not recognizing my passphrase after moving from XP to Win7

Henry Hertz Hobbit hhhobbit at securemecca.net
Thu Jul 11 18:14:03 CEST 2013


On 07/08/2013 03:42 AM, eMyListsDDg wrote:
> Hello Henry,

> i copied the 32-bit XP gnupg dir contents to this dir on Win 7-64bit
> 
> from:    C:\Documents and Settings\<user name>\Application Data\gnupg
> 
> to:      C:\Users\<user name>\AppData\Roaming\gnupg\
> 

That is the correct folder.  I have no idea on what Windows
7 does with the Documents and Settings folder but I created
dummy keys and then replaced everything in that folder
except for the random_seed file (created when I createdd
the dummy keys) on Windows 7 for the administrative user
and me (yes, two accounts per each Windows 7 system).
They work.  I can create symmetric enciphered files,
public key enciphered files, and detached signatures files
and decipher, decipher, and verify respectively.

> there is a sub-dir C:\Documents and Settings\<user name>\Application Data\gnupg\private-keys-v1.d 
> that is empty. did i miss getting my priv keys copied over? 

NO, but as Peter said you may have been better off NOT copying
the random_seed file even though I do change mine with hexedit
But for someone to say that I am simply not random they have
never saw my sleeping hours, trips to the store, etc.  I am
as about as random as you can get.  For somebody to say that
human beings are simply not random assumes the idea that all
human beings are alike which I can tell you is not true.  I
can attest to that as both a Psychologist and giving testimony
in a court of law and can tell you that none of the witnesses
experienced the exact same event in the same way.  Humans simply
do NOT see or experience the same event the same way.  Yet we
all assume that is the case.  I can also back that statement up
with my Psychology degree and years of experience with
experiments in perception and learning theory.  I can remember
that episode of MASH where the Ferret experienced events one way
and Hawkeye a completely different way.  Believe it or not
that is the norm, not the exception.  I can assure you I have
NO plan of what gets replaced in a random_seed file and I
certainly don't make the mistake of making sure I don't
replace a nibble with the very same thing. The replacements
are all over the file with no plans of how to move.  It is
pure serendipity.  The files may or may not get the same
changes but so far a hexcmp always gives me the first byte
that is different and it is never the same.  It is just as
random as any RNG.  Normally I use hexedit with two or more
malware that have the same size in a given time period.  I
have much more trust in hexcmp than even sha256sum to test
whether two files are the same or not.

There will be more on this in a separate post and it will
delve into even Physics of the large (galaxies) and the
small.  But the big point was GNUPG DID NOT CREATE A
random_seed FILE FOR ME ON WINDOWS SEVERAL YEARS BACK.
What is it using when it isn't there.

Since you are using the keys in only one place, e.g., you are
moving from Windows XP to Windows 7 permanently then there
may not be an issue with just copying random_seed.  I wouldn't
know.  My work-around below may make that a moot point anyway.

> nope, do not use Outlook. i use "TheBat! v5.1.6.2" on my windows machine, have for years. 
> 
> i thought too, as you did, maybe the mailer program was the issue. but i went
> to commandline, encrypted a small test text file with my email key. that succeeded.
> but couldn't decrypt it. returns invalid key. no matter i typed in key or pasted
from my main password database app.

Somebody else just had an issue this way.  Resign all of YOUR
keys with the highest level of trust and see if that helps.
Yeah, I know.  It sounds dumb but there is a slim chance it
will work.  But if you cannot edit your keys because it does
not accept your pass-phrase I would say you are hosed and will
need to export everything that is yours (public, private and
trust) from Windows XP and then import them on Windows 7.
Note that I said you will almost HAVE to do that anyway if
your Windows XP is 32 bit and Windows 7 is  64 bit.  In that
case don't even dream of copying.  It won't work.

Be sure to wipe out your entire AppData\roaming\gnupg folder.
Then create dummy keys on Windows 7. Then import your keys and
trust on Windows 7 from the exports created on Windows XP.
Then edit your transferred keys and make sure they have the
highest level of trust.  Just make sure you are doing a self
sign (e.g., not signing them using the dummy key which you
may want to remove at this point but should do the instant
your keys start working again).

When you publicly encipher a file it doesn't ask for a password
So do one test using a symmetric cipher and then try to decipher
that file (remember to put the original some place else before
you decipher).  Hopefully you can decipher a symmetrically
enciphered file.  Then create a detached signature file since
you have to type your pass-phrase when you create a detached
signature file.

http://www.securemecca.com/public/GnuPG/
http://www.securemecca.com/public/GnuPG/signfile.txt
(there is also a file in there I use for creating
a cipher file using a symmetric cipher)

Translated into Window-speak in the cmd.exe window:

gpg --default-key YOUR_KEY_HERE --output test.txt.sig \
 --detach-sign test.txt

gpg --verify test.txt.sig

Sorry but Thunderbird wraps things for me so the back-slash
and CRLF should be replaced with NOTHING.  If that works
then then you will also have to re-import other people's
public keys and sign or lsign them depending on
what you did before.  You will also want to delete the
dummy key.

HHH




More information about the Gnupg-users mailing list