cipher used when both --encrypt and --symmetric is specified

Martin Ilchev martini5468 at gmail.com
Fri Feb 26 11:44:27 CET 2016 

Hi Peter,

Thanks for the reply.

I did browse the man pages quite a bit (I am a bit afraid I browsed too
much and touched stuff I should leave well alone :))

I did set my key preferences a few months ago and made sure the key had
them as well. Here is the output of showperf:

     Cipher: AES256, AES192, AES, CAST5, 3DES


     Digest: SHA512, SHA384, SHA256, SHA224, SHA1


     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

Also here is all the stuff I have in my gpg.conf:
```
    personal-cipher-preferences AES256 TWOFISH CAMELLIA256 AES192
CAMELLIA192 AES CAST5 CAMELLIA128 BLOWFISH IDEA 3DES
    personal-digest-preferences SHA512 SHA384 SHA256 SHA224 AES256 AES192
AES CAST5 ZLIB BZIP2 ZIP Uncompressed
    s2k-digest-algo SHA512
    keyserver hkps://hkps.pool.sks-keyservers.net
    keyserver-options
ca-cert-file=/home/martin/.gnupg/sks-keyservers.netCA.pem
    keyserver-options no-honor-keyserver-url
    keyid-format 0xlong
    with-fingerprint
    cert-digest-algo SHA512
    default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES
CAST5 ZLIB BZIP2 ZIP Uncompressed
    use-agent
```

Let me know if you need more info.

Regards,
Martin

On Fri, 26 Feb 2016 at 09:55 Peter Lebbing <peter at digitalbrains.com> wrote:

> On 25/02/16 15:42, Martin Ilchev wrote:
> > I am looking for some help to figure out what cipher is used for
> > symmetric encryption when both pass phrase and public keys are used. I
> > have configured my gpg.conf with my preferred cipher algorithms as
> follows:
> > personal-cipher-preferences AES256 TWOFISH CAMELLIA256 AES192
> > CAMELLIA192 AES CAST5 CAMELLIA128 BLOWFISH IDEA 3DES
>
> Those preferences are not what is used when encrypting to your own key.
> To see those do:
>
> $ gpg2 --edit-key {KEYID}
> > showpref
>
> To change them do:
>
> > setpref <preference list>
>
> Note that this refers to all types of preferences, not just ciphers.
>
> To set a default preference list for setpref, include in your gpg.conf:
>
> default-preference-list <preference list>
>
> I'd suggest a bit of browsing through the man page with a search term of
> "preference" :). Note that these key preferences are part of your public
> key, and if you want others to respect them as well, they need to
> refresh your public key with the new preferences if you change them.
>
> > 2. Symmetrically encrypt and also encrypt for my own public key:
> > gpg2 -vvv --symmetric --encrypt --sign -r 0x1234567890ABCDEF somefile
> > decrypting the file shows that the cipher used is CAST5
>
> It would be helpful to know what your key preferences are, since it
> might just be the most preferred algorithm from the intersection of
> personal preferences and key preferences.
>
> HTH,
>
> Peter.
>
> --
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160226/9eb1945e/attachment.html>

More information about the Gnupg-users mailing list