gnupg 1.4.7 vs. pgp 6.5.3
David Shaw
dshaw at jabberwocky.com
Wed Mar 24 14:53:40 CET 2010
On Mar 24, 2010, at 9:09 AM, Wolff, Alex wrote:
> Company 1 is using gnupg 1.4.7 on SunOS. Company2 is using PGP 6.5.3 on
> Win2003.
>
> Company1 encrypts using Company2's public key and ftp's file in ascii
> mode to Company2.
>
> Company2 tries to decrypt file and receives error :
>
> "bad session keys" or "1 unknown key(s)"
>
> To encrypt we are using command: gpg -r Charlie.Camut at company.com
> --output TEST.txt.pgp --encrypt OUTFILE.go
>
> Is this incompatibility issue between gnupg and pgp or a bonehead
> mistake?
PGP 6.5.3 is really, really old now, and predates a good amount of stuff that is now part of the OpenPGP standard, including some things that were added for security reasons. The real answer here is to get company 2 to upgrade to something newer. It doesn't have to be GPG - any recent PGP would be fine as well.
Since that may not be under your control (I assume you are "company 1" in the above), you can try adding the "--pgp6" option to your GPG command line. This tells GPG to internally "backdate" itself, so it won't generate any messages using features or algorithms that were added to the standard after PGP 6. Even so, note that the --pgp6 option backdates to PGP 6.5.8, and company 2 is using a version even older than *that*.
David
More information about the Gnupg-users
mailing list