ReGPG::Login supports object-oriented style as well as script style.
ReGPG::Login has a HTTP Basic authorization convenience helper.
regpg dnssec subcommand that provides wrappers for the BIND
dnssec-settime programs, to make it more
convenient to work with encrypted DNSSEC private keys.
Introduce ReGPG::Login, a Perl module to load partially-encrypted login credentials. It uses the storage layout that I have set up for the DNS systems at Cambridge.
Bugs: I have not yet fixed the Makefile to install it properly, nor written any tests.
Explicitly tell OpenSSL to use SHA-256.
I have not managed to find a version of OpenSSL that does not use SHA-256 (I checked 1.0.1 and 1.1.0 and 1.1.1) so this is effectively a no-op, but it might be useful for people stuck on ante-diluvian versions.
Minor test suite fixes for RHEL 7.
Attempt to work around
gpg2 reliability problems. The Ansible
plugins will run
gpg1 if it is available (since it is more
gpg2) and re-run
gpg2 if it looks like there was a
Python 3 compatibility for the Ansible plugins.
gpg2 format key IDs. When listing key IDs,
gpg adds a prefix indicating the algorithm and key size, separated
from the ID by a slash. However,
gpg does not accept key IDs in
this format, so
regpg strips off the prefix to make it work.
regpg only recognized
gpg1 prefixes like
but now it also strips off
gpg2 prefixes like
regpg to be stable.
Reduce length of passwords, so it is feasible to copy-type them into a console.
Compatibility with Ansible 2.5 and 2.6. Thanks to David Carter for reporting that there were problems.
Minor test portability and robustness improvements found when running on Debian sid / unstable.
genspkifp generates SPKI fingerprints for HTTPS public key pinning (HPKP)
regpg init ansible when there are existing plugin settings
check the relnotes are updated before release
Ed25519 ssh keys (using
fix ssh key generation on BSDish systems
Support for both Markdown.pl and Text::Markdown in doc build
Avoid locale interference in tests
~/.regpg to avoid interference from user's
depipe subcommand, for writing to a temporary fifo
gencsa now auto-generate private keys as necessary
gencrt subcommand for self-signed X.509 certificates
gencrt also has super simple X.509 CA support
port to Ansible 2.0, 2.1.0, 2.1.1, and devel
crypt(3) hash output from
Ansible portability fixes
Ansible gpg_d module, to support binary secrets
Force message authentication digests on encrypted files
lskeys can list decryption keys of encrypted files
Portability fixes to different versions of Ansible, GnuPG, OpenSSL
Improvements to test suite
Presentation to colleagues
Before this point,
regpg had very few users. Please see the
logs for changes to older versions.
Written by Tony Finch firstname.lastname@example.org email@example.com
at Cambridge University Information Services.