PGP - Importing keys and using them...

Ok, I deleted another question, because now I feel completely lost...  

I have a PGP-encrypted file.  To decrypt it, I was sent a key (key.asc) and a passphrase (let's just say it's "mypassphrase")

I imported the key using gpg --import key.asc.  I see it when I do:

gpg --list-keys

gpg --list-keys
/Users/janedoe/.gnupg/pubring.gpg
-------------------------------------
pub   1024D/XXXXXXXXX 2010-03-22
uid                  Jane Doe (MAC GPG) <XXXXXXXXX@XXXXXXXXX.com>
sub   2048g/XXXXXXXXX 2010-03-22

pub   2048R/XXXXXXXXX 2010-03-10
uid                  John Doe (XXXXXXXXX FTP Key) <XXXXXXXXX@XXXXXXXXX.org>
sub   2048R/XXXXXXXXX 2010-03-10


It's the second one listed.... But, I can't decrypt the file because I get: gpg: decryption failed: secret key not available

So, based on what I was given, how exactly am I supposed to decrypt the file using the key & passphrase that I was sent?
n00b0101Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sarangk_14Commented:
Hi,

I think you should be using the following command to list the keys in your secret key ring:
  gpg --list-secret-keys

As per the common wisdom, you decrypt files with your private key. Private key is the one that has to be accessed using a passphrase.
The output you have provided indicates public key, which was used to encrypt the file(s) sent to you. gpg --list-keys provides a list of public keys, not private keys.

gpg --decrypt file (extension may be .gpg or .asc)

However, I would also like ot request you to confirm that you have imported the private key.

Hope this helps.

Warm regards,
Sarang
0
n00b0101Author Commented:
Well, gpg --list-secret-keys only yields:

/Users/jaendoe/.gnupg/secring.gpg
-------------------------------------
sec   1024D/XXXXXXXX 2010-03-22
uid                  Jane Doe (MAC GPG) <XXXXXXXX@XXXXXXXX.com>
ssb   2048g/XXXXXXXX 2010-03-22


Does this mean that I can't decrypt the file?  Or, do I decrypt it with my secret key?  What's the command for that?  Is it different?
0
n00b0101Author Commented:
Also, the extension for the file I'm attempting to decrypt is pgp


0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

sarangk_14Commented:
"Does this mean that I can't decrypt the file?" Not necessarily.

First, kindly answer the following questions:
1. What's your level of understanding about PGP/ GPG? (I only need to know this in order to ensure we remain on the same page)
2. Are you PGP or GPG (GnuPG)? Are you in a position to use the GUI (non command line) version as well?
3. Can you tell me what version of PGP command line you are using?

Regards,
Sarang
0
n00b0101Author Commented:
Hi, thanks...

(1) I know almost nothing.  I've never worked with it before, so I'm definitely out of my comfort zone.

(2) I have GnuPG installed.  But, I thought that I could read pgp-encrypted files with it?

(3) I don't have PGP. I'm running GPG v1.4.10.  I can't use a GUI, as, eventually, all the decryption and encryption will run via shell script cronjob
0
tty2Commented:
This link will be usefull for you:
http://arc.apotheon.org/cheats/gpg_quick.html
0
sarangk_14Commented:
No Problem. PGP and GnuPG are fully compatible in this regard.

I think we first need to establish that the private key got exported in the first place.

The command to use for this is: gpg --export-secret-keys >keyfile
Just doing gpg --export is not adequate, as it only exports  the public keys. From your first post it looks like only the public key for "John Doe" was exported.

Kindly confirm with the person who sent the key to you that the private key was exported and not the public key. You can ask them what command he/ she used to export the key.

Regards,
Sarang

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gtkfreakCommented:
The person who sends you an encrypted file would have used your public key to encrypt it. Therefore, you need your private key to decrypt the file.
Decrypt using:
gpg -d <gpg filename>

You will be asked for the secret key password. Enter, and you should get your file.

If you are using Linux, you can use a GUI tool call gpa.
If you are using Windows, visit http://www.gpg4win.org and download the installer.

Hopefully, the GUI makes it easier for you. Here is the handbook for novices http://gpg4win.de/handbuecher/novices.html

0
n00b0101Author Commented:
Ok...  It was exported with a public key, but perhaps I was meant to import the key that I was sent and the passphrase as my private key?  Is that possible?
0
n00b0101Author Commented:
After checking, you were right!  They didn't export the private key, so thank you so much!!!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Shell Scripting

From novice to tech pro — start learning today.