fingerprint associated public key does not match displayed public key

S.B. sami.badri at gmail.com
Sun Dec 19 03:44:46 CET 2021


> Did you notice the command is "gpg --import < certificate.txt"?

Yes, sorry.  I did type the command correctly.

>> I placed the file in my .gnupg hidden folder.
>
> Then you'd need to do "gpg --import < ~/.gnupg/certificate.txt".  If
certificate.txt isn't in your current directory, you need to tell Linux
where to look for it.

It worked.  I placed the txt file (copied and pasted) certificate in
my .gnugp folder and it went through.

> Please stop using that resource.  As mentioned above, it's shockingly bad.

To be fair.  The resource didn't actually tell me to do it that way.
It only supplied me with the command.  The method was my roundabout
way of making it work (based on my underivative understanding).  It
seems as though my entry into this realm was clearly... bad.  I wanted
to learn the system without using separate encryption software like
kleopatra.  I wanted to know how to do it with just gpg and any email
provider.  It's difficult, and I have a lot to learn.

and... I was hoping that, since I have your email, key ID, and fingerprint ;)
I could write an encrypted message to your sixdemonbag email.  I'd
completely understand if you'd rather not.  I just have now found
myself luring friends and relatives into learning this with me and
exchanging encrypted emails and... it's not going well.


>

On Fri, Dec 17, 2021 at 9:24 PM Robert J. Hansen <rjh at sixdemonbag.org> wrote:
>
> > What other keys would it hold?
>
> Behold:
>
> pub   ed25519/1E7A94D4E87F91D5 2021-02-22 [SC]
>        7D8EC4B85B6FEDD6C10D3C791E7A94D4E87F91D5
> uid                 [ultimate] Robert J. Hansen <rob at hansen.engineering>
> uid                 [ultimate] Robert J. Hansen <rjh at sixdemonbag.org>
> sub   cv25519/7D6CCDB66CA1202F 2021-02-22 [E]
>
>
> My public certificate has two keys: an Edwards-25519 signing key and a
> Curve-25519 encryption key.
>
> Back in the '90s, certificates almost always held a single key that was
> used for both encryption and signing.  Then we realized, "if the courts
> force us to give our decryption key to the cops so they can read our
> traffic, we're also giving them the ability to impersonate us."  Since
> then, virtually every OpenPGP certificate has had at least two keys: one
> for signing and one for encryption.
>
> There are cases where three or more keys are appropriate, but they're
> kind of outside the scope of the current discussion.
>
> >> Sure it does.  I did that no more than twenty minutes ago myself.
> >
> > So I typed the gpg --import > certificate.txt command and it says "no
> > such file or directory: certificate.txt" (certificate has a different
> > name of course).
>
> Did you notice the command is "gpg --import < certificate.txt"?
>
> > I placed the file in my .gnupg hidden folder.
>
> Then you'd need to do "gpg --import < ~/.gnupg/certificate.txt".  If
> certificate.txt isn't in your current directory, you need to tell Linux
> where to look for it.
>
> > Here is really the root of my problem.  As you probably know, I'm not
> > using a Web Key Service/Directory enabled email provider, so if I were
> > to get an encrypted message intended for me, I'd have to copy the
> > encryption text, paste it into txt file, then import/decrypt it like
> > that with: gpg --decrypt ~/Desktop/encryptedfile.txt | perl
> > -MMIME::QuotedPrint -0777 -nle 'print decode_qp($_)'
>
> That's shockingly bad.
>
> Try using an email client with OpenPGP support built-in.  On Linux the
> two major choices are Evolution and Thunderbird.
>
> > That's a command I found online from a source that I've been using for
> > learning pgp.
>
> Please stop using that resource.  As mentioned above, it's shockingly bad.
>
> As the FAQ says, "The good news is the internet is a treasure trove of
> information. The bad news is that the internet is a festering sewer of
> misinformation, conspiracy theories, and half-informed speculations all
> masquerading as informed commentary."



More information about the Gnupg-users mailing list