Hello,
how can i import keys from directory with gpa frontend?
i imported them manually in commandline in the private keys folder from gpg but nothing shows up. I tested if gpa frontend creates keys in that folder from gpg and gpg -k lists the keys created via frontend.
However if i copy the keys in the folder they dont show up in the frontend.
Can someone help me to import them, i cannot import them via GUI
I assume this is for verifying Qubes’ ISO from Windows. See if the following tutorial helps you verifying that: (not sure if it uses GPA)
another user suggested using keopatra instead:
@deeplow Fancy you should mention it, I’m in the middle of making a fast, easy and still mostly secure tutorial on a GUI way of verifying signatures for both Linux and windows.
No. im not verifying anything. I try to import keys from another maschine into GPA. With GUI it displays that i have no permission to the folder on the sd card. And if i import the keys via commandline into gpg2 homefolder nothing shows up in the gnu privacy assistent gui
I have no idea what GPA is, but you seem to provide the solution
yourself.
“it displays that i have no permission to the folder on the sd card”
This, together with the fact that your gpg imports don’t end up in the
GUI suggests to me that you have configured GPA to use a folder on the
SD card, and not the default gpg storage.
This may be deliberate.
Either fix the GPA configuration, fix the permission on the SD
folder you are using, or import the keys using:
gpg --import <key> --homedir <path to SD folder>
I changed file permissions but now it says it does not find any keys? Is that a problem that i only try to import the binary *.key Files and not backups?
I thought it is possible to generate public keys from master private key? I also try to import the subkeys that i have manually copied on sd card out of gpg homefolder from another machine.
Gnu Privacy Assistant is the graphical Keyring manager in Whonix.
Check Applications in qubes settings, you will find gpa, written in lower case letters, it is very likely to be overlooked. Importing keys to standard gpg homedir with import command also does not work(although it works with root rights for the terminal, the keys show up with gpg -k), nothing shows up in the graphical frontend(gpa)
I have nothing configured to use a sd card or usb as key storage, it is the standard configuration. Maybe it will be good if you take a look for yourself at the graphical frontend gpa
There’s little point in me installing Whonix or installing a graphical
key manager.
It would be helpful if you could say exactly what you have done step
by step, specifying what files you have copied to the SSD (It wasn’t
clear what role the SSD played in this).
Please don’t use “homefolder” - specify the path. Similarly, don’t say
“imported key” say " did FOO and selected BAR in the selection dialog".
And if there are error messages, write them out as they appear (unless
they are long inn which case select the section that says error or
warning). And please, don’t screenshot - I wont be able to help today
if you do.
We’ll get this sorted.
It comes pre-installed. You only have to attach it to your graphical entry shortcuts in applications menu and click on it, or just type in “gpa” without colons in terminal.
user@host:~/QubesIncoming/sys-usb$ ls
76274ECBA0A46B018FDD3365E6825649817B91FF.key
7DDEB0738B00F4DF2D112482050CCBF11F365F95.key
86D18BB41720B7939C5E9D644C18D8039B42DD36.key
ABAC88DA3808EF6D86936C780DACFA5455FBF017.key
E0185E1799C07C850A7E8D041E3E7E4822BFD393.key
E53CAB3A045256249407047C8787F8C049AEB655.key
FF6F27975D4990339FBEA0000910B878D3838CC5.key
user@host:~/QubesIncoming/sys-usb$ gpg --import *.key
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
user@host:~/QubesIncoming/sys-usb$ Do i have to use the --export -a command? Is it not possible to just copy the binarys from other machine?
Sry. Im just stupid. I solved it with export command. I looked in .key file and realized that nothing was in there.
If I may suggest something, maybe it’s best to avoid doing it on sys-usb is highly untrusted (see this picture). You can create a qube just for the verification process or do it on a disposableVM.
it depends on how it is used. i not used it before with other usb devices and i do not have any controllers on it, like network or super gaming keyboard with usb hub. also i have to use it or create another usb machine, because i do only have usb card reader
“It comes pre-installed.”
It isn’t installed in any of the templates I have.
It’s seems that the “keys” you are using have not been properly
exported from the other machine.
Generally, you just export using:
gpg --output unman.pub --export --armor <key identifier>
Then copy unman.pub to the other machine, and gpg --import unman.pub
You don’t need to use armor: binary format is fine for file transfers.
I’ll say again:
It would be helpful if you could say exactly what you have done step
by step, specifying what files you have copied to the SSD (It wasn’t
clear what role the SSD played in this).
Also, what versions of gpg are you running on the two machines?
Do you tried it? Have you typed in gpa in commandline in whonix-ws appvm? I just done cp first and tried copying private .key files from gnupg homefolder on sd and then tried moving it to another gnupg homefolder with mv. But this doesn’t worked. Also if i watched in the copied files, i realized that there was nothing in there.
I dont use Whonix.
Please say *exactly what you did, step by step.
You have chosen the opt-out on installation?
Ok, sry, i will try to be more precise in future.
I’m very sorry. It doesn’t came to my mind to mention. Im very very sorry… I would have known that it is not installed in every template.