gpg offering to encrypt to an unwanted key

Peter Lebbing peter at
Sun Oct 5 21:18:45 CEST 2014

On 05/10/14 20:44, Philip Jackson wrote:
>> desktop:~$ gpg2 -encrypt filename.txt

Remember that a single dash introduces *short* options, so each letter is an
option. I think this becomes:

$ gpg2 --encrypt --dry-run --symmetric --recipient ypt filename.txt

As you see, you've specified the recipient "ypt" because the short option -r
takes an argument, making the rest of the string the argument. The key you mention

>> pub  4077g/0xDCEA1B7C6B136ECF 2004-06-06 TrueCrypt Foundation <contact at>

has the string "ypt" in its name.

> (pinentry asked my password, then second confirmation entry)

Actually, pinentry asks for the password for --symmetric. The fact that it asks
for confirmation indicates that it is prompting you for a new password, rather
than existing one, which it would only prompt again if you got it wrong.

> Why would gnupg pick an unwanted key for encryption ?  That seems a potentially
> dangerous thing to do even though there was a warning message.

The command line is a potentially dangerous place! ;)



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list