Re: GPG memory is not secure.
Hi,
> On Tue, 19 Aug 2014 21:49, pentakonix@openmailbox.org said:
>> I know the product is not support under Debian / kFreeBSD but i would
try :
That will be interesting; it is surprising that some applications work
on GNU/kFreeBSD although the developer didn't try it.
>> gpg: WARNING: using insecure memory!
>> gpg: please see http://www.gnupg.org/faq.html for more information
This is normal with kFreeBSD 8 or 9 (in squeeze/wheezy). Just be
careful that if you have any swap devices configured, sensitive data
could be written to them.
>> gpg: no valid OpenPGP data found.
That is probably an error being experienced by the installer.
On 19/08/14 22:41, Werner Koch wrote:
> The reason for that warning is that the mlock() call failed to mark a
> couple of memory pages as non-swapable.
>
> [...] I am
> not sure about the current status on BSD kernels and frankly I tend to
> ignore the warning or use no-secmem-warning in my gpg.conf. Encrypted
> swap is anyway a better protection.
kFreeBSD 10 (in jessie/sid) or later allows unprivileged users to
mlock() a small amount of memory, and IIRC that warning has gone away.
If encrypted disks or swap are desired, Debian GNU/kFreeBSD wheezy
supports geli(8) (in Debian package "geom"), but it must be configured
manually (it isn't supported yet in the installer).
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to: