PGP Howto


I manage to install new pgp rpm into Linux box version 6.5.

I encrypt a file with receipent user id and sent the encrypted file together with my public key.

The receipient can decrypt the file successfully.

Then, the receipient (PGP Client on Windows), encrypt one file with his id and send to me (Linux Server)

The problem is when to decrypt at Linux server. And give the following error.
I did put his pub key inside my Linux ... pgp user.asc and also see the key id inside when issuing pgp kvv command.  WHAT WHEN WRONG?

[root@localhost /root]# pgp WhatsNew----222.txt.pgp
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.

File is encrypted.  Secret key is required to read it.
You do not have the secret key needed to decrypt this file.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

This works the other way round :-P

You create a key on the machine where you want to decrypt and  publish the public key. Somone encrypts with the public key and you decrypt witn your private key.
Oh, BTW, there is gpg, which is the GPL ? version for pgp manipulation.
khairiAuthor Commented:
first I create pair of key using pgp -kg
then I create a key using pgp -kx for the public key

both client do this and both exchange the public key thru email. Both client run pgp pubclient1.pgp and pgp pubclient2.pgp to sign the key and id to their keyring

then, one client encrypt a file using receipient public key pgp -e text.txt "userid" and sent the text.txt.pgp thru email to the other user

when try to decrypt it show the above error using pgp text.txt.pgp

Is the above step correct?
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

I think there is a mistake. You should run pgp -ka publient1.pgp (and pgp -ka pubclient2.pgp) to import the public keys.
You can check the contenet of the your keyring with pgp -kv. Both keys should be in the ring after you import (add) them.

See also for more explanations.
khairiAuthor Commented:
I did what you have suggested and also follow the steps inside the link

Manage to add the pub key inside the keyring and view with kvv and confirm

Problem:  When trying to encypt a file the public id it say error

[root@localhost ~]#pgp -e test.txt pubclient1
Pretty Good Privacy(tm) Version 6.5.8
(c) 1999 Network Associates Inc.
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.

Recipients' public key(s) will be used to encrypt.

Key for user ID: pubclient1 <>
1024-bit DSS key, Key ID 0x40C81B94, created 2003/03/27
Users cannot encrypt to this key.
WARNING:  Because this public key is not certified with a trusted
signature, it is not known with high confidence that this public key actually belongs to: "pubclient1 <>".

Are you sure you want to use this public key (y/N)?y
Encryption error

For a usage summary, type:  pgp -h
For more detailed help, consult the PGP User's Guide.

During the installation of the keys .. it ask for Generate an encryption key ... During the installation I choose N for not to install it.

Do I need this generate an encryption key?
khairiAuthor Commented:
And I have no problem encrpt or decrpt using

pgp -c test.txt
I would delete all the keys and generate them again. Also, it is better to move the keys in ascii format.

Yes, I think you need to generate an encryption key :-)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
khairiAuthor Commented:
I remove all the keys
Regenerade the key with encryption keys
Export public using ASCII -a option

and IT WORKS!!!

Thanks a lot
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.