gnupg on a USB flash drive
 

I wasn't sure if this belonged in the software category, but it feels like a newbie question.

I am currently running Fedora (core 1) and trying to get gnupg and a USB flash drive to play nicely together. My goal is to have the gpg home directory on the flash drive so I can take it anywhere, and the secret key is not stored on the local machine.

gpg is up and working correctly. The flash drive is working correctly. Thanks to a bit of searching here, I finally found the correct value to set for umask in /etc/fstab to have only u+a permissions. Knowing the two work separately, I would like to get them to work together.

Running gpg --homedir /[flash drive mount directory] --gen-key yields the following results:

[snipped good output]
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++++++++..+++++++++++++++++++++++++++++++++
gpg: lock not made: link() failed: Operation not permitted
gpg: can't lock `/mnt/flashdrive/.gnupg/pubring.gpg'
gpg: lock not made: link() failed: Operation not permitted
gpg: can't lock `/mnt/flashdrive/.gnupg/secring.gpg'
gpg: error writing public keyring `/mnt/flashdrive/.gnupg/pubring.gpg': general error
Key generation failed: general error
[ed@nibble ed]$

I'm not exactly sure what the problem is. Is gpg having a problem "securely" locking the flash drive for writing the key? This doesn't immediately appear to be the answer, as if so I would expect a more descriptive output (similar to the "insecure memory" message if it cannot lock memory pages). I'm guessing this is a "system" problem with accessing the flash drive, but can't figure it out. Interestingly, the pubring and secring files do appear in the directory after this operation completes, but they are both empty files.

I don't initially believe it is a permission problem, as the same error arises when the fstab has umask=0, which allows rwx for all.

This is the first time I haven't been able to at least find another mention of the problem by doing a web search. I must not be searching for the correct string. Many thanks for any help. I'd be tickled to get this to work.

-Ed

This may be completely irrelevant to the problem:

Is the usb drive formated with vfat?
Does the vfat software support the type of lock that gpg is trying to set?

Perhaps creating a file, and using it as an image to format it with ext2, and saving the key in this file system would solve the problem?

I assume that it is vfat formatted. The drive was originally used on a Win2000 machine. As for the vfat software supporting the type of lock...I have no idea. I do not know what type of lock the program is trying to set. In fact, I have not been able to find a reference to this error on any site related to gnupg. There is a German site that explains how to set up the flash drive, but it doesn't go into this error at all (translated it through babelfish). Since I haven't been able to locate this error on any web site explaining gnupg use, I think it has something to do with a filesystem lock (hence the somewhat cryptic message for a fairly new guy like me).

I'm not exactly sure what you are saying with the last part (using a file as an image to formate the memory stick?). I'll do some searching and try that route. Ultimately I would like to be able to use the memory stick on Windows and Linux, which lead me to believe it would need to remain FAT-format. However, I would at least like to get it working on the Linux box first, and this may be a good way to try a different route and isolate the problem.

Many thanks for your help!!! It isn't often that I run into a problem like this that isn't explained on a web site somewhere. I thought I had some sort of funky setup. I'll let you know what I find out.