Unable to encrypt file with private/public key

Pete Stephenson pete at heypete.com
Tue Dec 30 03:44:29 CET 2014


On Dec 29, 2014 6:57 AM, "Haritwal, Dhiraj" <Dhiraj.Haritwal at ap.sony.com>
wrote:
>
> Almost done now. After I signed partner’s public key, that warring has
gone.

Great!

> I am using below command to encrypt file with my private key & partner’s
public key & partner is using my private key & their public key to decrypt
it but it’s getting fail. M I using anything wrong here.
>
>
>
> ./gpg --local-user 'MY USER’ --recipient partner_pubkey --encrypt --armor
/tmp/test/data1.CSV

That looks reasonable. When you say you're getting a fail, what error
message are you seeing?

Also, it seems that you're still mixing up the terms for private and public
keys: this makes it a bit confusing to follow what you're doing. You should
be encrypting the message to your partner's public key (you can
additionally encrypt it to other public keys, such as your own. This is
useful if you want to be able to read the message after you sent it.) and
your partner should use their private key to decrypt it.

> Tried to use --sign which is asking passphrase which don’t want to use.
Can we sign without passphrase & only with public/private key.

Signing a message requires the sender's (i.e., your) private key to
generate the signature. In order to unlock the private key so that it can
be used to sign the message, you need to provide the passphrase for your
private key.

Short answer: no. You need to use your passphrase (and private key) to sign
a message.

> Dhiraj
>
>
>
>
>
> From: Pete Stephenson [mailto:pete at heypete.com]
> Sent: 23 December 2014 11:24
> To: Haritwal, Dhiraj
> Cc: gnupg-users at gnupg.org
>
> Subject: RE: Unable to encrypt file with private/public key
>
>
>
> On Dec 22, 2014 7:30 AM, "Haritwal, Dhiraj" <Dhiraj.Haritwal at ap.sony.com>
wrote:
>
> >
> > Thank you very much for all the explanation/links. Now things are bit
clear.
> > Now I have to encrypt file with partner's Public Key. I tried with
below command which is still showing warning message (gpg: 89709B71: There
is no assurance this key belongs to the named user) whereas if I am
checking partner_pubkey, it's showing full trust. How can I remove this
message. Even I have added partner's public key as trusted.
> >
> > ./gpg --encrypt --recipient partner_pubkey --armor /tmp/test/data.CSV
>
> I'm glad things are working better.
>
> To resolve the issue with the assurance message, manually verify that the
key belongs to the recipient (e.g. meet in person or call them and verify
the fingerprint of their key) and then sign the key using GnuPG. (gpg
--sign-key 0xKEYID)
>
> In GnuPG you vouch that a particular public key belongs to a person (or
organization) by signing their public key. This signature can be local or
published publicly.
>
> "Trust" in GnuPG is different, and reflects how much you trust the other
key to correctly vouch for the identity of others. If you set their key as
fully trusted, keys that are signed by that key are treated by your copy of
GnuPG with the same level of assurance as if you signed them yourself.
Typically this should only be reserved for people you know to always check
the identity of other people thoroughly and correctly before signing their
keys. The default is for trust to be set to "marginal".
>
> By combining signatures and trust, one forms a "web of trust":
https://en.wikipedia.org/wiki/Web_of_trust
>
> Cheers!
> -Pete
>
>
> ________________________________
>
> This email is confidential and intended only for the use of the
individual or entity named above and may contain information that is
privileged. If you are not the intended recipient, you are notified that
any dissemination, distribution or copying of this email is strictly
prohibited. If you have received this email in error, please notify us
immediately by return email or telephone and destroy the original message.
- This mail is sent via Sony Asia Pacific Mail Gateway..
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20141229/ead1170c/attachment.html>


More information about the Gnupg-users mailing list