Options file GPG Win32
Sat, 12 Aug 2000 09:45:41 -0400
I asked the same question. This works (thanks Todd):
From: "Todd L. Brooks" <firstname.lastname@example.org>
There is no need to leave the password empty when exporting a GnuPG
key! By default, GnuPG encrypts the secret key using the Blowfish
algorithm, and PGP 6.5.3 does not understand this algorithm.
Here is a much more secure solution:
1. % gpg --edit-key --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 \
2. Change the password (but not to an empty password!). You can just
change it to what is was before, but gpg will re-encrypt the key
using an algorithm pgp will understand.
3. % gpg --export-secret-key --no-comment KEY-ID > key.asc
% gpg --export --no-comment KEY-ID >> key.asc
4. Import key.asc into pgp and everything should work fine!
P.S. Hmmmm...I don't know why the --no-comment option is necessary
seem to recall not needing to use this in the past.
P.P.S. Perhaps this procedure should be added to the documentation or
some sort of FAQ? I seem to recall a PGP5-GnuPG HOWTO which
mentions the method of exporting an un-encrypted secret (which
fine if you are very very very careful), but I think it is
to never have to write your un-encrypted secret key to disk.
Todd L. Brooks
Department of Mechanical Engineering
9 Hillhouse Avenue
PO BOX 208286
New Haven, CT 06520-8286
(203) 432-4362 (office and voice mail)
(203) 432-4363 (acoustics lab)
(203) 432-7654 (FAX)
For step 3, you don't have to do both (it generates two exactly the same
keys). This is enough "gpg --export-secret-key --no-comment KEY-ID >
> I use GPG Win32.
> In my option file I have tried :
> s2k-cipher-algo CAST5
> s2k-digest-algo SHA1
> cipher-algo CAST5
> but it doesn't work : PGP can't verify the GPG signatures and can't decrypt
> the GPG conventional encrypted files.
> Could someone give me a typical "options" file to allow GnuPG Win32 to work
> with PGP 6.x ?
> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> with a subject of "unsubscribe" to email@example.com
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to firstname.lastname@example.org