You are not logged in.
- Topics: Active | Unanswered
#1 2014-12-18 09:48:22
- klaus246
- Member
- Registered: 2014-12-18
- Posts: 3
GnuPG update from 2.0 to 2.1 and old MD5-keys
Hi,
as you may know, there was recently an update for GnuPG from version 2.0.x to 2.1.
GnuPG 2.1. does not support MD5-based keys anymore, see https://gnupg.org/faq/whats-new-in-2.1.html.
This is good in principle, but unfortunately I need backward compatibility for multiple MD5-based public keys at work, which is not supposed to change any time soon.
What is the best solution? At the moment I'm holding version 2.0.26-1, but this way I won't get any security fixes anymore 
Thx for suggestions, Klaus
Offline
#2 2014-12-18 10:44:42
- ball
- Member
- From: Germany
- Registered: 2011-12-23
- Posts: 164
Re: GnuPG update from 2.0 to 2.1 and old MD5-keys
Is version 1.4.18 an option for you? It is considered stable and still recieves fixes. See the AUR.
Last edited by ball (2014-12-18 10:46:00)
Offline
#3 2014-12-18 11:04:47
- klaus246
- Member
- Registered: 2014-12-18
- Posts: 3
Re: GnuPG update from 2.0 to 2.1 and old MD5-keys
I'd rather like staying at Version 2.0 (GnuPG "stable") instead of 1.x ("classic")... see https://www.gnupg.org/download/
But as far as I can see it, there is no AUR package for version 2.0 yet. If I manage to get some time over christmas, I might try to create one (altough I never created one before).
I don't really like the idea of gettin my gnupg from the AUR, but it seems there is no other solution, is it?
Offline
#4 2014-12-20 13:58:17
- ball
- Member
- From: Germany
- Registered: 2011-12-23
- Posts: 164
Re: GnuPG update from 2.0 to 2.1 and old MD5-keys
Well, you can install "classic" alongside "modern" whereas you'll have to deinstall "modern" if you choose to install "stable".
Also, Arch (i.e. pacman) makes use of GnuPG and only supports the version in the official repositories. So using "stable" might get you into trouble somehow (but not necessarily...). But if you install "classic" you can use that for your MD5-keys and still don't have to worry about breakage.
That being said, there is no problem with installing software from the AUR -- IF you check the PKGBUILD yourself in order to make sure that only the stuff you want gets downloaded and installed.
Last edited by ball (2014-12-20 14:01:56)
Offline
#5 2015-01-08 09:27:49
- klaus246
- Member
- Registered: 2014-12-18
- Posts: 3
Re: GnuPG update from 2.0 to 2.1 and old MD5-keys
So I decided to do your solution and install GnuPG1 from the AUR and let pacman do the updates for the regular installed GnuPG.
It works fine, all I had to do is to change the GnuPG path in the settings of Enigmail to /usr/bin/gpg1.
Thx for your help! (Unfortunately I don't know how to mark this thread as solved )
Offline
#6 2015-01-08 14:20:46
- fsckd
- Forum Fellow
- Registered: 2009-06-15
- Posts: 4,173
Re: GnuPG update from 2.0 to 2.1 and old MD5-keys
(Unfortunately I don't know how to mark this thread as solved
Glad the solution works for you. 
Directions for marking the thread as [SOLVED] is in the "How to Post" section of the Forum Etiquette: https://wiki.archlinux.org/index.php/Fo … ow_to_post.
aur S & M :: forum rules :: Community Ethos
Resources for Women, POC, LGBT*, and allies
Offline