GPG encrypting and decrypting files

Craig Gardner cgardner at adismri.com
Mon Mar 1 11:43:40 CET 2004


On Sat, 2004-02-28 at 06:32, Neil Williams wrote:

> Linux / windows machines?

Both machines are running Linux.  The machine encrypting the files is
running Red Hat 8 and the decrypting machine is on SuSE 9.

> What kind of file and how are you transferring it - ASCII or Binary
FTP?

I am transferring the files using a binary ftp transfer as the files
being encrypted are jpeg images.

> You are encrypting to a binary format (by not using -a ASCII armour)
so 
> transferring the file by ASCII FTP could be the source of the problem.
> 
> If it's a text based file, try encrypting using:
> 
> $ gpg -ar [recipient] -e [unencryptedfile]
> 
> Then send by ASCII FTP. (type A).
> 
> To make sure it has transferred correctly, use a detached signature (
-b ) and 
> send that by FTP. Verify the signature on the other machine before
attempting 
> to decrypt. The detached signature can also be in ASCII by adding -a.

Could I get an example of what the detached signature command(s) should
look like?  I looked in the manpages and that didn't seem to help a
whole lot.  To generate the signature file, I tried using :

"gpg --output det.sig -b [filename]"

To encrypt the actual file, I used :

gpg --output [encrypted file] -br [recipient] --encrypt [unencrypted
file]

However, when I try to decrypt the file, it asks for the signature file,
which I give the location and it tells me :

gpg: Signature made Mon 01 Mar 2004 11:17:01 AM PST using DSA key ID
D35D1EC8
gpg: BAD signature from "[recipient]"

Is there some other command I should be using for the detached
signature?

> I don't usually specify an output file, gnupg will use the same
filename 
> without the .gpg or .asc.
> 
> Which filename is being refused - the encrypted file or the specified
output 
> filename?

The file being refused was the encrypted file being decrypted.
I seem to have gotten beyond this problem, and have come across a new
one.  When I go to decrypt the file, I get a message saying : 

gpg: encrypted with ELG-E key, ID 9012F1E4
gpg: decryption failed: secret key not available

When I "gpg --list-keys", the keys are identical on both the encrypting
and decrypting machines.  Is there something that I'm missing somewhere?

> (Assuming you've checked the permissions.)

Naturally.  I actually changed the permissions to 777 immediately
following the transfer so I don't come across any permission problems.






More information about the Gnupg-users mailing list