Export secret key from WinXP (GnuPG) 1.4.7 to AIX PGP Version 6.5.8 gives Bad Pass Phrase
David Shaw
dshaw at jabberwocky.com
Wed Sep 17 00:32:30 CEST 2008
On Tue, Sep 16, 2008 at 02:25:17PM -0700, rlively wrote:
> One of our contacts uses this key:
>
> Type: Public Key
> Algorithm: RSA Legacy
> Size: 2048 bits
> Created: 5/17/1999
> Expires: Never
> Validity: None
> Cipher: IDEA
>
> Even though they key specifies Cipher: IDEA, are you saying that we should
> be able to encrypt to this public key just fine with the latest veresion of
> GnuPG, unless that contact is stuck using legacy PGP 2.x?
Yes. Even though the key specifies IDEA as a cipher, modern OpenPGP
systems (GPG or PGP) will both use 3DES as an alternative if they do
not have IDEA.
> If they use a
> newer version of PGP or GnuPG we should be fine?
Yes.
> So to be safe, what do we
> need to do before the decision of whether to go PGP or GnuPG -- just contact
> them and ask what version of PGP or GPG they use?
That's one way - even better would be to just send them a sample
encrypted message and verify they can decrypt the thing. If it works,
it's proven. If it doesn't work, you'll be in a good place to debug.
> Supported under AIX?
>
> http://gnupg.org/download/supported_systems.en.html GnuPG Supported Systems
> doesn't list AIX 5.3. It does have AIX v4.3 under "Other OSes," though it
> has this disclaimer: GnuPG compiles and runs on many more systems, but due
> to the lack of a well tested entropy source, it should be used with some
> caution. We have positive reports on these systems.
>
> Is this anything to be concerned about? Is there a precompiled binary for
> AIX that someone has done? What is the danger of downloading the latest
> source and compiling it under AIX? How can I find a group of people that
> may have done this in the past so we can get some guidance?
I think that information is a little out of date. AIX since v5.2 has
had a /dev/random that is based on Yarrow. Assuming that there isn't
some bug in their implementation (a point on which anyone's guess is
as good as mine), AIX should do just fine.
Read
http://lists.gnupg.org/pipermail/gnupg-devel/2003-April/019954.html
for a bit more info about the AIX random number generator.
David
More information about the Gnupg-users
mailing list