diff --git a/.gitignore b/.gitignore index eb3806e9c..f1afc9c57 100644 --- a/.gitignore +++ b/.gitignore @@ -27,6 +27,7 @@ po/en@boldquot.po po/en@quot.insert-header po/en@quot.po po/stamp-po +po/remove-potcdate.sed agent/gpg-agent agent/gpg-preset-passphrase agent/gpg-protect-tool @@ -45,6 +46,7 @@ common/t-percent common/t-session-env common/t-sexputil common/t-sysutils +common/t-ssh-utils doc/addgnupghome.8 doc/applygnupgdefaults.8 doc/faq.html @@ -104,6 +106,11 @@ tests/openpgp/pubring.gpg tests/openpgp/pubring.pkr tests/openpgp/secring.gpg tests/openpgp/secring.skr +tests/openpgp/*.log +tests/openpgp/trustdb.gpg +tests/openpgp/z +tests/openpgp/gpg.conf +tests/openpgp/random_seed tests/pkits/ReadMe.txt tests/pkits/certpairs/ tests/pkits/certs/ diff --git a/ChangeLog b/ChangeLog index 3dca03c73..28dab025c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2011-08-04 Werner Koch + Release 2.0.18. + * configure.ac: Fix usage of AC_LANG_PROGRAM. (AC_CHECK_HEADERS): Check for utmp.h. diff --git a/NEWS b/NEWS index efa83450a..540bf8d6a 100644 --- a/NEWS +++ b/NEWS @@ -1,15 +1,15 @@ -Noteworthy changes in version 2.0.18 (unreleased) +Noteworthy changes in version 2.0.18 (2011-08-04) ------------------------------------------------- - * Allow generation of card keys up to 4096 bit. - * Bug fix for newer versions of Libgcrypt. - * Support the SSH confirm flag and show SSH fingerprint in ssh + * Support the SSH confirm flag and show SSH fingerprints in ssh related pinentries. * Improved dirmngr/gpgsm interaction for OCSP. + * Allow generation of card keys up to 4096 bit. + Noteworthy changes in version 2.0.17 (2011-01-13) ------------------------------------------------- diff --git a/configure.ac b/configure.ac index f26ae94ae..9be244b6b 100644 --- a/configure.ac +++ b/configure.ac @@ -25,7 +25,7 @@ min_automake_version="1.10" # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [2.0.18]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \ | sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) diff --git a/doc/Makefile.am b/doc/Makefile.am index c0e225138..2be818e82 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -6,12 +6,12 @@ # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. -# +# # GnuPG is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program; if not, see . @@ -44,7 +44,7 @@ info_TEXINFOS = gnupg.texi dist_pkgdata_DATA = qualified.txt com-certs.pem $(helpfiles) nobase_dist_doc_DATA = FAQ DETAILS HACKING TRANSLATE OpenPGP KEYSERVER \ - $(examples) + $(examples) gnupg_TEXINFOS = \ @@ -128,14 +128,13 @@ gnupg.texi : $(gnupg_TEXINFOS) online: gnupg.html gnupg.pdf set -e; \ echo "Uploading current manuals to www.gnupg.org ..."; \ - cp gnupg-logo.png gnupg.html/; \ + cp $(srcdir)/gnupg-logo.png gnupg.html/; \ user=werner ; dashdevel="" ; \ - if echo "@PACKAGE_VERSION@" | grep -- "-svn" >/dev/null; then \ + if echo "@PACKAGE_VERSION@" | grep -- "-git" >/dev/null; then \ dashdevel="-devel" ; \ else \ rsync -v gnupg.pdf $${user}@cvs.gnupg.org:webspace/manuals/ ; \ fi ; \ cd gnupg.html ; \ rsync -vr --exclude='.svn' . \ - $${user}@cvs.gnupg.org:webspace/manuals/gnupg$${dashdevel}/ - + $${user}@cvs.gnupg.org:webspace/manuals/gnupg$${dashdevel}/ diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index 2bd957287..73fa2ef38 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -2,7 +2,7 @@ @c This is part of the GnuPG manual. @c For copying conditions, see the file gnupg.texi. -@c Note that we use this texinfo file for all versions of GnuPG: +@c Note that we use this texinfo file for all versions of GnuPG: @c 2.0 and 2.1. The macro "gpgtwoone" controls parts which are only @c valid for GnuPG 2.1 and later. @@ -26,23 +26,23 @@ .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] +.RI [ options ] .br .B gpg-agent .RB [ \-\-homedir .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] -.B \-\-server +.RI [ options ] +.B \-\-server .br .B gpg-agent .RB [ \-\-homedir .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] -.B \-\-daemon +.RI [ options ] +.B \-\-daemon .RI [ command_line ] @end ifset @@ -106,7 +106,7 @@ fi It reads the data out of the file and exports the variables. If you don't use Secure Shell, you don't need the last two export statements. @end ifclear - + @noindent You should always add the following lines to your @code{.bashrc} or whatever initialization file is used for all shell invocations: @@ -235,7 +235,7 @@ a numeric value or a keyword: @item none No debugging at all. A value of less than 1 may be used instead of the keyword. -@item basic +@item basic Some basic debug messages. A value between 1 and 2 may be used instead of the keyword. @item advanced @@ -263,8 +263,8 @@ usual C-Syntax. The currently defined bits are: @table @code @item 0 (1) X.509 or OpenPGP protocol related data -@item 1 (2) -values of big number integers +@item 1 (2) +values of big number integers @item 2 (4) low level crypto operations @item 5 (32) @@ -348,6 +348,14 @@ Allow clients to mark keys as trusted, i.e. put them into the @file{trustlist.txt} file. This is by default not allowed to make it harder for users to inadvertently accept Root-CA keys. +@ifset gpgtwoone +@anchor{option --allow-loopback-pinentry} +@item --allow-loopback-pinentry +@opindex allow-loopback-pinentry +Allow clients to use the loopback pinentry features; see the option +@option{pinentry-mode} for details. +@end ifset + @item --ignore-cache-for-signing @opindex ignore-cache-for-signing This option will let @command{gpg-agent} bypass the passphrase cache for all @@ -398,7 +406,7 @@ to 1. Check the passphrase against the pattern given in @var{file}. When entering a new passphrase matching one of these pattern a warning will be displayed. @var{file} should be an absolute filename. The default is -not to use any pattern file. +not to use any pattern file. Security note: It is known that checking a passphrase against a list of pattern or even against a complete dictionary is not very effective to @@ -408,7 +416,7 @@ behavior and optionally to run a passphrase cracker regularly on all users passphrases to catch the very simple ones. @item --max-passphrase-days @var{n} -@opindex max-passphrase-days +@opindex max-passphrase-days Ask the user to change the passphrase if @var{n} days have passed since the last change. With @option{--enforce-passphrase-constraints} set the user may not bypass this check. @@ -477,10 +485,10 @@ option has been enabled. @itemx --lc-ctype @var{string} @itemx --lc-messages @var{string} @itemx --xauthority @var{string} -@opindex display -@opindex ttyname -@opindex ttytype -@opindex lc-ctype +@opindex display +@opindex ttyname +@opindex ttytype +@opindex lc-ctype @opindex lc-messages @opindex xauthority These options are used with the server mode to pass localization @@ -563,7 +571,7 @@ agent. By default they may all be found in the current home directory two dashes may not be entered and the option may not be abbreviated. This file is also read after a @code{SIGHUP} however only a few options will actually have an effect. This default name may be - changed on the command line (@pxref{option --options}). + changed on the command line (@pxref{option --options}). You should backup this file. @item trustlist.txt @@ -576,21 +584,21 @@ agent. By default they may all be found in the current home directory allows to cut and paste the fingerprint from a key listing output. If the line is prefixed with a @code{!} the key is explicitly marked as not trusted. - + Here is an example where two keys are marked as ultimately trusted and one as not trusted: - + @example # CN=Wurzel ZS 3,O=Intevation GmbH,C=DE A6935DD34EF3087973C706FC311AA2CCF733765B S - + # CN=PCA-1-Verwaltung-02/O=PKI-1-Verwaltung/C=DE - DC:BD:69:25:48:BD:BB:7E:31:6E:BB:80:D3:00:80:35:D4:F8:A6:CD S + DC:BD:69:25:48:BD:BB:7E:31:6E:BB:80:D3:00:80:35:D4:F8:A6:CD S # CN=Root-CA/O=Schlapphuete/L=Pullach/C=DE !14:56:98:D3:FE:9C:CA:5A:31:6E:BC:81:D3:11:4E:00:90:A3:44:C2 S @end example - + Before entering a key into this file, you need to ensure its authenticity. How to do this depends on your organisation; your administrator might have already entered those keys which are deemed @@ -625,7 +633,7 @@ fails, try again using the chain validation model. @end table - + @item sshcontrol @cindex sshcontrol This file is used when support for the secure shell agent protocol has @@ -647,11 +655,11 @@ that key. The flag is automatically set if a new key was loaded into command. The keygrip may be prefixed with a @code{!} to disable an entry entry. - + The following example lists exactly one key. Note that keys available through a OpenPGP smartcard in the active smartcard reader are implicitly added to this list; i.e. there is no need to list them. - + @example # Key added on: 2011-07-20 20:38:46 # Fingerprint: 5e:8d:c4:ad:e7:af:6e:27:8a:d6:13:e4:79:ad:0b:81 @@ -682,7 +690,7 @@ a small helper script is provided to create these files (@pxref{addgnupghome}). @node Agent Signals @section Use of some signals. A running @command{gpg-agent} may be controlled by signals, i.e. using -the @command{kill} command to send a signal to the process. +the @command{kill} command to send a signal to the process. Here is a list of supported signals: @@ -721,7 +729,7 @@ This signal is used for internal purposes. @end table -@c +@c @c Examples @c @mansect examples @@ -764,7 +772,7 @@ and add something like (for Bourne shells) @noindent to your shell initialization file (e.g. @file{~/.bashrc}). -@c +@c @c Assuan Protocol @c @manpause @@ -807,6 +815,7 @@ secret keys. * Agent UPDATESTARTUPTTY:: Change the Standard Display * Agent GETEVENTCOUNTER:: Get the Event Counters * Agent GETINFO:: Return information about the process +* Agent OPTION:: Set options for the session @end menu @node Agent PKDECRYPT @@ -838,13 +847,13 @@ text. C: D xxxx) C: END @end example - + Please note that the server may send status info lines while reading the data lines from the client. The data send is a SPKI like S-Exp with this structure: @example - (enc-val + (enc-val ( ( ) ... @@ -857,20 +866,20 @@ the parameters depend on the algorithm. The agent does return an error if there is an inconsistency. If the decryption was successful the decrypted data is returned by -means of "D" lines. +means of "D" lines. Here is an example session: @example C: PKDECRYPT S: INQUIRE CIPHERTEXT - C: D (enc-val elg (a 349324324) + C: D (enc-val elg (a 349324324) C: D (b 3F444677CA))) C: END S: # session key follows S: D (value 1234567890ABCDEF0) S: OK descryption successful -@end example +@end example @node Agent PKSIGN @@ -918,8 +927,8 @@ different algorithms. The agent does then some checks, asks for the passphrase and as a result the server returns the signature as an SPKI like S-expression in "D" lines: -@example - (sig-val +@example + (sig-val ( ( ) ... @@ -967,7 +976,7 @@ option allows to choose the storage location. To get the secret key out of the PSE, a special export tool has to be used. @example - GENKEY + GENKEY @end example Invokes the key generation process and the server will then inquire @@ -1102,13 +1111,13 @@ Known sequences with the pattern @@foo@@ are replaced according to this table: @table @code -@item @@FPR16@@ +@item @@FPR16@@ Format the fingerprint according to gpg rules for a v3 keys. -@item @@FPR20@@ +@item @@FPR20@@ Format the fingerprint according to gpg rules for a v4 keys. @item @@FPR@@ Choose an appropriate format to format the fingerprint. -@item @@@@ +@item @@@@ Replaced by a single @code{@@} @end table @@ -1130,7 +1139,7 @@ arguments the agent returns a cached passphrase or an error. By convention either the hexified fingerprint of the key shall be used for @var{cache_id} or an arbitrary string prefixed with the name of the calling application and a colon: Like @code{gpg:somestring}. - + @var{error_message} is either a single @code{X} for no error message or a string to be shown as an error message like (e.g. "invalid passphrase"). Blanks must be percent escaped or replaced by @code{+}'. @@ -1154,7 +1163,7 @@ has been found in the cache. If the option @option{--no-ask} is used and the passphrase is not in the cache the user will not be asked to enter a passphrase but the error -code @code{GPG_ERR_NO_DATA} is returned. +code @code{GPG_ERR_NO_DATA} is returned. If the option @option{--qualitybar} is used and a minimum passphrase length has been configured, a visual indication of the entered @@ -1286,11 +1295,95 @@ Return the name of the socket used for SSH connections. If SSH support has not been enabled the error @code{GPG_ERR_NO_DATA} will be returned. @end table +@node Agent OPTION +@subsection Set options for the session + +Here is a list of session options which are not yet described with +other commands. The general syntax for an Assuan option is: + +@smallexample +OPTION @var{key}=@var{value} +@end smallexample + +@noindent +Supported @var{key}s are: + +@table @code +@item agent-awareness +This may be used to tell gpg-agent of which gpg-agent version the +client is aware of. gpg-agent uses this information to enable +features which might break older clients. + +@item putenv +Change the session's environment to be used for the +Pinentry. Valid values are: + + @table @code + @item @var{name} + Delete envvar @var{name} + @item @var{name}= + Set envvar @var{name} to the empty string + @item @var{name}=@var{value} + Set envvar @var{name} to the string @var{value}. + @end table + +@item use-cache-for-signing +See Assuan command @code{PKSIGN}. + +@item allow-pinentry-notify +This does not need any value. It is used to enable the +PINENTRY_LAUNCHED inquiry. + +@ifset gpgtwoone +@item pinentry-mode +This option is used to change the operation mode of the pinentry. The +following values are defined: + + @table @code + @item ask + This is the default mode which pops up a pinentry as needed. + + @item cancel + Instead of popping up a pinentry, return the error code + @code{GPG_ERR_CANCELED}. + + @item error + Instead of popping up a pinentry, return the error code + @code{GPG_ERR_NO_PIN_ENTRY}. + + @item loopback + Use a loopback pinentry. This fakes a pinentry by using inquiries + back to the caller to ask for a passphrase. This option may only be + set if the agent has been configured for that. + Use the @xref{option --allow-loopback-pinentry}. + + @end table +@end ifset + +@ifset gpgtwoone +@item cache-ttl-opt-preset +This option sets the cache TTL for new entries created by GENKEY and +PASSWD commands when using the @option{--preset} option. It it is not +used a default value is used. +@end ifset + +@ifset gpgtwoone +@item s2k-count +Instead of using the standard S2K counted (which is computed on the +fly), the given S2K count is used for new keys or when changing the +passphrase of a key. Values below 65536 are considered to be 0. This +option is valid for the entire session or until reset to 0. This +option is useful if the key is later used on boxes which are either +much slower or faster than the actual box. +@end ifset + +@end table + @mansect see also @ifset isman -@command{gpg2}(1), -@command{gpgsm}(1), +@command{gpg2}(1), +@command{gpgsm}(1), @command{gpg-connect-agent}(1), @command{scdaemon}(1) @end ifset diff --git a/doc/gpg.texi b/doc/gpg.texi index 63cc7b64c..1112fa21a 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -32,7 +32,7 @@ gpg .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] +.RI [ options ] .I command .RI [ args ] @end ifset @@ -57,7 +57,7 @@ gpg2 .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] +.RI [ options ] .I command .RI [ args ] @end ifset @@ -98,16 +98,16 @@ page and at @inforef{Top,GnuPG 1,gpg}. @mancont @menu -* GPG Commands:: List of all commands. -* GPG Options:: List of all options. -* GPG Configuration:: Configuration files. -* GPG Examples:: Some usage examples. +* GPG Commands:: List of all commands. +* GPG Options:: List of all options. +* GPG Configuration:: Configuration files. +* GPG Examples:: Some usage examples. Developer information: -@c * Unattended Usage:: Using @command{gpg} from other programs. -@c * GPG Protocol:: The protocol the server mode uses. +* Unattended Usage of GPG:: Using @command{gpg} from other programs. @end menu +@c * GPG Protocol:: The protocol the server mode uses. @c ******************************************* @@ -303,7 +303,7 @@ secret key is not usable (for example, if it was created via @opindex list-sigs Same as @option{--list-keys}, but the signatures are listed too. @ifclear gpgone -This command has the same effect as +This command has the same effect as using @option{--list-keys} with @option{--with-sig-list}. @end ifclear @@ -326,7 +326,7 @@ Same as @option{--list-sigs}, but the signatures are verified. Note that for performance reasons the revocation status of a signing key is not shown. @ifclear gpgone -This command has the same effect as +This command has the same effect as using @option{--list-keys} with @option{--with-sig-check}. @end ifclear @@ -1429,7 +1429,8 @@ required if @code{local} is also used. Select how to display key IDs. "short" is the traditional 8-character key ID. "long" is the more accurate (but less convenient) 16-character key ID. Add an "0x" to either to include an "0x" at the -beginning of the key ID, as in 0x99242560. +beginning of the key ID, as in 0x99242560. Note that this option is +ignored if the option --with-colons is used. @item --keyserver @code{name} Use @code{name} as your keyserver. This is the server that @@ -2204,7 +2205,7 @@ a numeric value or by a keyword: @item none No debugging at all. A value of less than 1 may be used instead of the keyword. -@item basic +@item basic Some basic debug messages. A value between 1 and 2 may be used instead of the keyword. @item advanced @@ -2510,7 +2511,7 @@ timestamp issues on subkeys. @item --ignore-valid-from GnuPG normally does not select and use subkeys created in the future. This option allows the use of such keys and thus exhibits the -pre-1.0.7 behaviour. You should not use this option unless you there +pre-1.0.7 behaviour. You should not use this option unless there is some clock problem. See also @option{--ignore-time-conflict} for timestamp issues with signatures. @@ -2613,7 +2614,7 @@ Allow processing of multiple OpenPGP messages contained in a single file or stream. Some programs that call GPG are not prepared to deal with multiple messages being processed together, so this option defaults to no. Note that versions of GPG prior to 1.4.7 always allowed multiple -messages. +messages. Warning: Do not use this option unless you need it as a temporary workaround! @@ -2833,7 +2834,7 @@ translation is loaded from @code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}. Here @var{gpgdir} is the directory out of which the gpg binary has been loaded. If it can't be loaded the Registry is tried and as last resort the native Windows -locale system is used. +locale system is used. @end table @@ -2964,11 +2965,264 @@ Before you report a bug you should first search the mailing list archives for similar problems and second check whether such a bug has already been reported to our bug tracker at http://bugs.gnupg.org . +@c ******************************************* +@c *************** ************** +@c *************** UNATTENDED ************** +@c *************** ************** +@c ******************************************* +@manpause +@node Unattended Usage of GPG +@section Unattended Usage + +@command{gpg} is often used as a backend engine by other software. To help +with this a machine interface has been defined to have an unambiguous +way to do this. The options @option{--status-fd} and @option{--batch} +are almost always required for this. + +@menu +* Unattended GPG key generation:: Unattended key generation +@end menu + + +@node Unattended GPG key generation,,,Unattended Usage of GPG +@section Unattended key generation + +The command @option{--gen-key} may be used along with the option +@option{--batch} for unattended key generation. The parameters are +either read from stdin or given as a file on the command line. +The format of the parameter file is as follows: + +@itemize @bullet +@item Text only, line length is limited to about 1000 characters. +@item UTF-8 encoding must be used to specify non-ASCII characters. +@item Empty lines are ignored. +@item Leading and trailing while space is ignored. +@item A hash sign as the first non white space character indicates +a comment line. +@item Control statements are indicated by a leading percent sign, the +arguments are separated by white space from the keyword. +@item Parameters are specified by a keyword, followed by a colon. Arguments +are separated by white space. +@item +The first parameter must be @samp{Key-Type}; control statements may be +placed anywhere. +@item +The order of the parameters does not matter except for @samp{Key-Type} +which must be the first parameter. The parameters are only used for +the generated keyblock (primary and subkeys); parameters from previous +sets are not used. Some syntactically checks may be performed. +@item +Key generation takes place when either the end of the parameter file +is reached, the next @samp{Key-Type} parameter is encountered or at the +control statement @samp{%commit} is encountered. +@end itemize + +@noindent +Control statements: + +@table @asis + +@item %echo @var{text} +Print @var{text} as diagnostic. + +@item %dry-run +Suppress actual key generation (useful for syntax checking). + +@item %commit +Perform the key generation. Note that an implicit commit is done at +the next @asis{Key-Type} parameter. + +@item %pubring @var{filename} +@itemx %secring @var{filename} +Do not write the key to the default or commandline given keyring but +to @var{filename}. This must be given before the first commit to take +place, duplicate specification of the same filename is ignored, the +last filename before a commit is used. The filename is used until a +new filename is used (at commit points) and all keys are written to +that file. If a new filename is given, this file is created (and +overwrites an existing one). For gnuPG versions prior to 2.1, both +control statements must be given. For GnuPG 2.1 and later +@samp{%secring} is a no-op. + +@item %ask-passphrase +@itemx %no-ask-passphrase +Enable (or disable) a mode where the command @option{passphrase} is +ignored and instead the usual passphrase dialog is used. This does +not make sense for batch key generation; however the unattended key +generation feature is also used by GUIs and this feature relinquishes +the GUI from implementing its own passphrase entry code. These are +global control statements and affect all future key genrations. + +@item %no-protection +Since GnuPG version 2.1 it is not anymore possible to specify a +passphrase for unattended key generation. The passphrase command is +simply ignored and @samp{%ask-passpharse} is thus implicitly enabled. +Using this option allows the creation of keys without any passphrase +protection. This option is mainly intended for regression tests. + +@item %transient-key +If given the keys are created using a faster and a somewhat less +secure random number generator. This option may be used for keys +which are only used for a short time and do not require full +cryptographic strength. It takes only effect if used together with +the control statement @samp{%no-protection}. + +@end table + +@noindent +General Parameters: + +@table @asis + +@item Key-Type: @var{algo} +Starts a new parameter block by giving the type of the primary +key. The algorithm must be capable of signing. This is a required +parameter. @var{algo} may either be an OpenPGP algorithm number or a +string with the algorithm name. The special value @samp{default} may +be used for @var{algo} to create the default key type; in this case a +@samp{Key-Usage} shall not be given and @samp{default} also be used +for @samp{Subkey-Type}. + +@item Key-Length: @var{nbits} +The requested length of the generated key in bits. The default is +returned by running the command @samp{gpg2 --gpgconf-list}. + +@item Key-Grip: @var{hexstring} +This is optional and used to generate a CSR or certificatet for an +already existing key. Key-Length will be ignored when given. + +@item Key-Usage: @var{usage-list} +Space or comma delimited list of key usages. Allowed values are +@samp{encrypt}, @samp{sign}, and @samp{auth}. This is used to +generate the key flags. Please make sure that the algorithm is +capable of this usage. Note that OpenPGP requires that all primary +keys are capable of certification, so no matter what usage is given +here, the @samp{cert} flag will be on. If no @samp{Key-Usage} is +specified and the @samp{Key-Type} is not @samp{default}, all allowed +usages for that particular algorithm are used; if it is not given but +@samp{default} is used the usage will be @samp{sign}. + +@item Subkey-Type: @var{algo} +This generates a secondary key (subkey). Currently only one subkey +can be handled. See also @samp{Key-Type} above. + +@item Subkey-Length: @var{nbits} +Length of the secondary key (subkey) in bits. The default is returned +by running the command @samp{gpg2 --gpgconf-list}". + +@item Subkey-Usage: @var{usage-list} +Key usage lists for a subkey; similar to @samp{Key-Usage}. + +@item Passphrase: @var{string} +If you want to specify a passphrase for the secret key, +enter it here. Default is not to use any passphrase. + +@item Name-Real: @var{name} +@itemx Name-Comment: @var{comment} +@itemx Name-Email: @var{email} +The three parts of a user name. Remember to use UTF-8 encoding here. +If you don't give any of them, no user ID is created. + +@item Expire-Date: @var{iso-date}|(@var{number}[d|w|m|y]) +Set the expiration date for the key (and the subkey). It may either +be entered in ISO date format (2000-08-15) or as number of days, +weeks, month or years. The special notation "seconds=N" is also +allowed to directly give an Epoch value. Without a letter days are +assumed. Note that there is no check done on the overflow of the type +used by OpenPGP for timestamps. Thus you better make sure that the +given value make sense. Although OpenPGP works with time intervals, +GnuPG uses an absolute value internally and thus the last year we can +represent is 2105. + +@item Ceation-Date: @var{iso-date} +Set the creation date of the key as stored in the key information and +which is also part of the fingerprint calculation. Either a date like +"1986-04-26" or a full timestamp like "19860426T042640" may be used. +The time is considered to be UTC. If it is not given the current time +is used. + +@item Preferences: @var{string} +Set the cipher, hash, and compression preference values for this key. +This expects the same type of string as the sub-command @samp{setpref} +in the @option{--edit-key} menu. + +@item Revoker: @var{algo}:@var{fpr} [sensitive] +Add a designated revoker to the generated key. Algo is the public key +algorithm of the designated revoker (i.e. RSA=1, DSA=17, etc.) +@var{fpr} is the fingerprint of the designated revoker. The optional +@samp{sensitive} flag marks the designated revoker as sensitive +information. Only v4 keys may be designated revokers. + +@item Keyserver: @var{string} +This is an optional parameter that specifies the preferred keyserver +URL for the key. + +@item Handle: @var{string} +This is an optional parameter only used with the status lines +KEY_CREATED and KEY_NOT_CREATED. @var{string} may be up to 100 +characters and should not contain spaces. It is useful for batch key +generation to associate a key parameter block with a status line. + +@end table + +@noindent +Here is an example on how to create a key: +@smallexample +$ cat >foo < +ssb 1024g/8F70E2C0 2000-03-09 +@end smallexample + + +@noindent +If you want to create a key with the default algorithms you would use +these parameters: +@smallexample + %echo Generating a default key + Key-Type: default + Subkey-Type: default + Name-Real: Joe Tester + Name-Comment: with stupid passphrase + Name-Email: joe@@foo.bar + Expire-Date: 0 + Passphrase: abc + %pubring foo.pub + %secring foo.sec + # Do a commit here, so that we can later print "done" :-) + %commit + %echo done +@end smallexample + + + + @mansect see also @ifset isman -@command{gpgv}(1), +@command{gpgv}(1), @ifclear gpgone -@command{gpgsm}(1), +@command{gpgsm}(1), @command{gpg-agent}(1) @end ifclear @end ifset diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 530169a99..0de3daf4d 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -21,7 +21,7 @@ .IR dir ] .RB [ \-\-options .IR file ] -.RI [ options ] +.RI [ options ] .I command .RI [ args ] @end ifset @@ -124,7 +124,7 @@ in the keybox or those set with the @option{--local-user} option. @opindex verify Check a signature file for validity. Depending on the arguments a detached signature may also be checked. - + @item --server @opindex server Run in server mode and wait for commands on the @code{stdin}. @@ -150,7 +150,7 @@ Certain maintenance operations are done by an external program call @command{gpg-protect-tool}; this is usually not installed in a directory listed in the PATH variable. This command provides a simple wrapper to access this tool. @var{arguments} are passed verbatim to this command; -use @samp{--help} to get a list of supported operations. +use @samp{--help} to get a list of supported operations. @end table @@ -165,13 +165,23 @@ use @samp{--help} to get a list of supported operations. @table @gnupgtabopt @item --gen-key @opindex gen-key -This command allows the creation of a certificate signing request. It -is commonly used along with the @option{--output} option to save the -created CSR into a file. If used with the @option{--batch} a parameter -file is used to create the CSR. +@ifclear gpgtwoone +-This command allows the creation of a certificate signing request. It +-is commonly used along with the @option{--output} option to save the +-created CSR into a file. If used with the @option{--batch} a parameter +-file is used to create the CSR. +@end ifclear +@ifset gpgtwoone +This command allows the creation of a certificate signing request or a +self-signed certificate. It is commonly used along with the +@option{--output} option to save the created CSR or certificate into a +file. If used with the @option{--batch} a parameter file is used to +create the CSR or certificate and it is further possible to create +non-self-signed certificates. +@end ifset @item --list-keys -@itemx -k +@itemx -k @opindex list-keys List all available certificates stored in the local key database. Note that the displayed data might be reformatted for better human @@ -186,7 +196,7 @@ is available. @item --list-external-keys @var{pattern} @opindex list-keys List certificates matching @var{pattern} using an external server. This -utilizes the @code{dirmngr} service. +utilizes the @code{dirmngr} service. @item --list-chain @opindex list-chain @@ -289,7 +299,7 @@ smartcard is not yet supported. @command{GPGSM} features a bunch of options to control the exact behaviour and to change the default configuration. -@menu +@menu * Configuration Options:: How to change the configuration. * Certificate Options:: Certificate related options. * Input and Output:: Input and Output. @@ -337,7 +347,7 @@ Specify an agent program to be used for secret key operations. The default value is the @file{/usr/local/bin/gpg-agent}. This is only used as a fallback when the environment variable @code{GPG_AGENT_INFO} is not set or a running agent can't be connected. - + @item --dirmngr-program @var{file} @opindex dirmnr-program Specify a dirmngr program to be used for @acronym{CRL} checks. The @@ -412,7 +422,7 @@ the loading for short time intervals (e.g. 30 minutes). This option is useful to make sure that a fresh CRL is available for certificates hold in the keybox. The suggested way of doing this is by using it along with the option @option{--with-validation} for a key listing -command. This option should not be used in a configuration file. +command. This option should not be used in a configuration file. @item --enable-ocsp @itemx --disable-ocsp @@ -422,7 +432,7 @@ Be default @acronym{OCSP} checks are disabled. The enable option may be used to enable OCSP checks via Dirmngr. If @acronym{CRL} checks are also enabled, CRLs will be used as a fallback if for some reason an OCSP request won't succeed. Note, that you have to allow OCSP -requests in Dirmngr's configuration too (option +requests in Dirmngr's configuration too (option @option{--allow-ocsp} and configure dirmngr properly. If you don't do so you will get the error code @samp{Not supported}. @@ -470,9 +480,9 @@ for a reason. @itemx -a @opindex armor @opindex -a -Create PEM encoded output. Default is binary output. +Create PEM encoded output. Default is binary output. -@item --base64 +@item --base64 @opindex base64 Create Base-64 encoded output; i.e. PEM without the header lines. @@ -542,7 +552,7 @@ secret key. @opindex with-validation When doing a key listing, do a full validation check for each key and print the result. This is usually a slow operation because it -requires a CRL lookup and other operations. +requires a CRL lookup and other operations. When used along with --import, a validation of the certificate to import is done and only imported if it succeeds the test. Note that @@ -580,7 +590,7 @@ Use the cipher algorithm with the ASN.1 object identifier @var{oid} for encryption. For convenience the strings @code{3DES}, @code{AES} and @code{AES256} may be used instead of their OIDs. The default is @code{3DES} (1.2.840.113549.3.7). - + @item --digest-algo @code{name} Use @code{name} as the message digest algorithm. Usually this algorithm is deduced from the respective signing certificate. This @@ -635,7 +645,7 @@ a numeric value or by a keyword: @item none No debugging at all. A value of less than 1 may be used instead of the keyword. -@item basic +@item basic Some basic debug messages. A value between 1 and 2 may be used instead of the keyword. @item advanced @@ -664,8 +674,8 @@ and may be given in usual C-Syntax. The currently defined bits are: @table @code @item 0 (1) X.509 or OpenPGP protocol related data -@item 1 (2) -values of big number integers +@item 1 (2) +values of big number integers @item 2 (4) low level crypto operations @item 5 (32) @@ -771,7 +781,7 @@ like this: @c man:.RS @example # Allowed policies -2.289.9.9 +2.289.9.9 @end example @c man:.RE @@ -813,7 +823,7 @@ certificates, appropriate notices will be shown to indicate this fact. @item help.txt @cindex help.txt -This is plain text file with a few help entries used with +This is plain text file with a few help entries used with @command{pinentry} as well as a large list of help items for @command{gpg} and @command{gpgsm}. The standard file has English help texts; to install localized versions use filenames like @file{help.LL.txt} @@ -831,7 +841,7 @@ This file is a collection of common certificates used to populated a newly created @file{pubring.kbx}. An administrator may replace this file with a custom one. The format is a concatenation of PEM encoded X.509 certificates. This global file is installed in the data directory -(e.g. @file{/usr/share/gnupg/qualified.txt}). +(e.g. @file{/usr/share/gnupg/com-certs.pem}). @end table @@ -886,14 +896,12 @@ $ gpgsm -er goo@@bar.net ciphertext @end example -@c man end - - @c ******************************************* @c *************** ************** @c *************** UNATTENDED ************** @c *************** ************** @c ******************************************* +@manpause @node Unattended Usage @section Unattended Usage @@ -905,6 +913,7 @@ but may also be used in the standard operation mode by using the @menu * Automated signature checking:: Automated signature checking. +* CSR and certificate creation:: CSR and certificate creation. @end menu @node Automated signature checking,,,Unattended Usage @@ -925,7 +934,7 @@ signature of a message itself as expired. It is a sound practise to consider such a signature still as valid but additional information should be displayed. Depending on the subcase @command{gpgsm} will issue these status codes: - @table @asis + @table @asis @item signature valid and nothing did expire @code{GOODSIG}, @code{VALIDSIG}, @code{TRUST_FULLY} @item signature valid but at least one certificate has expired @@ -951,13 +960,162 @@ this is a missing certificate. @end table +@node CSR and certificate creation,,,Unattended Usage +@section CSR and certificate creation + +@ifclear gpgtwoone +@strong{Please notice}: The immediate creation of certificates is only +supported by GnuPG version 2.1 or later. With a 2.0 version you may +only create a CSR. +@end ifclear + +The command @option{--gen-key} may be used along with the option +@option{--batch} to either create a certificate signing request (CSR) +or an X.509 certificate. The is controlled by a parameter file; the +format of this file is as follows: + +@itemize @bullet +@item Text only, line length is limited to about 1000 characters. +@item UTF-8 encoding must be used to specify non-ASCII characters. +@item Empty lines are ignored. +@item Leading and trailing while space is ignored. +@item A hash sign as the first non white space character indicates +a comment line. +@item Control statements are indicated by a leading percent sign, the +arguments are separated by white space from the keyword. +@item Parameters are specified by a keyword, followed by a colon. Arguments +are separated by white space. +@item The first parameter must be @samp{Key-Type}, control statements +may be placed anywhere. +@item +The order of the parameters does not matter except for @samp{Key-Type} +which must be the first parameter. The parameters are only used for +the generated CSR/certificate; parameters from previous sets are not +used. Some syntactically checks may be performed. +@item +Key generation takes place when either the end of the parameter file +is reached, the next @samp{Key-Type} parameter is encountered or at the +control statement @samp{%commit} is encountered. +@end itemize + +@noindent +Control statements: + +@table @asis + +@item %echo @var{text} +Print @var{text} as diagnostic. + +@item %dry-run +Suppress actual key generation (useful for syntax checking). + +@item %commit +Perform the key generation. Note that an implicit commit is done at +the next @asis{Key-Type} parameter. + +@c %certfile <filename> +@c [Not yet implemented!] +@c Do not write the certificate to the keyDB but to <filename>. +@c This must be given before the first +@c commit to take place, duplicate specification of the same filename +@c is ignored, the last filename before a commit is used. +@c The filename is used until a new filename is used (at commit points) +@c and all keys are written to that file. If a new filename is given, +@c this file is created (and overwrites an existing one). +@c Both control statements must be given. +@end table + +@noindent +General Parameters: + +@table @asis + +@item Key-Type: @var{algo} +Starts a new parameter block by giving the type of the primary +key. The algorithm must be capable of signing. This is a required +parameter. The only supported value for @var{algo} is @samp{rsa}. + +@item Key-Length: @var{nbits} +The requested length of a generated key in bits. Defaults to 2048. + +@item Key-Grip: @var{hexstring} +This is optional and used to generate a CSR or certificatet for an +already existing key. Key-Length will be ignored when given. + +@item Key-Usage: @var{usage-list} +Space or comma delimited list of key usage, allowed values are +@samp{encrypt} and @samp{sign}. This is used to generate the keyUsage +extension. Please make sure that the algorithm is capable of this +usage. Default is to allow encrypt and sign. + +@item Name-DN: @var{subject-name} +This is the Distinguished Name (DN) of the subject in RFC-2253 format. + +@item Name-Email: @var{string} +This is an email address for the altSubjectName. This parameter is +optional but may occur several times to add several email addresses to +a certificate. + +@item Name-DNS: @var{string} +The is an DNS name for the altSubjectName. This parameter is optional +but may occur several times to add several DNS names to a certificate. + +@item Name-URI: @var{string} +This is an URI for the altSubjectName. This parameter is optional but +may occur several times to add several URIs to a certificate. +@end table + +@noindent +Additional parameters used to create a certificate (in contrast to a +certificate signing request): + +@table @asis + +@item Serial: @var{sn} +If this parameter is given an X.509 certificate will be generated. +@var{sn} is expected to be a hex string representing an unsigned +integer of arbitary length. The special value @samp{random} can be +used to create a 64 bit random serial number. + +@item Issuer-DN: @var{issuer-name} +This is the DN name of the issuer in rfc2253 format. If it is not set +it will default to the subject DN and a special GnuPG extension will +be included in the certificate to mark it as a standalone certificate. + +@item Creation-Date: @var{iso-date} +@itemx Not-Before: @var{iso-date} +Set the notBefore date of the certificate. Either a date like +@samp{1986-04-26} or @samp{1986-04-26 12:00} or a standard ISO +timestamp like @samp{19860426T042640} may be used. The time is +considered to be UTC. If it is not given the current date is used. + +@item Expire-Date: @var{iso-date} +@itemx Not-After: @var{iso-date} +Set the notAfter date of the certificate. Either a date like +@samp{2063-04-05} or @samp{2063-04-05 17:00} or a standard ISO +timestamp like @samp{20630405T170000} may be used. The time is +considered to be UTC. If it is not given a default value in the not +too far future is used. + +@item Signing-Key: @var{keygrip} +This gives the keygrip of the key used to sign the certificate. If it +is not given a self-signed certificate will be created. For +compatibility with future versions, it is suggested to prefix the +keygrip with a @samp{&}. + +@item Hash-Algo: @var{hash-algo} +Use @var{hash-algo} for this CSR or certificate. The supported hash +algorithms are: @samp{sha1}, @samp{sha256}, @samp{sha384} and +@samp{sha512}; they may also be specified with uppercase letters. The +default is @samp{sha1}. + +@end table @c ******************************************* @c *************** ***************** @c *************** ASSSUAN ***************** @c *************** ***************** @c ******************************************* -@manpause @node GPGSM Protocol @section The Protocol the Server Mode Uses. @@ -1037,11 +1195,11 @@ should consider this session failed. The option armor encodes the output in @acronym{PEM} format, the @code{--base64} option applies just a base 64 encoding. No option creates binary output (@acronym{BER}). - + The actual encryption is done using the command @example - ENCRYPT + ENCRYPT @end example It takes the plaintext from the @code{INPUT} command, writes to the @@ -1097,7 +1255,7 @@ Write the output to file descriptor @var{m}. If a detached signature is requested, only the signature is written. @example - SIGN [--detached] + SIGN [--detached] @end example Sign the data set with the INPUT command and write it to the sink set by @@ -1149,7 +1307,7 @@ token is used to store the key. Configuration options to @command{GPGSM} can be used to restrict the use of this command. @example - GENKEY + GENKEY @end example @command{GPGSM} checks whether this command is allowed and then does an @@ -1161,7 +1319,7 @@ key parameters in the native format: C: D foo:fgfgfg C: D bar C: END -@end example +@end example Please note that the server may send Status info lines while reading the data lines from the client. After this the key generation takes place @@ -1197,7 +1355,7 @@ The list commands commands are affected by the option where mode may be: @table @code -@item 0 +@item 0 Use default (which is usually the same as 1). @item 1 List only the internal keys. @@ -1208,7 +1366,7 @@ List internal and external keys. @end table Note that options are valid for the entire session. - + @node GPGSM EXPORT @subsection Export certificates @@ -1294,7 +1452,7 @@ The leading two dashes usually used with @var{opt} shall not be given. @mansect see also @ifset isman -@command{gpg2}(1), +@command{gpg2}(1), @command{gpg-agent}(1) @end ifset @include see-also-note.texi diff --git a/doc/tools.texi b/doc/tools.texi index c85f9e243..f530c1ed1 100644 --- a/doc/tools.texi +++ b/doc/tools.texi @@ -61,7 +61,7 @@ watchgnupg --force ~/.gnupg/S.log @noindent This starts it on the current terminal for listening on the socket -@file{~/.gnupg/S.log}. +@file{~/.gnupg/S.log}. @mansect options @noindent @@ -69,7 +69,7 @@ This starts it on the current terminal for listening on the socket @table @gnupgtabopt -@item --force +@item --force @opindex force Delete an already existing socket file. @@ -129,9 +129,9 @@ name for remote debugging. @mansect see also @ifset isman -@command{gpg}(1), -@command{gpgsm}(1), -@command{gpg-agent}(1), +@command{gpg}(1), +@command{gpgsm}(1), +@command{gpg-agent}(1), @command{scdaemon}(1) @end ifset @include see-also-note.texi @@ -150,7 +150,7 @@ name for remote debugging. @node addgnupghome @section Create .gnupg home directories. @ifset manverb -.B addgnupghome +.B addgnupghome \- Create .gnupg home directories @end ifset @@ -197,7 +197,7 @@ addgnupghome account1 account2 ... accountn .br .B gpgconf .RI [ options ] -.B \-\-list-options +.B \-\-list-options .I component .br .B gpgconf @@ -301,10 +301,17 @@ is given, check that file instead. @item --reload [@var{component}] @opindex reload -Reload all or the given component. This is basically the sam as sending +Reload all or the given component. This is basically the same as sending a SIGHUP to the component. Components which don't support reloading are ignored. +@item --kill [@var{component}] +@opindex kill +Kill the given component. Components which support killing are +gpg-agent and scdaemon. Components which don't support reloading are +ignored. Note that as of now reload and kill have the same effect for +scdaemon. + @end table @@ -570,7 +577,7 @@ configuration file. It is @emph{percent-escaped}. @item line If an error occurred in the configuration file, this field has the line -number of the failing statement in the configuration file. +number of the failing statement in the configuration file. It is an @emph{unsigned number}. @item error @@ -867,7 +874,7 @@ effect. @subsection Listing global options Sometimes it is useful for applications to look at the global options -file @file{gpgconf.conf}. +file @file{gpgconf.conf}. The colon separated listing format is record oriented and uses the first field to identify the record type: @@ -936,9 +943,9 @@ no feature to change the global option file through @command{gpgconf}. @mansect see also @ifset isman -@command{gpg}(1), -@command{gpgsm}(1), -@command{gpg-agent}(1), +@command{gpg}(1), +@command{gpgsm}(1), +@command{gpg-agent}(1), @command{scdaemon}(1), @command{dirmngr}(1) @end ifset @@ -989,7 +996,7 @@ applygnupgdefaults @ifset manverb .B gpgsm-gencert.sh \- Generate an X.509 certificate request -@end ifset +@end ifset @mansect synopsis @ifset manverb @@ -1008,8 +1015,8 @@ which will be printed to stdout. @mansect see also @ifset isman -@command{gpgsm}(1), -@command{gpg-agent}(1), +@command{gpgsm}(1), +@command{gpg-agent}(1), @command{scdaemon}(1) @end ifset @include see-also-note.texi @@ -1096,7 +1103,7 @@ The following additional options may be used: @item -v @itemx --verbose @opindex verbose -Output additional information while running. +Output additional information while running. @item -P @var{string} @itemx --passphrase @var{string} @@ -1108,9 +1115,9 @@ for other users. @mansect see also @ifset isman -@command{gpg}(1), -@command{gpgsm}(1), -@command{gpg-agent}(1), +@command{gpg}(1), +@command{gpgsm}(1), +@command{gpg-agent}(1), @command{scdaemon}(1) @end ifset @include see-also-note.texi @@ -1169,7 +1176,7 @@ The following options may be used: @item -v @itemx --verbose @opindex verbose -Output additional information while running. +Output additional information while running. @item -q @item --quiet @@ -1186,7 +1193,7 @@ Specify the agent program to be started if none is running. @item -S @itemx --raw-socket @var{name} -@opindex S +@opindex S @opindex raw-socket Connect to socket @var{name} assuming this is an Assuan style server. Do not run any special initializations or environment checks. This may @@ -1209,7 +1216,7 @@ connects to the assuan server in extended mode to allow descriptor passing. This option makes it use the old mode. @item --run @var{file} -@opindex run +@opindex run Run the commands from @var{file} at startup and then continue with the regular input method. Note, that commands given on the command line are executed after this file. @@ -1251,7 +1258,7 @@ Variables are referenced by prefixing the name with a dollar sign and optionally include the name in curly braces. The rules for a valid name are identically to those of the standard bourne shell. This is not yet enforced but may be in the future. When used with curly braces no -leading or trailing white space is allowed. +leading or trailing white space is allowed. If a variable is not found, it is searched in the environment and if found copied to the table of variables. @@ -1264,7 +1271,7 @@ following functions are available: @item get Return a value described by the argument. Available arguments are: -@table @code +@table @code @item cwd The current working directory. @item homedir @@ -1431,7 +1438,7 @@ Print a list of available control commands. @ifset isman @mansect see also -@command{gpg-agent}(1), +@command{gpg-agent}(1), @command{scdaemon}(1) @include see-also-note.texi @end ifset @@ -1452,8 +1459,8 @@ Print a list of available control commands. @mansect synopsis @ifset manverb .B dirmngr-client -.RI [ options ] -.RI [ certfile | pattern ] +.RI [ options ] +.RI [ certfile | pattern ] @end ifset @mansect description @@ -1478,7 +1485,7 @@ dirmngr-client <@var{acert} @end example Where @var{acert} is one DER encoded (binary) X.509 certificates to be -tested. +tested. @ifclear isman The return value of this command is @end ifclear @@ -1489,7 +1496,7 @@ The return value of this command is @end ifset @table @code -@item 0 +@item 0 The certificate under question is valid; i.e. there is a valid CRL available and it is not listed tehre or teh OCSP request returned that that certificate is valid. @@ -1673,7 +1680,7 @@ configured with @samp{--enable-symcryptrun} at build time. @command{symcryptrun} is invoked this way: @example -symcryptrun --class CLASS --program PROGRAM --keyfile KEYFILE +symcryptrun --class CLASS --program PROGRAM --keyfile KEYFILE [--decrypt | --encrypt] [inputfile] @end example @mancont @@ -1685,12 +1692,12 @@ For decryption vice versa. @var{CLASS} describes the calling conventions of the external tool. Currently it must be given as @samp{confucius}. @var{PROGRAM} is the full filename of that external tool. - + For the class @samp{confucius} the option @option{--keyfile} is required; @var{keyfile} is the name of a file containing the secret key, which may be protected by a passphrase. For detailed calling conventions, see the source code. - + @noindent Note, that @command{gpg-agent} must be running before starting @command{symcryptrun}. @@ -1702,7 +1709,7 @@ The following additional options may be used: @item -v @itemx --verbose @opindex verbose -Output additional information while running. +Output additional information while running. @item -q @item --quiet @@ -1724,22 +1731,22 @@ information to STDERR. The possible exit status codes of @command{symcryptrun} are: @table @code -@item 0 +@item 0 Success. -@item 1 +@item 1 Some error occured. -@item 2 +@item 2 No valid passphrase was provided. -@item 3 +@item 3 The operation was canceled by the user. @end table @mansect see also @ifset isman -@command{gpg}(1), -@command{gpgsm}(1), -@command{gpg-agent}(1), +@command{gpg}(1), +@command{gpgsm}(1), +@command{gpg-agent}(1), @end ifset @include see-also-note.texi @@ -1747,8 +1754,8 @@ The possible exit status codes of @command{symcryptrun} are: @c @c GPG-ZIP @c -@c The original manpage on which this section is based was written -@c by Colin Tuckley <colin@tuckley.org> and Daniel Leidert +@c The original manpage on which this section is based was written +@c by Colin Tuckley <colin@tuckley.org> and Daniel Leidert @c <daniel.leidert@wgdd.de> for the Debian distribution (but may be used by @c others). @manpage gpg-zip.1 @@ -1880,8 +1887,7 @@ gpg-zip --list-archive test1 @mansect see also @ifset isman -@command{gpg}(1), -@command{tar}(1), +@command{gpg}(1), +@command{tar}(1), @end ifset @include see-also-note.texi - diff --git a/po/be.po b/po/be.po index 7b8499cf1..650c75ca8 100644 --- a/po/be.po +++ b/po/be.po @@ -122,8 +122,20 @@ msgstr "грамадскі ключ ня знойдзены" msgid "error writing key: %s\n" msgstr "памылка стварэньня \"%s\": %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "" "Увядзіце новы пароль для гэтага сакрэтнага ключа.\n" "\n" @@ -132,11 +144,13 @@ msgstr "" msgid "Please re-enter this passphrase" msgstr "Увядзіце пароль\n" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" +"Увядзіце новы пароль для гэтага сакрэтнага ключа.\n" +"\n" msgid "does not match - try again" msgstr "" diff --git a/po/ca.po b/po/ca.po index 1123057ac..20ef0fb7c 100644 --- a/po/ca.po +++ b/po/ca.po @@ -146,19 +146,31 @@ msgstr "no s'ha pogut eliminar el bloc de claus: %s\n" msgid "error writing key: %s\n" msgstr "error mentre s'escrivia l'anell «%s»: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Introduïu la contrasenya; aquesta ha de ser una frase secreta \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "canvia la contrasenya" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Introduïu la contrasenya; aquesta ha de ser una frase secreta \n" msgid "does not match - try again" msgstr "" diff --git a/po/cs.po b/po/cs.po index 943bfee3e..4859eab89 100644 --- a/po/cs.po +++ b/po/cs.po @@ -146,16 +146,28 @@ msgid "error writing key: %s\n" msgstr "chyba při zápisu klíče: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Prosím, vložte heslo pro SSH klíč%0A %c" msgid "Please re-enter this passphrase" msgstr "Prosím, vložte toto heslo znovu" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Prosím, vložte heslo, abyste ochránil(a) přijatý tajný klíč%%0A %s%%" "0Auvnitř úložiště klíčů gpg-agenta" diff --git a/po/da.po b/po/da.po index e252f7417..821f60953 100644 --- a/po/da.po +++ b/po/da.po @@ -127,18 +127,34 @@ msgid "error writing key: %s\n" msgstr "fejl ved skrivning af nglering `%s': %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" msgstr "" +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" +msgstr "" +"Du skal bruge en kodestning til at beskytte din hemmelige ngle.\n" +"\n" + #, fuzzy msgid "Please re-enter this passphrase" msgstr "ndr kodestningen" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" +"Du skal bruge en kodestning til at beskytte din hemmelige ngle.\n" +"\n" msgid "does not match - try again" msgstr "" diff --git a/po/de.po b/po/de.po index 5b37cfa6d..8db9c9328 100644 --- a/po/de.po +++ b/po/de.po @@ -1,15 +1,15 @@ # GnuPG German translation # Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, # 2006, 2007, 2008, 2009 Free Software Foundation, Inc. -# Walter Koch <koch@u32.de>, 1998, 1999, 2000, 2001, 2002, +# Walter Koch <koch@u32.de>, 1998, 1999, 2000, 2001, 2002, # 2003, 2004, 2005, 2006 # Merged with the gnupg 1.9.23 translation by Werner Koch on 2006-09-25. # msgid "" msgstr "" -"Project-Id-Version: gnupg-2.0.16\n" +"Project-Id-Version: gnupg-2.0.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2011-01-11 17:28+0100\n" +"PO-Revision-Date: 2011-08-04 16:13+0200\n" "Last-Translator: Werner Koch <wk@gnupg.org>\n" "Language-Team: German <de@li.org>\n" "MIME-Version: 1.0\n" @@ -128,19 +128,35 @@ msgid "error writing key: %s\n" msgstr "Fehler beim Schreiben des Schlüssels: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" -msgstr "Bitte geben Sie die Passphrase für den SSH-Schlüssel %0A %c ein." +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" +"Ein ssh Prozess hat den Schlüssel%%0A %s%%0A (%s)%%0Aangefordert. Möchten " +"Sie dies erlauben?" + +msgid "Allow" +msgstr "Erlauben" + +msgid "Deny" +msgstr "Verweigern" + +#, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" +msgstr "" +"Bitte geben Sie die Passphrase für den SSH-Schlüssel%%0A %F%%0A (%c) ein." msgid "Please re-enter this passphrase" msgstr "Bitte geben Sie die Passphrase noch einmal ein:" #, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" -"Bitte geben Sie eine Passphrase ein, um den empfangenen geheimen Schlüssel%%" -"0A %s%%0A im Schlüsselspeicher des gpg-agenten zu schützen." +"Bitte geben Sie eine Passphrase ein, um den empfangenen geheimen\n" +"Schlüssel%%0A %s%%0A %s%%0Aim Schlüsselspeicher des Gpg-Agenten zu " +"schützen." msgid "does not match - try again" msgstr "Keine Übereinstimmung - bitte nochmal versuchen." diff --git a/po/el.po b/po/el.po index ccd6f8d91..d06b28160 100644 --- a/po/el.po +++ b/po/el.po @@ -125,19 +125,31 @@ msgstr " msgid "error writing key: %s\n" msgstr " `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr " ߷ \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr " " -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr " ߷ \n" msgid "does not match - try again" msgstr "" diff --git a/po/eo.po b/po/eo.po index 0d1da4fa5..7820890c5 100644 --- a/po/eo.po +++ b/po/eo.po @@ -125,19 +125,31 @@ msgstr "forvi msgid "error writing key: %s\n" msgstr "eraro dum skribado de losilaro '%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Bonvolu doni la pasfrazon; tio estas sekreta frazo \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "ani la pasfrazon" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Bonvolu doni la pasfrazon; tio estas sekreta frazo \n" msgid "does not match - try again" msgstr "" diff --git a/po/es.po b/po/es.po index 2db2e5c38..7ab32a45a 100644 --- a/po/es.po +++ b/po/es.po @@ -144,16 +144,28 @@ msgid "error writing key: %s\n" msgstr "error escribiendo clave: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Por favor introduzca la frase contrasea para la clave ssh%0A %c" msgid "Please re-enter this passphrase" msgstr "Por favor vuelva a introducir frase contrasea" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Por favor introduzca una frase contrasea para proteger la clave " "secretarecibida%%0A %s%%0Aen el almacen de claves del agente gpg" diff --git a/po/et.po b/po/et.po index 1059b403b..a64b945d3 100644 --- a/po/et.po +++ b/po/et.po @@ -123,19 +123,31 @@ msgstr "v msgid "error writing key: %s\n" msgstr "viga vtmehoidlasse `%s' kirjutamisel: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Palun sisestage parool; see on salajane tekst \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "muuda parooli" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Palun sisestage parool; see on salajane tekst \n" msgid "does not match - try again" msgstr "" diff --git a/po/fi.po b/po/fi.po index aebee4e2f..e353f7130 100644 --- a/po/fi.po +++ b/po/fi.po @@ -139,19 +139,31 @@ msgstr "avainlohkojen poisto epäonnistui: %s\n" msgid "error writing key: %s\n" msgstr "virhe kirjoitettaessa avainrenkaaseen \"%s\": %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Ole hyvä ja syötä salasana, tämän on salainen lause \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "muuta salasanaa" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Ole hyvä ja syötä salasana, tämän on salainen lause \n" msgid "does not match - try again" msgstr "" diff --git a/po/fr.po b/po/fr.po index 0430294fd..c12a94605 100644 --- a/po/fr.po +++ b/po/fr.po @@ -132,19 +132,31 @@ msgstr "la lecture de la cl msgid "error writing key: %s\n" msgstr "erreur durant l'criture du porte-cls `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Entrez le mot de passe ; c'est une phrase secrte \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "changer la phrase de passe" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Entrez le mot de passe ; c'est une phrase secrte \n" msgid "does not match - try again" msgstr "" diff --git a/po/gl.po b/po/gl.po index 3442b9766..c55e0fbbe 100644 --- a/po/gl.po +++ b/po/gl.po @@ -123,19 +123,31 @@ msgstr "fallou o borrado do bloque de chaves: %s\n" msgid "error writing key: %s\n" msgstr "erro escribindo no chaveiro `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Por favor, introduza o contrasinal; esta unha frase secreta \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "cambia-lo contrasinal" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Por favor, introduza o contrasinal; esta unha frase secreta \n" msgid "does not match - try again" msgstr "" diff --git a/po/hu.po b/po/hu.po index 73362b26f..84913fd15 100644 --- a/po/hu.po +++ b/po/hu.po @@ -123,19 +123,31 @@ msgstr "A kulcsblokk t msgid "error writing key: %s\n" msgstr "Hiba a \"%s\" kulcskarika rsakor: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Krem, adja meg a jelszt! Ezt egy titkos mondat. \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "jelszvltoztats" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Krem, adja meg a jelszt! Ezt egy titkos mondat. \n" msgid "does not match - try again" msgstr "" diff --git a/po/id.po b/po/id.po index 22fa0171e..0afe33abb 100644 --- a/po/id.po +++ b/po/id.po @@ -128,19 +128,31 @@ msgstr "gagal menghapus keyblok: %s\n" msgid "error writing key: %s\n" msgstr "kesalahan menulis keyring `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Silakan masukkan passphrase; ini kalimat rahasia\n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "ubah passphrase" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Silakan masukkan passphrase; ini kalimat rahasia\n" msgid "does not match - try again" msgstr "" diff --git a/po/it.po b/po/it.po index 3c53ea229..0e8d7d76d 100644 --- a/po/it.po +++ b/po/it.po @@ -123,19 +123,31 @@ msgstr "cancellazione del keyblock fallita: %s\n" msgid "error writing key: %s\n" msgstr "errore scrivendo il portachiavi `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Inserisci la passphrase, cio una frase segreta \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "cambia la passphrase" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Inserisci la passphrase, cio una frase segreta \n" msgid "does not match - try again" msgstr "" diff --git a/po/ja.po b/po/ja.po index bed7e9b84..b7fd6935a 100644 --- a/po/ja.po +++ b/po/ja.po @@ -127,19 +127,31 @@ msgstr " msgid "error writing key: %s\n" msgstr "ء%sפνߥ顼: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "ѥե졼ϤƤ̩ʸϤΤȤǤ \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "ѥե졼ѹ" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "ѥե졼ϤƤ̩ʸϤΤȤǤ \n" msgid "does not match - try again" msgstr "" diff --git a/po/nb.po b/po/nb.po index 0629a135d..a74a5b3e4 100644 --- a/po/nb.po +++ b/po/nb.po @@ -127,19 +127,33 @@ msgstr "lesing av offentlig n msgid "error writing key: %s\n" msgstr "feil ved skriving av nkkelknippet %s: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Tast inn den nye passfrasen for denne hemmelige nkklen.\n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "endre passfrasen" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" +"Du trenger en passfrase for beskytte din hemmelige nkkel.\n" +"\n" msgid "does not match - try again" msgstr "" diff --git a/po/pl.po b/po/pl.po index bf7686118..6d7c21186 100644 --- a/po/pl.po +++ b/po/pl.po @@ -124,16 +124,28 @@ msgid "error writing key: %s\n" msgstr "bd zapisu klucza: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Prosz wprowadzi haso dla klucza ssh%0A %c" msgid "Please re-enter this passphrase" msgstr "Prosz ponownie wprowadzi to haso" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Prosz wprowadzi haso do zabezpieczenia odebranego klucza tajnego%%0A %s%" "%0A w miejscu przechowywania kluczy gpg-agenta" diff --git a/po/pt.po b/po/pt.po index fa5846490..a996d373a 100644 --- a/po/pt.po +++ b/po/pt.po @@ -126,19 +126,31 @@ msgstr "remo msgid "error writing key: %s\n" msgstr "erro na escrita do porta-chaves `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Por favor digite a frase secreta \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "muda a frase secreta" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Por favor digite a frase secreta \n" msgid "does not match - try again" msgstr "" diff --git a/po/pt_BR.po b/po/pt_BR.po index 0148ce353..e7f6384ae 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -130,19 +130,31 @@ msgstr "enumera msgid "error writing key: %s\n" msgstr "erro na escrita do chaveiro `%': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Por favor digite a frase secreta" #, fuzzy msgid "Please re-enter this passphrase" msgstr "muda a frase secreta" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Por favor digite a frase secreta" msgid "does not match - try again" msgstr "" diff --git a/po/ro.po b/po/ro.po index 224f2d94f..8a9c9cbdb 100644 --- a/po/ro.po +++ b/po/ro.po @@ -129,8 +129,20 @@ msgstr "citirea cheii publice a e msgid "error writing key: %s\n" msgstr "eroare la scrierea inelului de chei `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "" "V rugm introducei fraza-parol; aceasta este o propoziie secret \n" @@ -138,11 +150,12 @@ msgstr "" msgid "Please re-enter this passphrase" msgstr "schimb fraza-parol" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" +"V rugm introducei fraza-parol; aceasta este o propoziie secret \n" msgid "does not match - try again" msgstr "" diff --git a/po/ru.po b/po/ru.po index cab293780..92845b921 100644 --- a/po/ru.po +++ b/po/ru.po @@ -126,16 +126,28 @@ msgid "error writing key: %s\n" msgstr "сбой записи ключа: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Введите фразу-пароль для ssh ключа%0A %c" msgid "Please re-enter this passphrase" msgstr "Повторно введите фразу-пароль:" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Введите фразу-пароль для защиты принятого закрытого ключа%%0A %s%%0Aвнутри " "хранилища ключей gpg-agent" diff --git a/po/sk.po b/po/sk.po index 7ba6f2e46..9872a7e9c 100644 --- a/po/sk.po +++ b/po/sk.po @@ -126,19 +126,31 @@ msgstr "zmazanie bloku k msgid "error writing key: %s\n" msgstr "chyba pri zpise sboru kov (keyring) `%s': %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Prosm, vlote heslo; toto je tajn veta \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "zmeni heslo" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "Prosm, vlote heslo; toto je tajn veta \n" msgid "does not match - try again" msgstr "" diff --git a/po/sv.po b/po/sv.po index e5598161a..9d42bd9c4 100644 --- a/po/sv.po +++ b/po/sv.po @@ -147,16 +147,28 @@ msgid "error writing key: %s\n" msgstr "fel vid skrivning av nyckel: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Ange lösenfrasen för ssh-nyckeln%0A %c" msgid "Please re-enter this passphrase" msgstr "Ange denna lösenfras igen" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Ange en lösenfras för att skydda den mottagna hemliga nyckeln%%0A %s%%0Ai " "gpg-agents nyckellager" diff --git a/po/tr.po b/po/tr.po index 9bd4c56b5..9466e1407 100644 --- a/po/tr.po +++ b/po/tr.po @@ -124,16 +124,28 @@ msgid "error writing key: %s\n" msgstr "anahtarı yazarken hata: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Lütfen SSH anahtarı %0A %c için anahtar parolasını giriniz" msgid "Please re-enter this passphrase" msgstr "Lütfen bu anahtar parolasını tekrar girin" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "gpg-agent'in anahtar deposuna korumak için alınan gizli anahtar %%0A %s%%0A " "için lütfen anahtar parolası giriniz" diff --git a/po/zh_CN.po b/po/zh_CN.po index 2aebfd8eb..902646bfe 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -129,19 +129,31 @@ msgstr "无法读出公钥:%s\n" msgid "error writing key: %s\n" msgstr "写入钥匙环‘%s’时出错: %s\n" +#, c-format +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + #, fuzzy, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "请输入密码:这是一个秘密的句子 \n" #, fuzzy msgid "Please re-enter this passphrase" msgstr "更改密码" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" -msgstr "" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" +msgstr "请输入密码:这是一个秘密的句子 \n" msgid "does not match - try again" msgstr "" diff --git a/po/zh_TW.po b/po/zh_TW.po index 363ae0adf..6b035cca3 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -126,16 +126,28 @@ msgid "error writing key: %s\n" msgstr "寫入金鑰時出錯: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "請輸入此 ssh 金鑰的密語%0A %c" msgid "Please re-enter this passphrase" msgstr "請再次輸入密語" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "請輸入密語以保護收到的私鑰%%0A %s%%0A於 gpg-agent 的金鑰存放處" msgid "does not match - try again" diff --git a/tests/pkits/PKITS_data.tar.bz2 b/tests/pkits/PKITS_data.tar.bz2 deleted file mode 100644 index 687d504f6..000000000 Binary files a/tests/pkits/PKITS_data.tar.bz2 and /dev/null differ