fingerprint associated public key does not match displayed public key

Rainer Fiebig jrf at
Tue Dec 21 11:39:51 CET 2021

Am 18.12.21 um 19:07 schrieb Ingo Klöcker:
> On Freitag, 17. Dezember 2021 18:04:04 CET S.B. via Gnupg-users wrote:
>>> Otherwise, you can simply send your exported key to the person you want to
>>> give your public key to.
>> Yeah so, I can attach the .asc file that's in my Disk/users/SamiBadri
>> folder (it's the only .asc file I've seen), but I'm assuming that is
>> my public key.  Is that correct?
> Well, it depends. We have no idea what the .asc file in Disk/users/SamiBadri 
> contains. It could be your public key. Or it could be somebody else's public 
> key. Or it could be something other than a public key.
> Quite frankly, I suggest that you follow Robert's advice and start your 
> learning experience with OpenPGP by using an email client that supports 
> OpenPGP out-of-the-box. All decent email clients should have a functionality 
> to attach your public key to an email without you having to attach some file 
> manually.
>> Is there anyway to send your private key?
> Sure. You can send any file to anyone, so, of course, you can do the same with 
> your private key (unless it's stored on a smartcard in a read-protected slot).
> A decent email client should not offer a functionality to attach your secret 
> key to an email. So, if you stick to what your email client offers you, then 
> you should be safe.
>> I want to know so that I don't do it accidentally.
> Then don't attach random files you find on your disk to your emails without 
> knowing what those files contain.
>> Also, if I
>> use the cat SamiB.asc command, the terminal reveals a certificate (and
>> I assume that's my public key certificate).
> You shouldn't assume anything if you are dealing with encryption software. You 
> should be sure what you are doing. Otherwise, in the extreme, you could 
> jeopardize the lives of other people.
And then there's the one you're communicating with. Also make sure that
*he* knows what he is doing. Otherwise you might jeopardize your own
life. For example: Someone who replies to your top secret, perfectly
encrypted mail - without encrypting his reply. ;)


More information about the Gnupg-users mailing list