PGP - Importing keys and using them...

Ok, I deleted another question, because now I feel completely lost...  

I have a PGP-encrypted file.  To decrypt it, I was sent a key (key.asc) and a passphrase (let's just say it's "mypassphrase")

I imported the key using gpg --import key.asc.  I see it when I do:

gpg --list-keys

gpg --list-keys
/Users/janedoe/.gnupg/pubring.gpg
-------------------------------------
pub   1024D/XXXXXXXXX 2010-03-22
uid                  Jane Doe (MAC GPG) <XXXXXXXXX@XXXXXXXXX.com>
sub   2048g/XXXXXXXXX 2010-03-22

pub   2048R/XXXXXXXXX 2010-03-10
uid                  John Doe (XXXXXXXXX FTP Key) <XXXXXXXXX@XXXXXXXXX.org>
sub   2048R/XXXXXXXXX 2010-03-10


It's the second one listed.... But, I can't decrypt the file because I get: gpg: decryption failed: secret key not available

So, based on what I was given, how exactly am I supposed to decrypt the file using the key & passphrase that I was sent?
n00b0101Asked:
Who is Participating?
 
sarangk_14Connect With a Mentor Commented:
No Problem. PGP and GnuPG are fully compatible in this regard.

I think we first need to establish that the private key got exported in the first place.

The command to use for this is: gpg --export-secret-keys >keyfile
Just doing gpg --export is not adequate, as it only exports  the public keys. From your first post it looks like only the public key for "John Doe" was exported.

Kindly confirm with the person who sent the key to you that the private key was exported and not the public key. You can ask them what command he/ she used to export the key.

Regards,
Sarang

0
 
sarangk_14Commented:
Hi,

I think you should be using the following command to list the keys in your secret key ring:
  gpg --list-secret-keys

As per the common wisdom, you decrypt files with your private key. Private key is the one that has to be accessed using a passphrase.
The output you have provided indicates public key, which was used to encrypt the file(s) sent to you. gpg --list-keys provides a list of public keys, not private keys.

gpg --decrypt file (extension may be .gpg or .asc)

However, I would also like ot request you to confirm that you have imported the private key.

Hope this helps.

Warm regards,
Sarang
0
 
n00b0101Author Commented:
Well, gpg --list-secret-keys only yields:

/Users/jaendoe/.gnupg/secring.gpg
-------------------------------------
sec   1024D/XXXXXXXX 2010-03-22
uid                  Jane Doe (MAC GPG) <XXXXXXXX@XXXXXXXX.com>
ssb   2048g/XXXXXXXX 2010-03-22


Does this mean that I can't decrypt the file?  Or, do I decrypt it with my secret key?  What's the command for that?  Is it different?
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
n00b0101Author Commented:
Also, the extension for the file I'm attempting to decrypt is pgp


0
 
sarangk_14Commented:
"Does this mean that I can't decrypt the file?" Not necessarily.

First, kindly answer the following questions:
1. What's your level of understanding about PGP/ GPG? (I only need to know this in order to ensure we remain on the same page)
2. Are you PGP or GPG (GnuPG)? Are you in a position to use the GUI (non command line) version as well?
3. Can you tell me what version of PGP command line you are using?

Regards,
Sarang
0
 
n00b0101Author Commented:
Hi, thanks...

(1) I know almost nothing.  I've never worked with it before, so I'm definitely out of my comfort zone.

(2) I have GnuPG installed.  But, I thought that I could read pgp-encrypted files with it?

(3) I don't have PGP. I'm running GPG v1.4.10.  I can't use a GUI, as, eventually, all the decryption and encryption will run via shell script cronjob
0
 
tty2Commented:
This link will be usefull for you:
http://arc.apotheon.org/cheats/gpg_quick.html
0
 
gtkfreakCommented:
The person who sends you an encrypted file would have used your public key to encrypt it. Therefore, you need your private key to decrypt the file.
Decrypt using:
gpg -d <gpg filename>

You will be asked for the secret key password. Enter, and you should get your file.

If you are using Linux, you can use a GUI tool call gpa.
If you are using Windows, visit http://www.gpg4win.org and download the installer.

Hopefully, the GUI makes it easier for you. Here is the handbook for novices http://gpg4win.de/handbuecher/novices.html

0
 
n00b0101Author Commented:
Ok...  It was exported with a public key, but perhaps I was meant to import the key that I was sent and the passphrase as my private key?  Is that possible?
0
 
n00b0101Author Commented:
After checking, you were right!  They didn't export the private key, so thank you so much!!!!
0
All Courses

From novice to tech pro — start learning today.