gpg problem while decrypting
Neil Williams
linux at codehelp.co.uk
Wed Jun 16 10:44:11 CEST 2004
On Thursday 10 June 2004 12:51, Deepak Kolhar wrote:
> Hi ,
>
> I'm getting following error under unix environment when i try to decrypt
> a file from another user .
> The exact message is
> gpg: encrypted with ELG-E key, ID 3E07473B
> gpg: decryption failed: secret key not available
So whose key contains ID 3E07473B? User-A or User-BCD?
> I've generated a key from a user 'UserA' for example. It's working fine
> there.
> But when i try to decrypt a file (which is encrypted from user a )
But who is it encrypted TO, that's crucial. What recipient did you specify?
> from a
> user 'User-BCD'. it gives above error.
> Both the user are on the same server.
But each have their own keyrings in their own ~ space. Each should only have
their own secret key. It gets confusing when you use hidden or generic names
for users and then don't specify the keyid's for both. It makes it easier to
help if you specify the exact command line (remove the email address if you
like, but the keyid's are best left in).
A full example:
Garfield has the secret key for 0x28BCB3E3 and the public key for 0xA897FD02.
neil at garfield:~$ gpg -a -r 0xA897FD02 -e dead.letter
neil at garfield:~$ scp dead.letter.gpg laptop:
'laptop' has the secret key for 0xA897FD02 and the public key for 0x28BCB3E3.
neil at laptop:~$ gpg --decrypt dead.letter.gpg > dead.letter2
neil at laptop:~$ gpg -a -r 0x28BCB3E3 -e dead.letter2
neil at laptop:~$ scp dead.letter2.gpg garfield:
neil at garfield:~$ gpg --decrypt dead.letter2.gpg
If you don't specify a recipient and gpg still encrypts, you've got a default
encrypt setting in ~/.gnupg/gpg.conf which is 'hiding' the error. The
encrypted file will then be encrypted using the default key as no recipient
was given.
In my example, this would cause dead.letter.gpg to be encrypted to 0x28BCB3E3
(garfield's key) - laptop (in my example) would not be able to decrypt it.
Similarly, with 0xA897FD02 as default encrypt key on the laptop,
dead.letter2.gpg would be encrypted to 0xA897FD02 (the laptop key) not the
intended garfield key 0x28BCB3E3. Garfield would not be able to decrypt.
--
Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20040616/32affb3d/attachment.bin
More information about the Gnupg-users
mailing list