HPE Community
Operating System - HP-UX
1752795 Members
5758 Online
108789 Solutions
New Discussion юеВ

Re: Need Help on GPG on HP-UX

 
SOLVED
Go to solution
Gaby1110
Frequent Advisor

тАО01-27-2010 08:25 PM

тАО01-27-2010 08:25 PM

Need Help on GPG on HP-UX

Hi,

We have installed GPG (gnupg-2.0.12-ia64-11.31.depot) on our HP-UX 11.31 machine and trying to run the command as below. Currently there are two issues, the encrypt is giving some message about key and is asking for overwrite.

We want to run this command non-interactively, need to figure out what options we need to use to run in quite mode.

$/usr/local/bin/gpg2 --encrypt -r cefs_prod im090715.txt
Warning: using insecure memory!
gpg: C0A382A8: There is no assurance this key belongs to the named user

pub 1024g/C0A382A8 2002-04-19 cefs_prod
Primary key fingerprint: 3CC4 39A2 902E 510F FBE5 0179 CAAD BBB3 9F1A 5AE4
Subkey fingerprint: C9F3 BCD9 F44C F499 402D 6528 7C48 F3FE C0A3 82A8

It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
File `im090715.txt.gpg' exists. Overwrite? (y/N) y

< oracrmdv@: /home/oracrmdv >


And the syntax we need to work is as below.


/usr/bin/pgp --encrypt --user \"%s\" --output %s/%s --overwrite %s/%s"

sprintf(pgpCommand,"/usr/bin/pgp --encrypt --user \"%s\" --output %s/%s --overwrite %s/%s"
,pUserID
,pDestDirectory
,pDestFilename
,pSrcDirectory
,pSrcFilename);
/*


Please help.

Thanks
Gaby
0 Kudos
15 REPLIES 15
Steven Schweda
Honored Contributor

тАО01-27-2010 09:26 PM

тАО01-27-2010 09:26 PM

Re: Need Help on GPG on HP-UX

To the extent that I use it at all, which is
not much, I'm more of a GnuPG 1.x user, so I
know nothing, but ...

A Google search for the "no assurance"
message worked for me.


> [...] Overwrite? (y/N)

"Doctor, it hurts when I do this."

"Don't do that."

If you deleted the intended output file
first, then I'd expect that you wouldn't get
the warning/query about overwriting it.
0 Kudos
Matti_Kurkela
Honored Contributor

тАО01-27-2010 11:26 PM

тАО01-27-2010 11:26 PM

Re: Need Help on GPG on HP-UX

PGP (and its successor gpg) measure the reliability of keys' ownership information by examining the signatures on the keys. A key is trusted if you're signed it yourself, or if the key has a signature from a person you already trust (i.e. you have his/her public key with a trusted signature).

If everyone used PGP/GPG, this would eventually build up into a complex "Web of Trust".

But if you're setting up an "one-to-one" type data transfer, this is not going to happen. You will need to tell GPG that you actually are certain the key belongs to whoever/whatever it's supposed to. This can be done by signing the cefs_prod public key that is in your GPG keyring. You can use a "local signature": it won't be exported along with the key if you later forward the cefs_prod key to someone else, but it is sufficient to make GPG trust the key.

See the GPG documentation on how to sign the key.

For your second problem, there is a wrapper that can convert PGP commands to GPG syntax:
http://www.nessie.de/mroth/pgpgpg/

But if you have the source code for your PGP-using application (as evidenced by the sprintf command in your message), it might be easier to change the code to use GPG natively.

MK
MK
0 Kudos
Gaby1110
Frequent Advisor

тАО01-31-2010 09:45 PM

тАО01-31-2010 09:45 PM

Re: Need Help on GPG on HP-UX

Hi MK and Steven,

Thanks for your response.

I don't know much about the GPG. Could you please let me know if it is possible to
to run this command non-interactively,

$/usr/local/bin/gpg2 --encrypt -r cefs_prod im090715.txt

Is there any options we need to use to run it in quite mode so that we can put it in the script and we sud not get the overwrite option below

Use this key anyway? (y/N) y
File `im090715.txt.gpg' exists. Overwrite? (y/N) y


Thanks again,

Gaby
0 Kudos
Michael Steele_2
Honored Contributor

тАО01-31-2010 11:27 PM

тАО01-31-2010 11:27 PM

Re: Need Help on GPG on HP-UX

Hi

GPG is usually one of two commands used together to accomplish a file transfer, i.e., ftp. 'ftp' however has some drawbacks so its more common to see 'cur' used instead.

http://curl.haxx.se/docs/manpage.html

http://curl.haxx.se/libcurl/c/libcurl-errors.html

This is a two step process. Exchanging keys is the first. Usually your alternate, i.e., a bank, will have a procedure for you to follow: Bank of America login id, password, download instructions, execute.

http://curl.haxx.se/docs/manual.html
Support Fatherhood - Stop Family Law
0 Kudos
Gaby1110
Frequent Advisor

тАО02-01-2010 12:55 AM

тАО02-01-2010 12:55 AM

Re: Need Help on GPG on HP-UX

Hi Michael,

Thanks for the reponse. We need to use only GPG on HP-Ux as per our application requirement.

Could you please help me on my issue on HP-UX....

Thanks again,
Gaby
0 Kudos
Michael Steele_2
Honored Contributor

тАО02-01-2010 02:40 AM

тАО02-01-2010 02:40 AM

Re: Need Help on GPG on HP-UX

Download here:

http://hpux.connect.org.uk/hppd/cgi-bin/search?package=on&description=on&term=curl
Support Fatherhood - Stop Family Law
0 Kudos
Michael Steele_2
Honored Contributor

тАО02-01-2010 02:41 AM

тАО02-01-2010 02:41 AM

Re: Need Help on GPG on HP-UX

Gaby

Type curl into the HP search engine and see what you get.
Support Fatherhood - Stop Family Law
0 Kudos
Steven Schweda
Honored Contributor

тАО02-01-2010 04:33 AM

тАО02-01-2010 04:33 AM

Re: Need Help on GPG on HP-UX

> GPG is usually one of two commands used
> together to accomplish a file transfer,
> i.e., ftp. [...]

This is nonsense. GPG (GnuPG) is entirely
unrelated to file transfers.

http://gnupg.org/

> Download here:
> [...]

And it's particularly unrelated to cURL.

> Type curl into the HP search engine and see
> what you get.

Do you mean, "even more confused"?

"GnuPG" and "cURL" are spelled differently
for a reason. They're different. They're
not even related. (One person _can_ use both
programs, but they're still unrelated.)


> Is there any options we need to use [...]

If GnuPG offers command-line options to solve
these problems, then I'm not aware of them.
Matti Kurkela already pointed you to a way to
stop the "Use this key anyway?" problem. I
already suggested a way to avoid the "exists.
Overwrite?" problem.

Is there something in the GnuPG documentation
which is unclear?

http://www.gnupg.org/documentation/index.en.html
0 Kudos
Steven Schweda
Honored Contributor

тАО02-01-2010 05:15 AM

тАО02-01-2010 05:15 AM

Re: Need Help on GPG on HP-UX

> And it's particularly unrelated to cURL.

Strictly speaking, GnuPG _can_ be built using
the cURL _library_, to allow some fancy key
file transfers, so there is actually some
potential relationship between GnuPG and the
cURL _library_, and with (key) file
transfers, but that's a pretty tenuous (and
optional) connection, I claim. And
downloading some cURL kit will provide no
benefit for the problems cited in the
original question here.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.