Mail Archives: cygwin/2006/12/19/22:10:26
--------------enigDD28310B8C09046B1D806153
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hi bjf,
> I am having trouble when importing Keys with the GnuPG package distributed
> with cygwin. I continue to get the same warning. I have searched for th=
is
> warning and have found a solution on uinx environments, however, it will =
not
> work with cygwin. Is there any way around this solution. The following =
is
> the warning and the fix:
>=20
> $ gpg --import KEYS
> $ gpg: WARNING: using insecure memory!
> $ gpg: please see http://www.gnupg.org/faq.html for more information
> --imports all the the keys
>=20
> so I go check out the link and this is the explanation:
>=20
> Fix to: Why do I get "gpg: Warning: using insecure memory!"
>=20
> On many systems this program should be installed as setuid(root). This is
> necessary to lock memory pages. Locking memory pages prevents the operati=
ng
> system from writing them to disk and thereby keeping your secret keys rea=
lly
> secret. If you get no warning message about insecure memory your operating
> system supports locking without being root. The program drops root
> privileges as soon as locked memory is allocated.
>=20
> To setuid(root) permissions on the gpg binary you can either use:
>=20
> $ chmod u+s /path/to/gpg
>=20
> or
>=20
> $ chmod 4755 /path/to/gpg=20
>=20
> I don't want to put everything done on this page, but there is a statement
> that says:
> "On some systems (e.g., Windows) GnuPG does not lock memory pages and old=
er
> GnuPG versions (<=3D1.0.4) issue the warning:"
>=20
> $ gpg: Please note that you don't have secure memory
>=20
> But that is not the response I see. Anyway, I have thoroughly searched f=
or
> a fix and the solutions are all the same as the above.
It is a warning, it notifies you that you are using unsecure memory on
an inherently insecure operating system, commonly known as Windows.
> Any help would greatly appreciated.
Switch it off. Try `man gpg` and search for "insecure". You'll
find:
--no-secmem-warning
Suppress the warning about "using insecure memory".
or put no-secmem-warning in your gpg.conf.
This is not really a cygwin problem. Using a better OS also fixes this
"problem".
Volker
--=20
PGP/GPG key (ID: 0x9F8A785D) available from wwwkeys.de.pgp.net
key-fingerprint 550D F17E B082 A3E9 F913 9E53 3D35 C9BA 9F8A 785D
--------------enigDD28310B8C09046B1D806153
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MinGW)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFiKmLPTXJup+KeF0RArWKAKDLl7mygn3PofPtQqriGC5xed/uUgCfTIPE
NuE3/+0rnHawg7vbeh2yyb8=
=voK2
-----END PGP SIGNATURE-----
--------------enigDD28310B8C09046B1D806153--
- Raw text -