Unable to encrypt file with private/public key

Duplicity Mailing List duplicitymailinglist at mail.ru
Thu Dec 18 17:04:59 CET 2014


On 18/12/14 15:39, Haritwal, Dhiraj wrote:
> Hi,
> 
> Thanks for your response.
> 
> About the below command, it's asking for passphrase whereas my requirement is to use only keys to encrypt/sign it.
> 
> gpg2 -u FFEEDDCC -r AABBCCDD -se supersecret.txt
> 
> I tried below command which shows confirmation screen where I have entered y (yes) & now able to see a file named  supersecret.txt.gpg. m not sure what file it is because it think encrypted file should has an .asc extension.
> 
> ./gpg --encrypt --hidden-recipient AABBCCDD supersecret.txt
> gpg: 89709B71: There is no assurance this key belongs to the named user
> 
> 
> Regards,
> 
> Dhiraj

.gpg is the extension of encrypted files, .asc is normally ASCII armored
files (Signatures and the like), if you'd like to generate one of those,
look into the -a option (for Ascii). A complete command would look
something like `gpg2 -u AABBCCDD -as supersecret.txt`. The generated
supersecret.txt.asc will only verify to someone who already has the .txt
that it hasn't been touched/modified and that the key AABBCCDD did
verify it as being legitimate, they won't be able to extrapolate
supersecret.txt out of it. It's _only_ for signing, _not_ for
encrypting/transportation of data, which is why you often see them on
this mailing list and downloads (You want to verify that the user sent
the data, but not encrypt it (Since it's public)).

If you try to run:-

>gpg -d supersecret.txt.gpg

It should tell you it's encrypted and the destination public key, then
error out (As it's not destined for you). As for the "There is no
assurance this key belongs to thhe named user", this is because you
haven't trusted them yet. If you do trust the key as being the key they
claim to be, and have verified the key through out-of-bands means (I.E.
Not over the internet, or using an already secure channel over the
internet, this is *not* emails, this is *not* Skype, this is *not* text
messages), then you can take a look at this:-
https://www.gnupg.org/gph/en/manual/x334.html

P.S. I'm replying to you on-list for the reasons:-

1. People are able to verify if I say anything stupid
2. In the case I haven't said anything stupid, someone else could also
learn from this (I.E. Location this thread in the future via a search
engine).

I recommend you do the same.



More information about the Gnupg-users mailing list