Error while trying to encrypt

Anthony E. Greene
Tue Apr 30 02:36:01 2002

gpg: Invalid passphrase; please try again ...
Hash: SHA1

On 30-Apr-2002/01:56 +0200, Bart Martens <> wrote:
>On Mon, Apr 29, 2002 at 04:38:55PM -0400, Anthony E. Greene wrote:
>> On 29-Apr-2002/16:16 -0400, "Nelson, Andy" <NelsonA@Budd.ThyssenKrupp.Com> wrote:
>> >Receiving the following error when trying to encrypt a file with someone's
>> >public key
>> [snip]
>> That just means that you have not signed the key [...]
>That is not entirely correct. A missing trust path is not the same as
>missing your signature on the key.

True. An oversight based on the practical experience that the WoT is so
thin for most of us that unsigned keys are much more a fact of life than
trust paths.

>> If you're sure of who a key belongs to, then sign it.
>Correct. More precisely, if you are 100% sure. :-)

A judgement call. People generally use different criteria for local sigs
than for published ones. It's also reasonable to use different criteria
for "pen pals" than for people I intend to do business with.

>> If you don't care who any key belongs to, then you can add "always-trust"
>> to your options file or "--always-trust" to the command line.
>I would not recommend the use of that option in this context, and not to
>beginning gpg users.

I wouldn't recommend it for anything but scripted operations where the
sender is not a person, and therefore cannot sign a key in any meaningful

- -- 
Anthony E. Greene <>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
AOL/Yahoo Chat: TonyG05         HomePage: <>
Linux. The choice of a GNU generation <>

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <> 0x6C94239D