Multiple recipients

Brian Rosenvinge brian at
Fri Aug 18 22:09:43 CEST 2006

We have decided to decrypt using a "special" user and re-encrypt the 
file to multiple users.  Our concern is that unless we want to do this 
manually it has to be scripted and that will require the "special" 
user's passphrase to live in the script or on a server in plaintext.  No 
one in IS wants to add this to their daily responsibilities and we 
really should not have access to the data anyway as it is meant for our 
finance department.

David Shaw wrote:

>On Fri, Aug 18, 2006 at 02:34:57PM -0500, Brian Rosenvinge wrote:
>>A vendor will be encrypting files for us and making them available via 
>>FTP.  We have three users that will decrypt the files at different 
>>times.  The vendor will not accept more than one key from us and we 
>>wanted each of our users to have their own key for security and auditing 
>>purposes down the line.
>OpenPGP doesn't work that way.  You can either give the single key to
>each user, or have one "special" user decrypt the message and
>then re-encrypt it to multiple users.
>Gnupg-users mailing list
>Gnupg-users at

More information about the Gnupg-users mailing list