gnupg on a USB flash drive
I wasn't sure if this belonged in the software category, but it feels like a newbie question.
I am currently running Fedora (core 1) and trying to get gnupg and a USB flash drive to play nicely together. My goal is to have the gpg home directory on the flash drive so I can take it anywhere, and the secret key is not stored on the local machine. gpg is up and working correctly. The flash drive is working correctly. Thanks to a bit of searching here, I finally found the correct value to set for umask in /etc/fstab to have only u+a permissions. Knowing the two work separately, I would like to get them to work together. Running gpg --homedir /[flash drive mount directory] --gen-key yields the following results: [snipped good output] We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. ++++++++++++++++++++..+++++++++++++++++++++++++++++++++ gpg: lock not made: link() failed: Operation not permitted gpg: can't lock `/mnt/flashdrive/.gnupg/pubring.gpg' gpg: lock not made: link() failed: Operation not permitted gpg: can't lock `/mnt/flashdrive/.gnupg/secring.gpg' gpg: error writing public keyring `/mnt/flashdrive/.gnupg/pubring.gpg': general error Key generation failed: general error [ed@nibble ed]$ I'm not exactly sure what the problem is. Is gpg having a problem "securely" locking the flash drive for writing the key? This doesn't immediately appear to be the answer, as if so I would expect a more descriptive output (similar to the "insecure memory" message if it cannot lock memory pages). I'm guessing this is a "system" problem with accessing the flash drive, but can't figure it out. Interestingly, the pubring and secring files do appear in the directory after this operation completes, but they are both empty files. I don't initially believe it is a permission problem, as the same error arises when the fstab has umask=0, which allows rwx for all. This is the first time I haven't been able to at least find another mention of the problem by doing a web search. I must not be searching for the correct string. Many thanks for any help. I'd be tickled to get this to work. -Ed |
This may be completely irrelevant to the problem:
Is the usb drive formated with vfat? Does the vfat software support the type of lock that gpg is trying to set? Perhaps creating a file, and using it as an image to format it with ext2, and saving the key in this file system would solve the problem? |
Quote:
I'm not exactly sure what you are saying with the last part (using a file as an image to formate the memory stick?). I'll do some searching and try that route. Ultimately I would like to be able to use the memory stick on Windows and Linux, which lead me to believe it would need to remain FAT-format. However, I would at least like to get it working on the Linux box first, and this may be a good way to try a different route and isolate the problem. Many thanks for your help!!! It isn't often that I run into a problem like this that isn't explained on a web site somewhere. I thought I had some sort of funky setup. I'll let you know what I find out. |
All times are GMT -5. The time now is 05:53 PM. |