Unable to decrypt file copied from USB thumb drive.

[Ingo Klöcker]

On Samstag, 30. Oktober 2021 14:24:58 CEST Chris Taylor wrote:
> The hash of my gpg file on my laptop is different to it's hash on the
> thumb drive.

If the hash of any file on your laptop differs from the hash of the same file 
after copying it to the thumb drive this can only mean two things:

1. Either you made something wrong when you copied the file to the thumb 
drive, e.g. you unplugged the thumb drive before the file was actually fully 
written to the thumb drive.
Solution: Always make sure to "eject" the thumb drive before unplugging it.

2. Or your thumb drive has a hardware error. Or it is a forged thumb drive 
which claims to be larger than it actually is. There are loads of forged thumb 
drives sold on the Internet. Don't assume you are making a bargain when you 
are offered a large thumb drive to an insanely low price.
Solution: Destroy the thumb drive physically (to make sure nobody can get 
access to the data stored on it) and then throw it away.

> For comparison, the hash of the tar.gz file (i.e. before
> encryption) is the same before and after I copy it to the thumb drive.
> 
> Are there any techniques I should be using to protect my gpg file?

Yes, but those "techniques" are not special for gpg files. They apply to any 
files. The "techniques" are:
* Don't unplug the thumb drive before all data was fully written to it.
* Don't use thumb drives with hardware defects or with forged size.
* If you want to be really sure that a file was transferred correctly to the 
thumb drive, then unplug the thumb drive, re-plug it and then compare the 
hashes of the file.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20211030/e5895c79/attachment.sig>