Discussion:
[Citrusdb-users] Configuring GPG Key
Ben Monypenny
2010-02-19 14:59:05 UTC
Permalink
Hi Paul,

Thanks for your extensive answer yesterday. It was very helpful.

I have been encountering problems configuring my gpg key.

I have created a 1024 bit GPG key using gpg --gen-key with option [1]
DSA and Elgamal and 0 as the expiration time (no expiry). This has
stored the following files in the /.gnupg folder:

gpg.conf
pubring.gpg
pubring.gpg~
random_seed
secring.gpg
trustdb.gpg

I have added the following in /include/config.inc.php:

$gpg_command = "/usr/bin/gpg --homedir /home/myuser/.gnupg --armor
--batch -e -r 'CitrusDB'"; <=====replaced CitrusDB here with 'Real Name'
field from gpg --gen-key command

$gpg_decrypt = "/usr/bin/gpg --homedir /home/myuser/.gnupg
--passphrase-fd 0 --yes --no-tty --skip-verify --decrypt";

$gpg_sign = "/usr/bin/gpg --homedir /home/myuser/.gnupg --passphrase-fd
0 --yes --no-tty --clearsign -u 'CitrusDB'"; <=====replaced CitrusDB
here with 'Real Name' field from gpg --gen-key command

When attempting to export a credit card batch in CitrusDB I have been
getting the error:

message_decrypt failed: eof

I opened up the permissions on the files in the /.gnupg folder but now I
get the error:

010-02-19Signature Error: error: gpg: WARNING: unsafe permissions on
homedir `/home/myuser/.gnupg'

Do you have any idea where I have been going wrong?

Many thanks,

Ben Monypenny
Paul Yasi
2010-02-19 15:32:46 UTC
Permalink
If you are running gpg inside a user that is not the same as the web
server's user then you'll need to suppress those permission warnings
by adding --no-permission-warning to your gpg command.

More info about this option and other options are available here:
http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Configuration-Options.html

Thanks for using citrus. And everyone using it for production data,
make sure you backup your private keys just in case! I'm almost more
paranoid of my losing the private key than losing the card data to
hackers.

Paul
Post by Ben Monypenny
Hi Paul,
Thanks for your extensive answer yesterday. It was very helpful.
I have been encountering problems configuring my gpg key.
I have created a 1024 bit GPG key using gpg --gen-key with option [1] DSA
and Elgamal and 0 as the expiration time (no expiry). This has stored the
gpg.conf
pubring.gpg
pubring.gpg~
random_seed
secring.gpg
trustdb.gpg
$gpg_command = "/usr/bin/gpg --homedir /home/myuser/.gnupg --armor --batch
-e -r 'CitrusDB'";    <=====replaced CitrusDB here with 'Real Name' field
from gpg --gen-key command
$gpg_decrypt = "/usr/bin/gpg --homedir /home/myuser/.gnupg --passphrase-fd 0
--yes --no-tty --skip-verify --decrypt";
$gpg_sign = "/usr/bin/gpg --homedir /home/myuser/.gnupg --passphrase-fd 0
--yes --no-tty --clearsign -u 'CitrusDB'";    <=====replaced CitrusDB here
with 'Real Name' field from gpg --gen-key command
When attempting to export a credit card batch in CitrusDB I have been
message_decrypt failed: eof
I opened up the permissions on the files in the /.gnupg folder but now I get
010-02-19Signature Error: error: gpg: WARNING: unsafe permissions on homedir
`/home/myuser/.gnupg'
Do you have any idea where I have been going wrong?
Many thanks,
Ben Monypenny
------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Citrusdb-users mailing list
https://lists.sourceforge.net/lists/listinfo/citrusdb-users
--
The CitrusDB Project | http://www.citrusdb.org
Open Source Customer Care & Billing System
Loading...