Folks
The gpg --import option worked without any problems for importing the OpenPGP
public keyring. When I try to import the secret keyring, I get the following
message:
[app1 ~/.gnupg]$ gpg --import secring.skr
gpg: key B4A839CC: secret key imported
gpg: key B4A8899S: "ofc" not changed
gpg: key 96B12847: secret key imported
gpg: key 96B12847: "pss" not changed
gpg: WARNING: key 96B12847 contains preferences for unavailable
gpg: algorithms on these user IDs:
gpg: "pss": preference for cipher algorithm 1
gpg: it is strongly suggested that you update your preferences and
gpg: re-distribute this key to avoid potential algorithm mismatch problems
Set preference list to:
Cipher: AES256, AES192, AES, CAST5, 3DES
Digest: SHA1, SHA256, RIPEMD160
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
Really update the preferences? (y/N)
If I answer "no", the import finishes with the message:
Key not changed so no update needed.
gpg: Total number processed: 7
gpg: w/o user IDs: 1
gpg: unchanged: 6
gpg: secret keys read: 7
gpg: secret keys imported: 7
When I created my gpg keyring, I selected the default for the key, DSA and
Elgamml, and a 2048 bit keysize.
What are the ramifications of just saying "yes" to the prompt - update
preferences? How potentially serious is the algorithm mismatch? I'd like to
better understand exactly what is happening.
Just for background, this is migration has to go into production in a very
short time. Redistributing keys to the various vendors, and to test the batch
jobs using these keys to exchange files with vendors, wasn't included when
planning. So I'm under a short deadline.
Cathy
---
Cathy L. Smith
IT Engineer
Pacific Northwest National Laboratory
Phone: 509.375.2687
Fax: 509.375.2330
Email: cathy.sm...@pnl.gov
-----Original Message-----
From: gnupg-users-boun...@gnupg.org [mailto:gnupg-users-boun...@gnupg.org] On
Behalf Of Laurent Jumet
Sent: Thursday, February 25, 2010 2:51 PM
To: Smith, Cathy
Subject: RE: Migrating from PGP to GPG question
Hello Smith, !
"Smith, Cathy" <cathy.sm...@pnl.gov> wrote:
> Another question about this migration. Is it possible to do a mass import
> of a single user's keyring or do I have to do it for each individual key.
> I've not been able to find anything so far about anything that addresses
> this.
I would try
gpg pubring.pgp
as GPG assumes usually the most relevant action.
Adding
keyring pubring.pgp
in gpg.conf adds current file to list of keyrings.
And
gpg --import pubring.pgp
should import the whole keyring too.
--
Laurent Jumet
KeyID: 0xCFAF704C
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
