Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1172
  • Last Modified:

PGP Howto

Hi,

I manage to install new pgp rpm into Linux box version 6.5.

I encrypt a file with receipent user id and sent the encrypted file together with my public key.

The receipient can decrypt the file successfully.

Then, the receipient (PGP Client on Windows), encrypt one file with his id and send to me (Linux Server)

The problem is when to decrypt at Linux server. And give the following error.
I did put his pub key inside my Linux ... pgp user.asc and also see the key id inside when issuing pgp kvv command.  WHAT WHEN WRONG?

[root@localhost /root]# pgp WhatsNew----222.txt.pgp
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.

File is encrypted.  Secret key is required to read it.
You do not have the secret key needed to decrypt this file.
0
khairi
Asked:
khairi
  • 5
  • 4
1 Solution
 
mbarbosCommented:
This works the other way round :-P

You create a key on the machine where you want to decrypt and  publish the public key. Somone encrypts with the public key and you decrypt witn your private key.
0
 
mbarbosCommented:
Oh, BTW, there is gpg, which is the GPL ? version for pgp manipulation.
0
 
khairiAuthor Commented:
first I create pair of key using pgp -kg
then I create a key using pgp -kx for the public key

both client do this and both exchange the public key thru email. Both client run pgp pubclient1.pgp and pgp pubclient2.pgp to sign the key and id to their keyring

then, one client encrypt a file using receipient public key pgp -e text.txt "userid" and sent the text.txt.pgp thru email to the other user

when try to decrypt it show the above error using pgp text.txt.pgp

Is the above step correct?
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
mbarbosCommented:
I think there is a mistake. You should run pgp -ka publient1.pgp (and pgp -ka pubclient2.pgp) to import the public keys.
0
 
mbarbosCommented:
You can check the contenet of the your keyring with pgp -kv. Both keys should be in the ring after you import (add) them.

See also http://mercury.chem.pitt.edu/~sasha/LinuxFocus/English/November1997/article7.html for more explanations.
0
 
khairiAuthor Commented:
I did what you have suggested and also follow the steps inside the link

Manage to add the pub key inside the keyring and view with kvv and confirm

Problem:  When trying to encypt a file the public id it say error

[root@localhost ~]#pgp -e test.txt pubclient1
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.

Recipients' public key(s) will be used to encrypt.

Key for user ID: pubclient1 <client1@clien1.com>
1024-bit DSS key, Key ID 0x40C81B94, created 2003/03/27
Users cannot encrypt to this key.
WARNING:  Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key actually belongs to: "pubclient1 <client1@client1.com>".

Are you sure you want to use this public key (y/N)?y
Encryption error

For a usage summary, type:  pgp -h
For more detailed help, consult the PGP User's Guide.

During the installation of the keys .. it ask for Generate an encryption key ... During the installation I choose N for not to install it.

Do I need this generate an encryption key?
0
 
khairiAuthor Commented:
And I have no problem encrpt or decrpt using

pgp -c test.txt
0
 
mbarbosCommented:
I would delete all the keys and generate them again. Also, it is better to move the keys in ascii format.

Yes, I think you need to generate an encryption key :-)
0
 
khairiAuthor Commented:
I remove all the keys
Regenerade the key with encryption keys
Export public using ASCII -a option

and IT WORKS!!!

Thanks a lot
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now