A site devoted to discussing techniques that promote quality and ethical practices in software development.

Wednesday, December 26, 2012

Cavaet in using KGpg in Ubuntu

After I have discovered KGpg as a suitable replacement of GPA, I ran into some rather strange now-you-see-it-and-now-you-don't-see-it situation.

I have also discovered many posts complaining that KGpg does not appear to run. KGpg is a KDE application and it turns out that after the first execution, the default behaviour in any subsequent invocation is to minimise to system tray.

System Tray in Ubuntu is different from that in KUbuntu and its subsequent default start up mode gives the illusion that the program fails to run. It is running OK except that it has been minimised to system tray.

Hence after configuring your KGpg for the first time, you will not see it any more in Ubuntu. Not even if you reinstall it.

This is because KGpg writes the settings to this file:

and uninstallation does not remove this file.

If you invoke KGpg in Ubuntu and does not see its window showing up, do this:

1) Use System Monitor to terminate the KGpg process, if it is running.

2) In the Terminal, type:
gedit  ~/.kde/share/config/kgpgrc

to edit the configuration file

3) In the [User Interface] section add the following line:

4) Save the file and restart Kgpg.

During the first installation of KGpg, you can change the default not to use system tray icon in Settings > Config KGpg > Misc > Applet & Menus. If you have forgotten to do it in that phrase, you then need to edit the configuration settings manually as shown above.

Tuesday, December 25, 2012

Using a second disk drive in Ubuntu and auto-mounting it

Recently, I added a second disk (virtual) to my Ubuntu 12.04 and now I want to make that disk auto-mount when I log on.

When you create additional disk drive using the "Disk Utility" tool, it adds that volume name to Nautilus. Depending on how one prepares that disk drive or partition, you may have trouble making it auto-mount; you can open Nautilus and click onto that drive to mount it. But it will not auto-mount.

There are several ways to make that partition auto-mount. However, most of these only works when the drive has a partition.

It turns out that in Linux, when you prepare a disk drive, it is not necessary to have a partition of sort. You can simply have a volume formatted with the right type and you can use it.

If you do not have a partition on that drive like this one:
Program such as Pysdm will not be able to configure it.

You can use udisks to mount the device on per-users basis by defining it in the "Start up Applications", like this:

/usr/bin/udisks --mount /dev/disk/by-uuid/4746946c-1cb1-404a-a74b-4a59cb248df2

This is the technique that I have chosen as I am happy to auto-mount it on per-users basis.

If you have a need to auto-mount a disk drive on a system-wide basis, make sure when you prepare that disk to:
  1. Create a partition
  2. Format that partition and assigned a Volume name to it
  3. When you use Pysdm, it will report that this device has not been configured and proceed to configure it.
  4. The name for this partition is actually the mount point name and make sure you use the Volume name otherwise it will create two entries in the /media directory when this device is mounted. This can be confusing.
Once Pysdm has configured this device, you can choose to auto-mount it and it will be mounted with the start of the system.

In search of GPA replacement in Ubuntu continues ...

Since Ubuntu 11.10 onwards have declared GPA not supported, I have been in search of ways to use GPA and have found several schemes:
  1. Running old GPA at with root access and 
  2. Emacs with its plug-in 
Now, I believe I have found a third one which provides a very convenient GUI facility to encrypt and decrypt clipboard data as well as files and is also supported in Ubuntu 12.04.

Testings with KGpg, one of the front ends listed in GnuPG that is available for installation via Ubuntu Software Centre, indicate that it lives up to the expectations and does not required to use any tricks, such as root access or via an editor.

It is just a front end to the GnuPG installation standard to Ubuntu. Hence you can use "Passwords and Keys" to manage the keys or to use KGpg's user-interface. They share the same private and public key stores.

So far I am very happy with this front end and hopefully it will be supported in future version of Ubuntu.

Wednesday, December 12, 2012

Using Gpg in Ubuntu 12.04 - replacement of GPA

Ever since I migrated from Ubuntu 11.04 upwards, I have lost the use of GPA and can only use it with super user privilege.

While that works very nicely it creates the ~/.gnupg directory with root ownership preventing other gnupg program, such as Seahorse, from accessing the keys. Seahorse does not even report access problem. It simply does not work well leaving the user oblivious of the underlying problem.

In the past, one can rely on the Encryption plugin for gedit to perform the encryption and decryption operation. But that is not supported in Ubuntu 12.04.

In search for some graphical means to encrypt and decrypt data on clipboard, I believe I have managed to connect all the dots to form a feasible solution. Here are the ingredients:
  1. Instead Seahorse (I used Synaptic Package Manager)
  2. Once installed, use Seahorse to import your private and your friends' keys.
  3. Make sure gnupg2 and gnupg-agent are installed.
  4. Install Emacs - either from the Ubuntu Software Centre
  5. Use Synaptic Package Manager to install easypg, an Emacs plug-in or from here.
Before one uses easypg, one needs to be aware that there is reported potential vulnerability. The combination of easypg and gnupg also throw up some curly configuration arrangement on caching the passphrase.

If you are decrypting material for the first time, the program will prompt for the passphrase and on its graphical dialog box, you can use Details link to open up the dialog box to reveal treatments of the passphrase allowing you to specify how long the passphrase can be discarded. Unfortunately there is no option to discard once used.

Now you are ready to perform the GnuPG operations using Emacs.

For those new to Emacs, here is a brief introduction materials on how best to use Emacs for encryption and decryption of materials via the clipboard:
  1. Open Emacs
  2. Use Buffers | *scratch* to switch into the scratch buffer so that what you type or paste into does not get saved into a file. In Emacs even if you do not explicitly save a file, the content is written to a form of temporary file whose name formed from the given file name. Something you want to avoid.
  3. Type your plain text or paste the cipher text into the buffer.
  4. Select the entire text block. (Use Edit | Select all).
  5. Then use Tools | Encryption/Decryption to bring up the sub-menu.
  6. Select Encrypt Region or Decrypt Region depending on your need at this time.
  7. If it is to encrypt the region, it will open up a split window on the bottom showing you brief instructions and a list of keys managed by Seahorse.
  8. Use Tab key to navigate to the key list, then press m to select and u to deselect the key.
  9. Once the keys are selected, click OK to perform the encryption and follow the prompt.
  10. If it is to decryption, it will prompt you for your passphrase and then it will cache it.

Blog Archive