpg"></a>/home/useracct/.gnupg/pubring.gpg</h2>
<p>pub 1024D/19639D5B 2009-11-04<br>
uid useracct <<a href=
"mailto:useracct_ourhost@ourcom.com">useracct_ourhost@ourcom.com</a>><br>
sub 1024g/965690C3 2009-11-04</p>
<p>bash-3.2$ gpg --edit-key <a href=
"mailto:useracct_ourhost@ourcom.com">useracct_ourhost@ourcom.com</a><br>
gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation,
Inc.<br>
This program comes with ABSOLUTELY NO WARRANTY.<br>
This is free software, and you are welcome to redistribute it<br>
under certain conditions. See the file COPYING for details.</p>
<p>gpg: WARNING: using insecure memory!<br>
gpg: please see <a href=
"http://www.gnupg.org/faq.html">http://www.gnupg.org/faq.html</a>
for more information</p>
<p>pub 1024D/19639D5B created: 2009-11-04 expires: never usage:
SC<br>
trust: unknown validity: full sub 1024g/965690C3 created:
2009-11-04 expires: never usage: E<br>
<a href="1">full</a> . useracct <<a href=
"mailto:useracct_ourhost@ourcom.com">useracct_ourhost@ourcom.com</a>></p>
<p>Command> showpref<br>
<a href="1">full</a> . useracct <<a href=
"mailto:useracct_ourhost@ourcom.com">useracct_ourhost@ourcom.com</a>>
Cipher: AES256, AES192, AES, CAST5, 3DES Digest: SHA1, SHA256,
RIPEMD160 Compression: ZLIB, BZIP2, ZIP, Uncompressed Features:
MDC, Keyserver no-modify</p>
<p>Command> quit</p>
<p>So the default algorithm for the gpg we’re using is
AES256. The keys are 1024bit DSA keys. The Sys Admin that got me
this info said the new minimum for most security audits is 2048
bits so these keys may need to be recreated.</p></div>Paultag:gpgtools.tenderapp.com,2011-11-04:Comment/346500472014-10-02T19:06:38Z2014-10-02T19:06:38ZDetermine GPG Algorithm<div><p>Paul, glad you where able to figure this out yourself.</p>
<p>For such questions the gnupg users mailing list is always very
responsive and helpful.</p>
<p>All the best,<br>
steve</p></div>Steve