Moving from PGP to GPG
John Clizbe
JPClizbe at tx.rr.com
Wed Feb 20 19:53:21 CET 2008
Maury Markowitz wrote:
> I'm in the process of automating a number of manual tasks. Several of
> these require a user to manually download e-mail attachments to a
> folder, decrypt them using PGP, and then open them in Excel. So far I
> have managed to redirect the mail to a public folder in Exchange, find
> and download the attachments (MS does NOT make that easy!) and in the
> unencrypted cases, open the files and automatically process them.
>
> Now there's the encrypted ones. I have downloaded and installed both
> GPG and IDEA.DLL on a network share. I then copied over our keyfiles
> from the existing PGP installs, and renamed them ".gpg" which seems to
> make life simpler (do I need to do this? is can I specify the file
> directly and thus leave it named ".skr" and ".pkr"?)
<snip>
>
> So am I correct in thinking that I should be able to copy the key files
> over? If not, is there some sort of process I can use to do so? Is
> there such thing as a "cross platform" keyfile that works in both GPG
> and PGP?
At the present, keyring files in PGP and GnuPG are just sequential collections
of key packets.
GnuPG is expecting the .gpg extension. You don't have to rename the files, so
long as you tell GnuPG what the names are:
no-default-keyring
keyring O:\utilities\pubring.pkr
primary-keyring O:\utilities\pubring.pkr
secret-keyring O:\utilities\secring.skr
included in <homedir>\gpg.conf, or specified on the commend line by prefixing '--'.
I usually import the files:
gpg --import secring.skr
gpg --import pubring.skr
Either way, there's one detail to take care of: key trust. PGP calls it
'Implicit Trust' and stores it as part of the key. GnuPG calls it 'Ultimate
trust' and stores it in trustdb.gpg.
You set it by editing the key:
gpg --edit-key 0xdecafbad trust
Select 5 to select Ultimate trust, confirm with y, then exit with save.
For the passphrase issue: the times I've seen this, it is usually due to the
passphrase having characters that don't map into the command line code-page.
You may wish to try clearing the passphrase in PGP before copying the keyrings
and then resetting it in GnuPG.
--
John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con
Ginger Bear Networks hkp://keyserver.gingerbear.net
"Be who you are and say what you feel because those who mind don't matter
and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 658 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080220/e18c8fad/attachment.pgp>
More information about the Gnupg-users
mailing list