[ic] GPG Encryption

John Breen interchange-users@interchange.redhat.com
Fri May 31 01:18:01 2002 

Running IC on Debian here, we kept getting similar messages trying to 
use GPG/PGP.  The issue we had seems to be that the interchange process 
is actually run by root and then suid to interchange, so the GPG keys 
needed to be set up for root, BUT the interchange user needs to be able 
to access the relevant folders and to be able to WRITE to them.

It seems a slightly less than optimal solution, but....

Cheers,

John Breen

>
>>see if this helps 
>>http://interchangeville.com/forum/viewthread.php?tid=8
>>
>>
>>----- Original Message -----
>>From: "Dane Morgan" <danemorgan@earthlink.net>
>>To: <interchange-users@interchange.redhat.com>
>>Sent: Wednesday, May 29, 2002 8:24 AM
>>Subject: [ic] GPG Encryption
>>
>>
>>>I have scoured the archives of this list and still can not get this
>>>thing
>>>going.
>>>
>>>Her is the error I am getting
>>>gpg: Warning: using insecure memory!
>>>gpg: /home/cpanel/.gnupg/secring.gpg: can't create keyring: 
>>>Permission denied
>>>gpg: keyblock resource `/home/cpanel/.gnupg/secring.gpg': file open
>>>error
>>>gpg: /home/camohut/.gnupg/pubring.gpg: can't create keyring:
>>>
>Permission
>
>>>denied
>>>gpg: keyblock resource `/home/camohut/.gnupg/pubring.gpg': file open 
>>>error
>>>gpg: orders@camohut.com: skipped: public key not found
>>>gpg: [stdin]: encryption failed: public key not found
>>>
>>>Here is how I am set up.
>>>
>>>in catalog.cfg
>>>
>>>#CreditCardAuto     Yes
>>>EncryptProgram   __ENCRYPTOR__
>>>EncryptKey       __PGP_KEY__
>>>
>>>Route main  <<EOF
>>>        attach            0
>>>        credit_card       1
>>>        default           1
>>>        email             '__ORDERS_TO__'
>>>        encrypt           0
>>>        errors_to         '__ORDERS_TO__'
>>>        pgp_cc_key        "__PGP_KEY__"
>>>        pgp_key           "__PGP_KEY__"
>>>        receipt           etc/receipt.html
>>>        report            etc/report
>>>        supplant          1
>>>        individual_track  orders
>>>        track             logs/tracking.asc
>>>EOF
>>>
>>>In variables
>>>ENCRYPTOR
>>>
>>        /usr/bin/gpg --no-default-keyring --always-trust --keyring
>>
>>>/home/camohut/.gnupg/pubring.gpg -e -a --batch -t -r '%s'
>>>PGP_CC_KEY      orders@camohut.com
>>>PGP_KEY             orders@camohut.com
>>>ORDERS_TO        orders@camohut.com
>>>
>>>
>>>I used the following command in SSH
>>>
>>>Do I need to ask my host to change the permissions on the pubring.gpg
>>>
>>file?
>>
>>>is this a security issue if I do? Any info, sugestions pointers for
>>>where
>>>
>>to
>>
>>>head next are appreciated.
>>>
>>>A second issue is that when I turn on CreditCardAuto i get the error
>>>that
>>>
>>IC
>>
>>>can not determing the expiration date.
>>>
>>>Thanks,
>>>Dane Morgan
>>>camohut.com
>>>
>>>_______________________________________________
>>>interchange-users mailing list 
>>>interchange-users@interchange.redhat.com
>>>http://interchange.redhat.com/mailman/listinfo/interchange-users
>>>
>>_______________________________________________
>>interchange-users mailing list 
>>interchange-users@interchange.redhat.com
>>http://interchange.redhat.com/mailman/listinfo/interchange-users
>>
>
>_______________________________________________
>interchange-users mailing list interchange-users@interchange.redhat.com
>http://interchange.redhat.com/mailman/listinfo/interchange-users
>_______________________________________________
>interchange-users mailing list
>interchange-users@interchange.redhat.com
>http://interchange.redhat.com/mailman/listinfo/interchange-users
>
>.
>