khairi
asked on
PGP Howto
Hi,
I manage to install new pgp rpm into Linux box version 6.5.
I encrypt a file with receipent user id and sent the encrypted file together with my public key.
The receipient can decrypt the file successfully.
Then, the receipient (PGP Client on Windows), encrypt one file with his id and send to me (Linux Server)
The problem is when to decrypt at Linux server. And give the following error.
I did put his pub key inside my Linux ... pgp user.asc and also see the key id inside when issuing pgp kvv command. WHAT WHEN WRONG?
[root@localhost /root]# pgp WhatsNew----222.txt.pgp
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.
File is encrypted. Secret key is required to read it.
You do not have the secret key needed to decrypt this file.
I manage to install new pgp rpm into Linux box version 6.5.
I encrypt a file with receipent user id and sent the encrypted file together with my public key.
The receipient can decrypt the file successfully.
Then, the receipient (PGP Client on Windows), encrypt one file with his id and send to me (Linux Server)
The problem is when to decrypt at Linux server. And give the following error.
I did put his pub key inside my Linux ... pgp user.asc and also see the key id inside when issuing pgp kvv command. WHAT WHEN WRONG?
[root@localhost /root]# pgp WhatsNew----222.txt.pgp
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.
File is encrypted. Secret key is required to read it.
You do not have the secret key needed to decrypt this file.
Oh, BTW, there is gpg, which is the GPL ? version for pgp manipulation.
ASKER
first I create pair of key using pgp -kg
then I create a key using pgp -kx for the public key
both client do this and both exchange the public key thru email. Both client run pgp pubclient1.pgp and pgp pubclient2.pgp to sign the key and id to their keyring
then, one client encrypt a file using receipient public key pgp -e text.txt "userid" and sent the text.txt.pgp thru email to the other user
when try to decrypt it show the above error using pgp text.txt.pgp
Is the above step correct?
then I create a key using pgp -kx for the public key
both client do this and both exchange the public key thru email. Both client run pgp pubclient1.pgp and pgp pubclient2.pgp to sign the key and id to their keyring
then, one client encrypt a file using receipient public key pgp -e text.txt "userid" and sent the text.txt.pgp thru email to the other user
when try to decrypt it show the above error using pgp text.txt.pgp
Is the above step correct?
I think there is a mistake. You should run pgp -ka publient1.pgp (and pgp -ka pubclient2.pgp) to import the public keys.
You can check the contenet of the your keyring with pgp -kv. Both keys should be in the ring after you import (add) them.
See also http://mercury.chem.pitt.edu/~sasha/LinuxFocus/English/November1997/article7.html for more explanations.
See also http://mercury.chem.pitt.edu/~sasha/LinuxFocus/English/November1997/article7.html for more explanations.
ASKER
I did what you have suggested and also follow the steps inside the link
Manage to add the pub key inside the keyring and view with kvv and confirm
Problem: When trying to encypt a file the public id it say error
[root@localhost ~]#pgp -e test.txt pubclient1
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.
Recipients' public key(s) will be used to encrypt.
Key for user ID: pubclient1 <client1@clien1.com>
1024-bit DSS key, Key ID 0x40C81B94, created 2003/03/27
Users cannot encrypt to this key.
WARNING: Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key actually belongs to: "pubclient1 <client1@client1.com>".
Are you sure you want to use this public key (y/N)?y
Encryption error
For a usage summary, type: pgp -h
For more detailed help, consult the PGP User's Guide.
During the installation of the keys .. it ask for Generate an encryption key ... During the installation I choose N for not to install it.
Do I need this generate an encryption key?
Manage to add the pub key inside the keyring and view with kvv and confirm
Problem: When trying to encypt a file the public id it say error
[root@localhost ~]#pgp -e test.txt pubclient1
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.
Recipients' public key(s) will be used to encrypt.
Key for user ID: pubclient1 <client1@clien1.com>
1024-bit DSS key, Key ID 0x40C81B94, created 2003/03/27
Users cannot encrypt to this key.
WARNING: Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key actually belongs to: "pubclient1 <client1@client1.com>".
Are you sure you want to use this public key (y/N)?y
Encryption error
For a usage summary, type: pgp -h
For more detailed help, consult the PGP User's Guide.
During the installation of the keys .. it ask for Generate an encryption key ... During the installation I choose N for not to install it.
Do I need this generate an encryption key?
ASKER
And I have no problem encrpt or decrpt using
pgp -c test.txt
pgp -c test.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I remove all the keys
Regenerade the key with encryption keys
Export public using ASCII -a option
and IT WORKS!!!
Thanks a lot
Regenerade the key with encryption keys
Export public using ASCII -a option
and IT WORKS!!!
Thanks a lot
You create a key on the machine where you want to decrypt and publish the public key. Somone encrypts with the public key and you decrypt witn your private key.