Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Build/install instructions for GnuPG 2.2.x on Ubuntu and similar distros (formerly for 2.1.x)

GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.10, released on August 30th, 2018. These instructions are built for a headless Ubuntu 18.04 LTS server (and have also been tested on Ubuntu 14.04/16.04).

If you prefer, you may use the below install script to install GnuPG 2.2.x by running the following commands:

curl -OL "https://gist.githubusercontent.com/vt0r/a2f8c0bcb1400131ff51/raw/e0d2011d7b89bfe5b83c3f29f21949fb21354dd9/install-gnupg22.sh" && sudo -H bash ./install-gnupg22.sh

Install the needed dependencies

apt-get -y install libgnutls-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev || apt-get -y install libgnutls28-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev

Setup the build

NOTE: To clean up from the older GnuPG 2.1.x builds, you probably want to delete /var/src/gnupg21 entirely.

mkdir -p /var/src/gnupg22 && cd /var/src/gnupg22
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9

Installing libgpg-error 1.32

wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.gz.sig && \
gpg --verify libgpg-error-1.32.tar.gz.sig && tar -xzf libgpg-error-1.32.tar.gz && \
cd libgpg-error-1.32/ && ./configure && make && make install && cd ../

Installing libgcrypt 1.8.3

wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.gz.sig && \
gpg --verify libgcrypt-1.8.3.tar.gz.sig && tar -xzf libgcrypt-1.8.3.tar.gz && \
cd libgcrypt-1.8.3 && ./configure && make && make install && cd ../

Installing libassuan 2.5.1

wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2.sig && \
gpg --verify libassuan-2.5.1.tar.bz2.sig && tar -xjf libassuan-2.5.1.tar.bz2 && \
cd libassuan-2.5.1 && ./configure && make && make install && cd ../

Installing libksba 1.3.5

wget -c  https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2.sig && \
gpg --verify libksba-1.3.5.tar.bz2.sig && tar -xjf libksba-1.3.5.tar.bz2 && \
cd libksba-1.3.5 && ./configure && make && make install && cd ../

Installing npth 1.6

wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig && \
gpg --verify npth-1.6.tar.bz2.sig && tar -xjf npth-1.6.tar.bz2 && \
cd npth-1.6 && ./configure && make && make install && cd ../

Install pinentry 1.1.0

wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2.sig && \
gpg --verify pinentry-1.1.0.tar.bz2.sig && tar -xjf pinentry-1.1.0.tar.bz2 && \
cd pinentry-1.1.0 && ./configure --enable-pinentry-curses --disable-pinentry-qt4 && \
make && make install && cd ../

Install GnuPG 2.2.10

wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2.sig && \
gpg --verify gnupg-2.2.10.tar.bz2.sig && tar -xjf gnupg-2.2.10.tar.bz2 && \
cd gnupg-2.2.10 && ./configure && make && make install

Finishing the build

echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v
#!/bin/bash
# ---------
# Script to build and install GnuPG 2.2.x
apt-get update
apt-get -y install libgnutls-dev bzip2 make gettext texinfo gnutls-bin libgnutls28-dev build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev || apt-get -y install libgnutls28-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev
mkdir -p /var/src/gnupg22 && cd /var/src/gnupg22
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2.sig && \
gpg --verify libgpg-error-1.32.tar.gz.sig && tar -xzf libgpg-error-1.32.tar.gz && \
gpg --verify libgcrypt-1.8.3.tar.gz.sig && tar -xzf libgcrypt-1.8.3.tar.gz && \
gpg --verify libassuan-2.5.1.tar.bz2.sig && tar -xjf libassuan-2.5.1.tar.bz2 && \
gpg --verify libksba-1.3.5.tar.bz2.sig && tar -xjf libksba-1.3.5.tar.bz2 && \
gpg --verify npth-1.6.tar.bz2.sig && tar -xjf npth-1.6.tar.bz2 && \
gpg --verify pinentry-1.1.0.tar.bz2.sig && tar -xjf pinentry-1.1.0.tar.bz2 && \
gpg --verify gnupg-2.2.10.tar.bz2.sig && tar -xjf gnupg-2.2.10.tar.bz2 && \
cd libgpg-error-1.32/ && ./configure && make && make install && cd ../ && \
cd libgcrypt-1.8.3 && ./configure && make && make install && cd ../ && \
cd libassuan-2.5.1 && ./configure && make && make install && cd ../ && \
cd libksba-1.3.5 && ./configure && make && make install && cd ../ && \
cd npth-1.6 && ./configure && make && make install && cd ../ && \
cd pinentry-1.1.0 && ./configure --enable-pinentry-curses --disable-pinentry-qt4 && \
make && make install && cd ../ && \
cd gnupg-2.2.10 && ./configure && make && make install && \
echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v && \
echo "Complete!!!"
@NoSubstitute
Copy link

NoSubstitute commented Nov 15, 2017

Thanks, running the 2.2.2 install now on a Lubuntu 16.04.3 LTS with 4.4.0-66. Usually runs without a hitch. Also this time.

One noteworthy thing, though. 2.2.2 installs as gpg and not gpg2. So if you have previous installs of GPG Modern they will still be around as gpg2. Also, I assume this means it will overwrite previous non-Modern local versions of GPG.

@DeathCamel57
Copy link

DeathCamel57 commented Nov 28, 2017

Hey @vt0r, there were some updated packages, including a new version of GnuPG. Check out my gist, and test it. It should be updated.
Updated Script

@vt0r
Copy link
Author

vt0r commented Nov 28, 2017

Yeah, sorry, @DeathCamel57. I got busy with work and holidays stuff. I've finally updated to include the new libassuan and GnuPG

  • Updated libassuan to 2.4.4
  • Updated gnupg to 2.2.3

@vt0r
Copy link
Author

vt0r commented Dec 27, 2017

  • Updated libassuan to 2.5.1
  • Updated pinentry to 1.1.0
  • Updated gnupg to 2.2.4

@catalin-f
Copy link

catalin-f commented Feb 12, 2018

Any ideea why, after installing from the above instructions on ubuntu 16.04
gpg --version
gpg: Fatal: libgcrypt is too old (need 1.7.0, have 1.6.5)

@vt0r
Copy link
Author

vt0r commented Mar 1, 2018

@catalinif - I'm going to need more information to help out. Did you get some sort of errors during the build? It looks like you didn't build and install the newest version of libgcrypt, so it's probably trying to use a system version.

  • Updated gnupg to 2.2.5

@jamesob
Copy link

jamesob commented Apr 2, 2018

This is awesome! Thanks so much.

@vt0r
Copy link
Author

vt0r commented Apr 12, 2018

@jamesob - No problem. Happy to help.

  • Updated libgpg-error to 1.29
  • Updated gnupg to 2.2.6

@vt0r
Copy link
Author

vt0r commented May 9, 2018

  • Updated libgpg-error to 1.31
  • Updated gnupg to 2.2.7

@craigphicks
Copy link

craigphicks commented May 19, 2018

Your script was very helpful. Kudos & Thank you!

@vt0r
Copy link
Author

vt0r commented Jun 8, 2018

@craigphicks - Glad it helped.

  • Updated gnupg to 2.2.8

NOTE: Please upgrade to version 2.2.8 as soon as possible, as this release resolves a fairly significant security vulnerability

@vt0r
Copy link
Author

vt0r commented Jun 14, 2018

  • Updated libgcrypt to 1.8.3

NOTE: Please also upgrade to libgcrypt version 1.8.3 as soon as possible, as it resolves another significant security vulnerability

@fernandodrf
Copy link

fernandodrf commented Jun 27, 2018

Hi there! Great script, however after updating gnupg to 2.2.8 in ubuntu 16.04 (64 bits) I get the following error whenever I try to add a new repository:

gpg: Total number processed: 1
gpg:               imported: 1
gpg: no valid OpenPGP data found.
[Errno 2] No such file or directory: 'S.gpg-agent.ssh'

So I have to end up fetching the keys manually after that, or I get the following error:

"the following signatures couldn’t be verified because the public key is not available."

Any ideas what I am missing?
Thanks a lot!

@vt0r
Copy link
Author

vt0r commented Jul 14, 2018

Updated gnupg to 2.2.9


Hey @fernandodrf,

Sounds like you're missing the needed socket to run the GPG agent. I would check in ~/.gnupg/ to see if S.gpg-agent is present. In my Ubuntu machine, it's a symlink to a socket location in /run:

S.gpg-agent -> /run/user/1000/gnupg/S.gpg-agent

If you don't have a similar sock file or symlink, you could always make sure the gnupg directory exists under the run directory for your user and create the symlink on your own:

mkdir -p /run/user/<YOURUID>/gnupg
ln -s /run/user/<YOURUID>/gnupg/S.gpg-agent ~/.gnupg/

Obviously, replace <YOURID> with your actual UID, which is most likely 1000.

Hope that helps.

@simbo1905
Copy link

simbo1905 commented Aug 10, 2018

These instructions were are a real help installing gunpg 2.2 (gpg2.2) into a centos7 docker image. I forked this gist over at https://gist.github.com/simbo1905/ba3e8af9a45435db6093aea35c6150e8 in case someone else is looking for a centos or rhel7 version. Many thanks!

@grv87
Copy link

grv87 commented Sep 10, 2018

After installation gpg-preset-passphrase is unavailable.
Should it be installed from somewhere else?

UPDATE:
Ah, I see. It is in /usr/local/libexec. Is it Ubuntu native behavior? Under Windows it is available in PATH without any extra steps.

@vt0r
Copy link
Author

vt0r commented Sep 22, 2018

  • Updated libgpg-error to 1.32
  • Updated npth to 1.6
  • Updated gnupg to 2.2.10

@simbo1905 - happy to help

@grv87 - ¯\_(ツ)_/¯ That's just the default install location the Makefile chooses. You could always create a symlink in /usr/local/bin like so:

sudo ln -s /usr/local/libexec/gpg-preset-passphrase /usr/local/bin

@NoSubstitute
Copy link

NoSubstitute commented Sep 28, 2018

Just letting people know that trying to install this on WSL 17134 with Ubuntu 18.04 will fail, since the installed version of gpg fails the "gpg --verify" because of broken timing. microsoft/WSL#3286
Not until gpg is updated in the apt repo will it work properly.
To make this install I had to remove all the --verify lines.

After install, gpg --verify works perfectly. :-)

@NoSubstitute
Copy link

NoSubstitute commented Nov 25, 2018

@vt0r IS there an update in the works, since 2.2.11 has been out two weeks now?

@efazati
Copy link

efazati commented Nov 28, 2018

How can I fix this?

gpg: WARNING: server 'gpg-agent' is older than us (2.2.4 < 2.2.10)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: WARNING: server 'gpg-agent' is older than us (2.2.4 < 2.2.10)

I ran this but not helping

 $ gpg-connect-agent /bye

@NoSubstitute
Copy link

NoSubstitute commented Dec 30, 2018

These tools, including gnupg itself, have had updates. The rest of the tools are still same version as above.

wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.33.tar.gz &&
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.33.tar.gz.sig &&
gpg --verify libgpg-error-1.33.tar.gz.sig && tar -xzf libgpg-error-1.33.tar.gz &&
cd libgpg-error-1.33/ && ./configure && make && make install && cd ../

wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.4.tar.gz &&
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.4.tar.gz.sig &&
gpg --verify libgcrypt-1.8.4.tar.gz.sig && tar -xzf libgcrypt-1.8.4.tar.gz &&
cd libgcrypt-1.8.4 && ./configure && make && make install && cd ../

wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.2.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.2.tar.bz2.sig &&
gpg --verify libassuan-2.5.2.tar.bz2.sig && tar -xjf libassuan-2.5.2.tar.bz2 &&
cd libassuan-2.5.2 && ./configure && make && make install && cd ../

wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.12.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.12.tar.bz2.sig &&
gpg --verify gnupg-2.2.12.tar.bz2.sig && tar -xjf gnupg-2.2.12.tar.bz2 &&
cd gnupg-2.2.12 && ./configure && make && make install

@NoSubstitute
Copy link

NoSubstitute commented Mar 18, 2019

gnupg is up tp 2.2.13.
So far, I haven't checked which of the other packages have been updated since Dec 2018.

@NoSubstitute
Copy link

NoSubstitute commented Mar 30, 2019

Alright, updated a few lines in my downloaded copy of install-gnupg22.sh to reflect the most recent updates, and included ntbTLS, though I don't know if it matters. Just pasting it here, since I don't really know how to do a proper fork and pull request. :-)

#!/bin/bash

---------

Script to build and install GnuPG 2.2.x

apt-get update
apt-get -y install libgnutls-dev bzip2 make gettext texinfo gnutls-bin libgnutls28-dev build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev || apt-get -y install libgnutls28-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev
mkdir -p /var/src/gnupg22 && cd /var/src/gnupg22
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9

wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.36.tar.gz &&
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.36.tar.gz.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.4.tar.gz &&
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.4.tar.gz.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.3.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.3.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/ntbtls/ntbtls-0.1.2.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/ntbtls/ntbtls-0.1.2.tar.bz2.sig &&
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.15.tar.bz2 &&
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.15.tar.bz2.sig &&
gpg --verify libgpg-error-1.36.tar.gz.sig && tar -xzf libgpg-error-1.36.tar.gz &&
gpg --verify libgcrypt-1.8.4.tar.gz.sig && tar -xzf libgcrypt-1.8.4.tar.gz &&
gpg --verify libassuan-2.5.3.tar.bz2.sig && tar -xjf libassuan-2.5.3.tar.bz2 &&
gpg --verify libksba-1.3.5.tar.bz2.sig && tar -xjf libksba-1.3.5.tar.bz2 &&
gpg --verify npth-1.6.tar.bz2.sig && tar -xjf npth-1.6.tar.bz2 &&
gpg --verify pinentry-1.1.0.tar.bz2.sig && tar -xjf pinentry-1.1.0.tar.bz2 &&
gpg --verify ntbtls-0.1.2.tar.bz2.sig && tar -xjf ntbtls-0.1.2.tar.bz2 &&
gpg --verify gnupg-2.2.15.tar.bz2.sig && tar -xjf gnupg-2.2.15.tar.bz2 &&
cd libgpg-error-1.36/ && ./configure && make && make install && cd ../ &&
cd libgcrypt-1.8.4 && ./configure && make && make install && cd ../ &&
cd libassuan-2.5.3 && ./configure && make && make install && cd ../ &&
cd libksba-1.3.5 && ./configure && make && make install && cd ../ &&
cd npth-1.6 && ./configure && make && make install && cd ../ &&
cd ntbtls-0.1.2 && ./configure && make && make install && cd ../ &&
cd pinentry-1.1.0 && ./configure --enable-pinentry-curses --disable-pinentry-qt4 &&
make && make install && cd ../ &&
cd gnupg-2.2.15 && ./configure && make && make install &&
echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v &&
echo "Complete!!!"

@CryptAnalitic
Copy link

CryptAnalitic commented Apr 10, 2019

Where is the new build GPG ?

@loizoskounios
Copy link

loizoskounios commented May 4, 2019

@vt0r Thanks a lot for this, it worked with zero trouble!

I made some minor changes to compile the latest GnuPG version which at the time of writing this is 2.2.15. I also moved the version numbers of GnuPG and its dependencies closer to the top of the file to make it easier to update to newer versions.

Snippet follows, feel free to use if you think it is useful:

#!/bin/bash
# ---------
# Script to build and install GnuPG 2.2.x

GNUPG_VER=2.2.15

apt-get update
apt-get -y install libgnutls-dev bzip2 make gettext texinfo gnutls-bin libgnutls28-dev build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev || apt-get -y install libgnutls28-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev
mkdir -p /var/src/gnupg-$GNUPG_VER && cd /var/src/gnupg-$GNUPG_VER
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 04376F3EE0856959 2071B08A33BD3F06 8A861B1C7EFD60D9

LIBGPG_ERROR_VER=1.36
LIBGCRYPT_VER=1.8.4
LIBKSBA_VER=1.3.5
LIBASSUAN_VER=2.5.3
NPTH_VER=1.6
PINENTRY_VER=1.1.0

wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-$LIBGPG_ERROR_VER.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-$LIBGPG_ERROR_VER.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-$LIBGCRYPT_VER.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-$LIBGCRYPT_VER.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-$LIBASSUAN_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-$LIBASSUAN_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-$LIBKSBA_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-$LIBKSBA_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-$NPTH_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-$NPTH_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-$PINENTRY_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-$PINENTRY_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-$GNUPG_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-$GNUPG_VER.tar.bz2.sig && \
gpg --verify libgpg-error-$LIBGPG_ERROR_VER.tar.gz.sig && tar -xzf libgpg-error-$LIBGPG_ERROR_VER.tar.gz && \
gpg --verify libgcrypt-$LIBGCRYPT_VER.tar.gz.sig && tar -xzf libgcrypt-$LIBGCRYPT_VER.tar.gz && \
gpg --verify libassuan-$LIBASSUAN_VER.tar.bz2.sig && tar -xjf libassuan-$LIBASSUAN_VER.tar.bz2 && \
gpg --verify libksba-$LIBKSBA_VER.tar.bz2.sig && tar -xjf libksba-$LIBKSBA_VER.tar.bz2 && \
gpg --verify npth-$NPTH_VER.tar.bz2.sig && tar -xjf npth-$NPTH_VER.tar.bz2 && \
gpg --verify pinentry-$PINENTRY_VER.tar.bz2.sig && tar -xjf pinentry-$PINENTRY_VER.tar.bz2 && \
gpg --verify gnupg-$GNUPG_VER.tar.bz2.sig && tar -xjf gnupg-$GNUPG_VER.tar.bz2 && \
cd libgpg-error-$LIBGPG_ERROR_VER && ./configure && make && make install && cd ../ && \
cd libgcrypt-$LIBGCRYPT_VER && ./configure && make && make install && cd ../ && \
cd libassuan-$LIBASSUAN_VER && ./configure && make && make install && cd ../ && \
cd libksba-$LIBKSBA_VER && ./configure && make && make install && cd ../ && \
cd npth-$NPTH_VER && ./configure && make && make install && cd ../ && \
cd pinentry-$PINENTRY_VER && ./configure --enable-pinentry-curses --disable-pinentry-qt4 && \
make && make install && cd ../ && \
cd gnupg-$GNUPG_VER && ./configure && make && make install && \
echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v && \
echo "Complete!!!"

@RogueScholar
Copy link

RogueScholar commented May 26, 2019

Looks like we both had a lot of the same ideas, @loizoskounios. I forked this super handy script by @vt0r and did some of what you did, as well as building in the ability to grant it sudo privileges using the pkexec function in most Linux desktop environments, so there's never any password tracks left in the terminal history.

It's available here for anyone that wants to put it to work, and I'm happy to get any comments or suggestions for improvements in the comments to meet any use cases I didn't already consider.

@NoSubstitute
Copy link

NoSubstitute commented May 30, 2019

Awesome, @loizoskounios , thanks.
Your script worked fine (I added the reference to ntbtls in my copy of your script).

Sadly, @RogueScholar your script failed with an error about something wrong with bash. Ubuntu Server 18.04 LTS.

@okkymabruri
Copy link

okkymabruri commented Dec 26, 2020

Script install latest GNUPG in Ubuntu 20.10
(Thanks to @loizoskounios, I've modified your script and work)

#!/bin/bash
# ---------
# Script to build and install GnuPG 2.2.x

GNUPG_VER=2.2.26

apt-get update
apt-get -y install libgnutls-dev bzip2 make gettext texinfo gnutls-bin libgnutls28-dev build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev || apt-get -y install libgnutls28-dev bzip2 make gettext texinfo gnutls-bin build-essential libbz2-dev zlib1g-dev libncurses5-dev libsqlite3-dev libldap2-dev
mkdir -p /var/src/gnupg-$GNUPG_VER && cd /var/src/gnupg-$GNUPG_VER
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 249B39D24F25E3B6 BCEF7E294B092E28 2071B08A33BD3F06 528897B826403ADA

LIBGPG_ERROR_VER=1.41
LIBGCRYPT_VER=1.8.7
LIBKSBA_VER=1.5.0
LIBASSUAN_VER=2.5.4
NPTH_VER=1.6
PINENTRY_VER=1.1.0

wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-$LIBGPG_ERROR_VER.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-$LIBGPG_ERROR_VER.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-$LIBGCRYPT_VER.tar.gz && \
wget -c https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-$LIBGCRYPT_VER.tar.gz.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-$LIBASSUAN_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-$LIBASSUAN_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-$LIBKSBA_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/libksba/libksba-$LIBKSBA_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-$NPTH_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/npth/npth-$NPTH_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-$PINENTRY_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-$PINENTRY_VER.tar.bz2.sig && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-$GNUPG_VER.tar.bz2 && \
wget -c https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-$GNUPG_VER.tar.bz2.sig && \
gpg --verify libgpg-error-$LIBGPG_ERROR_VER.tar.gz.sig && tar -xzf libgpg-error-$LIBGPG_ERROR_VER.tar.gz && \
gpg --verify libgcrypt-$LIBGCRYPT_VER.tar.gz.sig && tar -xzf libgcrypt-$LIBGCRYPT_VER.tar.gz && \
gpg --verify libassuan-$LIBASSUAN_VER.tar.bz2.sig && tar -xjf libassuan-$LIBASSUAN_VER.tar.bz2 && \
gpg --verify libksba-$LIBKSBA_VER.tar.bz2.sig && tar -xjf libksba-$LIBKSBA_VER.tar.bz2 && \
gpg --verify npth-$NPTH_VER.tar.bz2.sig && tar -xjf npth-$NPTH_VER.tar.bz2 && \
gpg --verify pinentry-$PINENTRY_VER.tar.bz2.sig && tar -xjf pinentry-$PINENTRY_VER.tar.bz2 && \
gpg --verify gnupg-$GNUPG_VER.tar.bz2.sig && tar -xjf gnupg-$GNUPG_VER.tar.bz2 && \
cd libgpg-error-$LIBGPG_ERROR_VER && ./configure && make && make install && cd ../ && \
cd libgcrypt-$LIBGCRYPT_VER && ./configure && make && make install && cd ../ && \
cd libassuan-$LIBASSUAN_VER && ./configure && make && make install && cd ../ && \
cd libksba-$LIBKSBA_VER && ./configure && make && make install && cd ../ && \
cd npth-$NPTH_VER && ./configure && make && make install && cd ../ && \
cd pinentry-$PINENTRY_VER && ./configure --enable-pinentry-curses --disable-pinentry-qt4 && \
make && make install && cd ../ && \
cd gnupg-$GNUPG_VER && ./configure && make && make install && \
echo "/usr/local/lib" > /etc/ld.so.conf.d/gpg2.conf && ldconfig -v && \
echo "Complete!!!"

@NoSubstitute
Copy link

NoSubstitute commented Dec 26, 2020

@okkymabruri , why did you remove the 'gpg --verify' lines from the code?
Or, rather, why would you install unverified software on your system?

Script install latest GNUPG in Ubuntu 20.10
(Thanks to @loizoskounios, I've modified your script and work)

@okkymabruri
Copy link

okkymabruri commented Dec 26, 2020

@NoSubstitute, thanks, I missed it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment