[pkg-gnupg-maint] Bug#834399: Bug#834399: gnupg: gnupg2-bases gpg breaks Gajim

Werner Koch wk at gnupg.org
Tue Aug 16 08:36:29 UTC 2016


On Mon, 15 Aug 2016 10:39, tg at mirbsd.de said:

> (Replacing gpg by gnupg2 is about as bad an idea as replacing
> python by python3 in some distros was. Don’t do it, or make it
> selectable by update-alternatives at least. gnupg2 is a different
> software, and even upstream says it doesn’t replace gpg, both have
> different use cases. Scripts, especially, will want an isolated

GnuPG 2 has been released 13 years ago and is used by a couple of large
Debian based installations for more than a decade.

What upstream (mostly meaning me) says about gpg 1.4 is: It might be
easier to install on server systems and easier to build on some old Unix
systems.

Since the release of 2.1 the only valid use case for 1.4 are some
non-POSIX systems (VMS), very old Unix systems, and for those users who
still need to use their old (insecure) PGP-2 keys.

Assuming that you are not using systemd, I would strongly suggest not to
start gpg-agent by hand but let gpg et al start it on demand.  The only
valid reason to start gpg-agent by hand is to use the ssh-agent
component.  Do this with with either 

  gpgconf --launch gpg-agent

or if you want to make sure to have the right envvars for ssh:

  gpg-connect-agent updatestartuptty /bye


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
 /* Join us at OpenPGP.conf  <https://openpgp-conf.org> */



More information about the pkg-gnupg-maint mailing list