GPG / pin-entry passphrase / mantra too long (limit now 22 chars)

I was wondering why the gpg pass-phrase (german trans.: Mantra) is now limited to 22 chars (tested with gtk. For ncurses this may vary slightly) and if there is a workaround available?
As I understand pin-entry (a helper  that passes the password to the gpg-agent) is now mandatory and not replaceable any longer. But if I try to use gpg, I  get the error message:
passphrase too long / (Ger: Das Mantra (Passphrase) ist zu lang!)
http://virtualhorde.com/MEDIA/mantraTooLong.jpg
According to the gpg manual this limitation should not exist (and is also insecure):
gpg manual wrote:"There is no limit on the length of a passphrase, and it should be carefully chosen. From the perspective of security, the passphrase to unlock the private key is one of the weakest points in GnuPG (and other public-key encryption systems as well) since it is the only protection you have if another individual gets your private key. Ideally, the passphrase should not use words from a dictionary and should mix the case of alphabetic characters as well as use non-alphabetic characters. A good passphrase is crucial to the secure use of GnuPG."
Also the responsible source-code is not inspiring confidence (call-pinentry.c) (no mlock or zeroing):
static gpg_error_t
getpin_cb (void *opaque, const void *buffer, size_t length)
struct entry_parm_s *parm = opaque;
if (!buffer)
return 0;
/* we expect the pin to fit on one line */
if (parm->lines || length >= parm->size)
return gpg_error (GPG_ERR_ASS_TOO_MUCH_DATA);
/* fixme: we should make sure that the assuan buffer is allocated in
secure memory or read the response byte by byte */
memcpy (parm->buffer, buffer, length);
parm->buffer[length] = 0;
parm->lines++;
return 0;
Without further investigation I would assume that the (short/insecure) pass-phrase is copied without any precautions in memory.
(Edit: fixed typos )
-- mod edit: read the Forum Etiquette and only post thumbnails http://wiki.archlinux.org/index.php/For … s_and_Code [jwr] --
Last edited by yousry (2014-12-25 13:13:04)

Leonid.I wrote:When do you see this warning? My passwords are 23+ characters and I have not encountered such warning...
I was in a hurry yesterday, so I most likely miscounted the number of asterisks in the password dialog. I think the maximum passphrase length is 99 characters.   
To clarify my problem I would like to explain it with following example:
Imagine you have created a keyring with application keys, shop keys and server-certs several years ago and encrypted it with following passphrase:
"My pet T-Rex sucked at my bones during the 8 o'clock 0pera performance of my cat which was also a great success."
(A more or less memorable sentence because it is visualizable/unusual)
If you have recently updated gnugp to version 2.1.1 and now try to sign a new version of one of your applications, you will get an error message during keyring unlocking, stating that your passphrase or (ger.) Mantra is to long.
Is there an alternative to compiling and installing a previous version of GnuGP?
The problem can be reproduced with following snippet:
# Backup your keyring
$ mv .gnupg gnupg_bak
# create a new (pub/private) key.
$ gpg --full-gen-key
# I'm choosing the default encryption
gpg: directory '/home/yousry/.gnupg' created
gpg: new configuration file '/home/yousry/.gnupg/gpg.conf' created
gpg: WARNING: options in '/home/yousry/.gnupg/gpg.conf' are not yet active during this run
gpg: keybox '/home/yousry/.gnupg/pubring.kbx' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
# On modern CPUs you can use the maximum key size
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
# The key should expire after one year
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Sat Dec 26 07:51:28 2015 CET
Is this correct? (y/N) y
# Now you are asked for your personal data
GnuPG needs to construct a user ID to identify your key.
Real name: Max Muster
Email address: [email protected]
Comment: Not a real email adress.
# If your input was OK you can create the key:
You selected this USER-ID:
"Max Muster (Not a real email adress.) <[email protected]>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
# A password dialog appears
# Let's say we use following passphrase (generated for easy counting purposes):
aaaaaaaaaa1111111111----------bbbbbbbbbb2222222222----------cccccccccc3333333333----------dddddddddd
You will get the error message: "Pass Phrase too long."

Similar Messages

  • I've stuck with Entourage way too long. Now I don't dare install the Mavericks OS because all my Entourage files will go away. And my iMac won't open Mac Mail (probably because I've never opened it in the 5 - 6 years I've owned the Mac.) Any suggestions?

    I've stuck with Entourage way too long. Now I don't dare install the Mavericks OS because all my Entourage files will go away. And my iMac won't open Mac Mail (probably because I've never opened it in the 5 - 6 years I've owned the Mac.) Any suggestions?

    If you are wondering why you are not getting any responses, it is because you have vented a complaint without any details that make any sense or give anyone something to work on.
    If you want help, I suggest actually detailing what has happened, with versions of software etc. Anything that would let us assist.
    As a start I am guessing that you have not really got the hang of "How it all works". Firstly download the Pages09_UserGuide.pdf from under the Help menu. Read that and view the Video Tutorials in the same place. A good addition would be the iWork 09 Missing manual book and something to help you learn how to use your Mac.
    If there are specific tasks you need help with:
    http://www.freeforum101.com/iworktipsntrick/index.php?mforum=iworktipsntrick
    Is a good resource.
    Peter

  • I shut down when an upgrade was taking too long yesterday, now Itunes will not open today

    I shut down when an upgrade was taking too long yesterday, now Itunes will not open today

    Hello James,
    Thank you for using Apple Support Communities!
    From what you are describing, I have 2 recommendations. First, troubleshoot for 3rd party plugins that may be causing an issue after the interrupted update:
    iTunes: Troubleshooting issues with third-party iTunes plug-ins
    http://support.apple.com/kb/TS3430
    If the issue persists after followign the article, I would next download iTunes from the download page, and install it.
    http://www.apple.com/itunes/download/
    Take care,
    Sterling

  • My iPod was updating to iOS 6 and i shut it off during the update because it was taking too long and now my screen in baby blue i've tried to drain the battery but when i plugged it in to charge the blue screen came back on.I dont know what to do

    My iPod was updating to iOS 6 and i shut it off during the update because it was taking too long and now my screen in baby blue i've tried to drain the battery but when i plugged it in to charge the blue screen came back on.I dont know what to do

    Try:
    - iOS: Not responding or does not turn on
    - If not successful and you can't fully turn the iPod fully off, let the battery fully drain. After charging for an least an hour try the above again.
    - If still not successful that indicates a hardware problem and an appointment at the Genius Bar of an Apple store is in order.

  • Literal too long when 4000 chars

    I get an error that literal too long when trying to insert a record to a clob or varchar2 field when the string is over 4000 chars.
    How to resolve this problem. I'd like to be able to treat this insert the same as all other inserts rather than make a special case out of it so no special processing would be needed.
    The application reads from an html form textarea and inserts the value of the text area along with the other fields of the form to a database.

    Hi,
    The maximum length of VARCHAR2 data is 4000 bytes.
    You can't store more than 4000 bytes in varchar2 column.
    CLOB can store upto 4GB of data.
    You can check the LOB Datatype sample for details on how to insert data into CLOB.
    The sample is located at
    [url http://otn.oracle.com/sample_code/tech/java/sqlj_jdbc/files/advanced/LOBSample/LOBSample.java.html] LOB Datatype source
    Check the loadSamples method which shows how to insert data into CLOB using empty_clob() method.
    Hope this helps.
    For furthur clarifications please post your question at
    [url http://forums.oracle.com/forums/forum.jsp?forum=75]SQL and PL/SQL Forum
    Regards,
    Anupama
    [url http://otn.oracle.com/sample_code/content.html]OTN Sample Code[url ]

  • Spam report thread too long by now?

    The present Spam report thread [4] was initiated over a year ago when the old thread was 190 messages long, because "...the previous thread ... has served its purpose but is getting too long to be read comfortably on mobile devices". Well, the present thread has well exceeded that mark, as it was 422 messages long at the time I started to write this message.
    Wouldn't it be time to let the present thread rest in peace by the same argument that led to the closing of the previous one? Not that I use mobile devices to visit these forums, but...

    The idea of closing Spam threads when they get too long and replace them by brand new ones is not mine. As I said in my opening message here, it was the official argument for closing the [3] Spam thread when it was 190 messages long. Well, the [4] Spam thread got 422 messages long and there was no official reaction, so I opened this thread to find if this was just an oversight.
    A few days later, the [4] Spam thread was archived (and therefore closed) for reasons that were never explained, and a replacement one was no opened, so I tentatively opened a new one, the present [5] version, explaining my reasons for doing so:
    http://forums.adobe.com/thread/837370?tstart=0
    Now the [5] Spam thread is 476 messages long (at the time of writing this), and it has not been closed, archived or replaced, so I don't think any participant should open a replacement one. This should be done officially by someone with the power to close the present version.
    On the other hand, if the reason given for closing the [3] version is no longer valid, and the length of Spam threads has no importance whatsoever, I think this should be clearly stated. As I access the forums through browsers, the length of the threads does not affect me in the least, and I have no idea if it affects participants accessing the forums by other means.

  • What do I do if I sent a message that was too long and now my iMessage will not work.

    So I sent really long message on iMessage using an itouch 4g to an iPhone 4. At first both our iMessage accounts were frozen, but she got hers back and now I am recieving her messages but I can't view them or respond or even delete the conversation to start a new one...

    I have the same Probalem also !
    I tried everything
    -turning off my iPod n ipad
    -turning off iMessage n turning it back on again
    -changing my DNS
    -checking my mail
    ALl of it didn't work help me pls

  • I pressed command d when starting my macbook air but i pressed it for too long and now it is searching for something? heeelp please!!!!

    pleeeasee help!!! i dont know what to do! at first, i was just cleaning my macbook keyboard and i pressed something that changed keyboard language, but i checked everything and it all said that everything was alright, later, i turned off macbook- in hope that when i turned it on, everything would be normal, but then,  i couldn't even sing in my account  because i had a password set on it, and every time i try typing the password it types something completely different, and then, i read a post, that in cases like this, we should press command+d while the computer is turning on, and let release the keys as soon as i see grey screen. BUT (i am so dumb) that i pressed it longer... and now, i don't know what it is doing, but i's telling me to choose network, but when i am trying to choose it, and  write the password, it doesn't do  anything! pleasee help me somehow!!!

    It is easy to change the keyboard language by pressing apple/command plus space.
    What other keyboards besides US did you have activated on your machine?

  • File communication channel issue : object name too long

    Hi Experts,
    My requirement is to place the successful files in folder and un-successful files in one folder after processing.
    we used parameterized mapping to achieve this requirement.
    I'm facing below issues, please help me to resolve.
    " An error occurred while connecting to the FTP server. The FTP server returned the following error message: 'com.sap.aii.adapter.file.ftp.FTPEx: 501 Unexpected reply codeSpecified object name too long, limit is 10 characters: $Filepath_Su.'. For details, contact your FTP server vendor.
    As per my understanding it is not taking the path specified,because of length issue.
    Please send me your valuable inputs and help me.
    Thanks in advance for your help.
    Regards
    Bhargava Krishna

    Hello,
    By loking ur error description, it's quite evident that it's a FTP sever issue?
    Sometime on FTP server, there is a check which is enabled to limit the length of file names, and i think the same has been recently implemented on ur FTP server. So instead of changing ur config, check with ur FTP admin.
    Tested the same after tweaking existing FTP server settings.
    Thanks
    Amit Srivastava

  • Destination file characters too long (File names) , while copying from one external to another

    I have a external my book fat32 formated and a new mybook ntfs formated external as well.  Now when I copy my files from the fat32 to the ntfs external all files copy fine but some give that destination location file characters are too long, meaning that the file names are too long.  Now I could change the file names but that would conflict with programs that need that file name.  I am using vista ultimate and would like to copy all the files over from the fat32 to ntfs so I can reformat the fat32 to ntfs.  The files got on the ntfs from a simple drag and drop from my IDE NTFS internal hard drive.
    I hope you guys to tell me what to do.
    Thank you :)

    Here's the fix....for error message "your file name is too long to be copied, deleted, renamed, moved" :
    1.   problem is this: the "file name" has a limit on number of characters.....the sum of characters really includes the entire path name; you gotta shorten it first (i.e, if the total number of characters in the file name + Path name are over the
    limit, the error appears).  The deeper your file folder sub levels are, the more this problem will come up, especially when you copy to a subfolder of a subfolder/subfolder of another path ...adds to character limit)
    2.  How do you know which combined file names + path names are too long if  you are in the  middle of a copy operation and this error pops up?  Some files copied but the "long files error message" says "skip" or "cancel" ... but not which
    files are the "too long" ones.  If you hit "skip" or "cancel" the "too long" files are left behind...but are mixed in with non-offender "good" "short name" files.   Sorting thru 1000s of "good" files to find a few "bad" ones manually is impractical.
    3.   Here's how you sort out the "bad" from the "good":
    4.    Let's say you want to copy a folder ..."Football" ...that has five layers of subfolders; each subfolder contains numerous files:
      C:/1 Football / 2 teams/ 3 players/ 4 stats/ 5 injuriessidelineplayerstoolong 
           There are five levels root "1 football" with subfolders  2, 3, 4 and lastly "5 injuries"
    5.    Use "cut" and "paste"  (for example to backup all five levels to a new backup folder):
           select "1 football" ....cut....select target folder....paste 
           ("cut" command means as the files are copied to the target destination, the file is deleted from the source location)
          Hint: avoid "cut" and "paste" to a target folder that is itself a sub/sub/sub folder ...that compounds the "characters over the limit" problem ...because the characters in the sub/sub/sub folder are included in the "file name
    character limit"...instead "paste" to a C:/ root directory.
           Suppose in the middle of this operation...error pops up: "5 files have file names that are too long"  Skip or cancel?
           select "skip"  ...and let operation finish
    6.    Now go back and look at the source location: since the software allows only the "good" "short name" files to be copied (and because you "skipped" the "bad" "Long name" files so they are not copied or deleted) ...all that remains
    in the source location are the "bad" "long name files" (because "good" ones were deleted from the source location after the "cut" operation...the bad ones stick out like a sore thumb.
    7.   You will find ....all that remains in source folders are: the "bad" "too long" files; in this example the "bad" file is in level 5:
          C:/ 1 football / 2 teams /3 players /4 stats /5 injuriessidelineplayerstoolong
    8.   select folder 5 injuriessidelineplayerstoolong (that's right...select folder, not file) gotta rename the folder first.
    9.  hit F2 rename folder..folder name highlighted...delete some of the letters in the folder name:
           like this:   5 injuriessidelineplayers  ....you should delete 'toolong'....from the folder name
    10.  then go into folder 5....and do the same operation ...with the too long file name:
            hit F2 rename file....file name hightlighted...delete some of the letters
               like this:  injuriessidelineplayers.....you should delete 'toolong' from the file name
    11.  Now..."cut and paste"  the renamed file to the target backup folder.  
    The Error message will pop up again if you missed any "bad" files....for example, it will indicate "5 files too long" ....then repeat process 5 times until you fix all of them
    12.     Finally, copy the target destination files back to the source location (when you are certain all source location file folder locations are empty) 

  • Manage data element UMBSZ in Material Record : Entry too long

    Hello
    I would like to manage alternatives units of measure with a Numerator defined in more than 5 digits, in the material master record (transactions MM01, MM02).
    For example :
    A material with a base unit of measure = ST (Items) : view Basic data 1 of the material master record
    and the same material must be managed in Pallet : 1 Pallet = 150000 ST
    So In additionnal data of the material master record we must assign 1 Pallet (fields UMREN + MEINH) for 150000 ST (fields UMREZ + MEINS) 
    but when i assign 150000 in the field UMREZ i have the error message
    Entry too long (enter in the format __.___)
    Message no. 00089
    In fact The Field UMREZ is defined as DEC, Length = 5 and Decimal Places = 0
    So what could be the Solution? Is it possible to managed this field with more than 5 digits? Is it possible to do something in the transaction CUNI?
    Thank you for your answers
    Best Regards
    Manuel

    Did you find a solution for this?

  • Geeting error when select UoM BOX- entry is too long

    Hi ,
    While creating SC , using F4 Unit of measurement , when selected BOX,
    system gives entry too long error message.
    Please suggest , how we can  rectify this,
    Thank you
    Nilesh

    Did you check the following OSS note...OSS Note 1474124?

  • SD: entry is too long; format is _-_

    Hi guys,
    I got this message 'entry is too long; format is -' as I wanted to enter the material (3000-342) when creating a sales order (VA01). Does somebody know how to resolve this problem? Thanks a lot.
    Edited by: suntongmei on May 19, 2011 7:13 PM

    hi ,
    The attribute to be bound can be of type STRING or STRING_TABLE. With STRING_TABLE rows from TextEdit are stored as table rows. A line break is always stored as a line feed in a STRING (CL_ABAP_CHAR_UTILITIES=>NEWLINE, ASCII decimal 10). The Web Dynpro framework carries out the conversion for the client platform.
    Note that a string to be displayed in TextEdit, must only use a line feed as a line break.
    refer this online help :
    http://help.sap.com/saphelp_nw70ehp1/helpdata/en/06/45ee412e5e6324e10000000a1550b0/content.htm

  • Scripts run too long. Can I set limit?

    On some websites I get the firefox msg that a script is running too long and do I want to stop it. I would like to shorten the time it take to give me that message.
    http://www.wunderground.com/wundermap/?lat=37.78558731&lon=-122.43565369&zoom=13&pin=San%20Francisco%2c%20CA
    is a case where it happens frequently

    See:
    * http://kb.mozillazine.org/dom.max_script_run_time
    To open the <i>about:config</i> page, type <b>about:config</b> in the location (address) bar and press the "<i>Enter</i>" key, just like you type the url of a website to open a website.<br />
    If you see a warning then you can confirm that you want to access that page.<br />

  • Cannot delete file: filename too long

    Sometime ago, I made a copy of a hierarchy of folders under my "Users" folder to another drive as a quick backup. I no longer need this copy of folders and files. So when I tried to delete these files I got a message that some filenames are too long. When
    I look at these files they mostly seem to be part of Internet Explorer temp directory, and also some files used by Mozilla Thunderbird, so they were likely created by these utilities on purpose. I cannot rename them to shorter names, or even move them to lower
    folders. I can't even copy their filenames to show you what these filenames are! When I use the DOS prompt's "dir /x" command these files do not even have any 8.3 short filenames either, which I could've used to delete them with. There are over 400 of these
    files!
    I know what the problem is, the Windows OS has a limit of somewhere around 250 characters for filenames and complete pathnames. I've seen some utilities advertised saying that they can delete these files, but they all require money. Anything that's free?
    Yousuf Khan

    Hi,
    It is just for testing. It is good since the files can be deleted in Linux.
    However, if you don't have Linux, it needs to find the way to delete the files under Windows.
    Since the files are located in Internet Explorer temp directory, you could use Disk Cleanup to clear the Temporary Internet Files.
    Also, check if the following KB is helpful. It has several methods. Go to check if 8.3 name creation is disabled.
    http://support.microsoft.com/default.aspx?scid=kb;en-us;320081
    Best Regards,
    L.S
    Regarding it being in the Internet Explorer temp directory, it actually wasn't. Remember I said in the original posting that this was in a backup directory of these directories, so Disk Cleanup has no way of knowing that this belongs to Internet Explorer
    or anything else. Also there was a Thunderbird directory having the same issues as well, which Disk Cleanup wouldn't have touched no matter what.
    Okay, I checked out the state of the filesystem registry. The "NtfsDisable8dot3NameCreation" entry in the "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem" is set to non-zero, meaning the feature is in effect. Interestingly it was set to 2
    rather than 1, but I doubt that makes a difference.
    Even if I disable this feature right now, all previously created files still won't be assigned the 8.3 filenames, just only those files that are newly created will have the 8.3 filenames available.
    Yousuf Khan

Maybe you are looking for