Unable to encrypt file with private/public key

Haritwal, Dhiraj Dhiraj.Haritwal at ap.sony.com
Fri Dec 19 10:14:05 CET 2014

Thank you all for your response.

What I have learned so far from these threads is Signing always require a passphrase whereas encryption can be done without Passphrase & it requires a Key. Correct me if my understand is not correct.

I was doing a mistake. I was trying to encrypt the file with Partner Key hence it was showing the warning. While sending the file to partner I have to use my own key which I have share with them to decrypt it.



-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Duplicity Mailing List
Sent: 18 December 2014 21:35
To: gnupg-users at gnupg.org
Subject: Re: Unable to encrypt file with private/public key

On 18/12/14 15:39, Haritwal, Dhiraj wrote:
> Hi,
> Thanks for your response.
> About the below command, it's asking for passphrase whereas my requirement is to use only keys to encrypt/sign it.
> gpg2 -u FFEEDDCC -r AABBCCDD -se supersecret.txt
> I tried below command which shows confirmation screen where I have entered y (yes) & now able to see a file named  supersecret.txt.gpg. m not sure what file it is because it think encrypted file should has an .asc extension.
> ./gpg --encrypt --hidden-recipient AABBCCDD supersecret.txt
> gpg: 89709B71: There is no assurance this key belongs to the named
> user
> Regards,
> Dhiraj

.gpg is the extension of encrypted files, .asc is normally ASCII armored files (Signatures and the like), if you'd like to generate one of those, look into the -a option (for Ascii). A complete command would look something like `gpg2 -u AABBCCDD -as supersecret.txt`. The generated supersecret.txt.asc will only verify to someone who already has the .txt that it hasn't been touched/modified and that the key AABBCCDD did verify it as being legitimate, they won't be able to extrapolate supersecret.txt out of it. It's _only_ for signing, _not_ for encrypting/transportation of data, which is why you often see them on this mailing list and downloads (You want to verify that the user sent the data, but not encrypt it (Since it's public)).

If you try to run:-

>gpg -d supersecret.txt.gpg

It should tell you it's encrypted and the destination public key, then error out (As it's not destined for you). As for the "There is no assurance this key belongs to thhe named user", this is because you haven't trusted them yet. If you do trust the key as being the key they claim to be, and have verified the key through out-of-bands means (I.E.
Not over the internet, or using an already secure channel over the internet, this is *not* emails, this is *not* Skype, this is *not* text messages), then you can take a look at this:- https://www.gnupg.org/gph/en/manual/x334.html

P.S. I'm replying to you on-list for the reasons:-

1. People are able to verify if I say anything stupid 2. In the case I haven't said anything stupid, someone else could also learn from this (I.E. Location this thread in the future via a search engine).

I recommend you do the same.

Gnupg-users mailing list
Gnupg-users at gnupg.org


This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..

More information about the Gnupg-users mailing list