Help needed - again

Robert J. Hansen rjh at sixdemonbag.org
Sun May 8 06:53:42 CEST 2016 

> I am, therefore, sending it again.

I've been hoping someone else would tackle this, since I'm not
particularly well-versed in PGP for OS X.  I do run GnuPG on OS X,
though, so maybe I can be of some assistance.

I'm going to be posing a lot of questions here, but they're all
rhetorical -- they're meant to illuminate some of the open questions,
not things to respond to right away.  At the end of this message I'll
repeat these questions, and give steps that you can follow which will
help reach answers.

> I am on a Mac, running OS 10.11.4.

My laptop's 10.11 as well, so my experience should be applicable to yours.

> I had been using PGP ( v9.7.1?)  on a previous older Mac but, of course,
> that will not work on OS X.

Symantec sells a 10.x version which worked with OS X -- at least, a
previous version of OS X (I haven't checked past 10.8).  If GnuPG fails
to work out for you, you may want to consider that.  I don't advocate it
as a first option, though: let's see if we can resolve your problem.  :)

> I downloaded the suite and did the install on my laptop (I did not want

Which suite?  Several different groups package GnuPG for OS X.

	* Macports
	* Homebrew
	* Fink
	* GPGTools
	* GPGOSX

Without knowing precisely what package you installed, my advice here
will have to be general.

> The Keychain was moved from my old machine to the new one.

PGP stores its public and secret keys in two files called "pubring.pkr"
and "secring.skr".  These are not stored on the Apple Keychain.  Did you
migrate the pubring.pkr and secring.skr files, or did you migrate the
Apple Keychain?

> I assume I mistakenly created that set when I was
> trying earlier to install GPG.

Do you recognize the certificate ID associated with this set?

> After getting some help from some of you, it appeared that the install
> was good.  I could send an encrypted and signed message to myself and
> receive it.

Which certificate did you use to encrypt to yourself?  The one you found
which you believe was mistakenly created, or your certificate from 2003?

> He did and …  I cannot decrypt his message.

How do you know that he used your certificate to encrypt the message?
Oftentimes, when we can't decrypt traffic sent to us, it's because the
person sending us email used the wrong certificate.

> I still have the previous/original secret and public keys. When I tried
> to Import them, I get a prompt telling me:

How are you trying to import them?  And are you importing two files
named "pubring.pkr" and "secring.skr", or something else?

> I do not know what to do now. Should I Uninstall everything,
> cancel/revoke all the keys and start over from scratch?

It's hard to say right now.  Let's try to get a firm handle on exactly
what's going on before we take any drastic steps.  :)


* Which GnuPG suite did you install?

This one should be fairly straightforward.  If you don't remember
offhand, look through your browser history.  :)



* Did you migrate an Apple Keychain, or a pubring.pkr/secring.skr file set?

Open a Terminal window (Applications/Utilities/Terminal.app).  At the
prompt, which I'm going to assume is "$" (although it probably won't
be), type:

$ find ~ -name "*ring.?kr"

When you respond to this email, include the output of this command,
please.  (You should, of course, first check to make sure you're not
revealing any confidential information.  This command is perfectly safe,
but you shouldn't take my word for it.)



* Is the certificate ID of the mystery certificate the same as that of
your normal certificate?

If you don't know your normal certificate's ID, then just answer "I
don't know".  It's okay.  :)



* Which certificate did you use to encrypt to yourself?

Take the email that you could read and save it (in encrypted form) to
your Desktop as "my_message.eml".  From Terminal.app, run this:

$ gpg -vvvv $HOME/Desktop/my_message.eml

You'll get a ton of output.  Copy-and-paste it into your response (after
checking to make sure there's nothing confidential in there).


* Which certificate did he use to encrypt his message to you?

Take the email that you couldn't read and save it to your Desktop as
"his_message.eml".  From Terminal.app, run this:

$ gpg -vvvv $HOME/Desktop/his_message.eml

Copy-and-paste that into your response.



... Do all this, and we should be much better able to help you figure
this thing out.  :)

More information about the Gnupg-users mailing list