- #Gpg suite export kleopatra full#
- #Gpg suite export kleopatra code#
Kleopatra, GnuPG: Can now directly import secret keys exported from Symantec PGP Desktop. Kleopatra: Shows the embedded, encrypted, file name if it differs from the actual file name. Kleopatra: Generating keys on OpenPGP Smartcards works again. Kleopatra: Startup time has been slightly improved. Kleopatra: It is now possible to generate keys without signing capability. Kleopatra: Secret key backup has been simplified. Kleopatra: When importing from X509 directory services trusted-certs from dirmngr are also used. Kleopatra: An issue has been fixed that could cause Kleopatra to generate broken TAR archives. 
GPA: Fixed regressions from 3.1.6 that could lead to crashes. Kleopatra: Fixed a regression from 3.1.6 that broke secret key export, keyserver refresh and keyserver upload. (T4607) See: for an alternative to the keyservers. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. GnuPG: Ignore all key-signatures received from keyservers. GpgOL: Fixed a possible plaintext leak to the mail server, which could occur when opening and closing mails while the mail was also visible in the message list. The new option -allow-weak-key-signatues can be used to override the new and safer behaviour. Note that this includes all key signature created with DSA-1024 keys. This change removes all SHA-1 based key signature newer than from the web-of-trust. GnuPG: Prepare against chosen-prefix SHA-1 collisions in key signatures. GnuPG: Network access is now much faster if IPv6 is not available. Kleopatra: The Smartcard Management now also works for OpenPGP 3 cards e.g. Kleopatra: There is now an error message when a key could not be found during file encryption. They can be used to group or search keys by additional information. #Gpg suite export kleopatra full#
Tags are shown which are made by any user that has full ceritification trust. Kleopatra: New Feature "Search Tags": When certifying a user identity you can now add additional "Tags".Kleopatra: The certify dialog has been reworked to be more user friendly and require less clicks.GpgOL: The security approval dialog now has additional info buttons to show extended information.GpgOL: Fixed a rare case where GpgOL could crash when opening a Mail from the file system.GpgOL: Saving E-Mails as files now also works when the mail is opened in its own Window.GpgOL: E-Mails are no longer always classified as HTML.GpgOL: There is now an additional configuration option to always show the security approval dialog, even with full automation.GpgOL / Kleopatra: The GnuPG-System config page can now be hidden.GpgOL: E-Mails which are too large to fully decrypt / verify on a Server with E-Mail size limits are now handled with a proper error.GpgOL: Improved compatibility with other clients for S/MIME e.g.Walfiel section 6.3.8 (creating a backup). Reference: An Advanced Introduction to GnuPG, Neal H. Remember that if you keep your private keys and revocation certificates in one device, an attacker can revoke your public key and issue a new one claiming to be you.
#Gpg suite export kleopatra code#
You may consider to print revocation certificates as a QR code ( qrencode) or instead, print out secret keys with the utility paperkey (see reference).
If I understand correctly, the quickest way would be using tar to backup the whole ~/.gnupg except revocation certificates ~/.gnupg/openpgp-revocs.d/. Of course, you should backup your secret keys as well. It suggests also to backup the ownertrust gpg -export-ownertrust > otrust.txt
~/.gnupg/openpgp-revocs.d/ (revocation certificates). ~/.gnupg/pubring.kbx (new public keyring using keybox format). ~/.gnupg/pubring.gpg (legacy public keyring). ~/.gnupg/gpg.conf (standard configuration file). In addition to answer, check the documentation of gnupg.
0 kommentar(er)
