Extraction of decryption session key without copying complete encrypted file

Fiedler Roman Roman.Fiedler at ait.ac.at
Wed Aug 2 15:52:13 CEST 2017

Hello list,

How to decrypt large files, e.g. gpg-encrypted backups, without copying them to the machine with the GPG private key?

I tried to split off the first gpg package from the encrypted file and extract the session key from that, but that did not work:

* Remote:

dd if=test.gpg bs=16k count=1 | gpgsplit

* Local GPG machine: 

gpg --homedir x --show-session-key < 000001-001.pk_enc

The later command does not fail but it does not print out the session key either.

* Local machine workaround:

By appending an unrelated zero-data length encrypted "mdc" block, the session key extraction works, but that seems to be a dirty workaround:

(cat 000001-001.pk_enc; echo "0gsBAAAAAAAAAAAAAA==" | base64 -d) > test.gpg

gpg --homedir x --show-session-key < test.gpg

What would be a clean way to do that?

Best regards,

Information Management
Center for Digital Safety & Security

AIT Austrian Institute of Technology GmbH
Reininghausstraße 13/1 | 8020 Graz | Austria
T +43 50550-2957 | M +43 664 8561599 | F +43 50550-2950
roman.fiedler at ait.ac.at | https://www.ait.ac.at

View my researcher profile: https://www.ait.ac.at/profile/detail/Fiedler-Roman/

FN: 115980 i HG Wien | UID: ATU14703506

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4814 bytes
Desc: not available
URL: </pipermail/attachments/20170802/b2e3536a/attachment.bin>

More information about the Gnupg-users mailing list