On 04/22/2013 07:28 AM, Lema KB wrote: > Hi all > > Is there any other way of using one and the same private-key by several > users, except exporting the priv-key? > We are decrypting some csv-files on a virtual machine. and it's for us not > so appropriate to share private-key through exporting. maybe there is a way > out, like giving/taking the right to/from the group of windows users to > decrypt the files. > > If someone knows from you, would be very thankful. any help is also > appreciated.
It kind of depends on whether or not you want to use symmetric ciphers or public-key ciphers. For symmetric ciphers you can all have your own private / public key pair. You could even use 7-Zip unless it is precluded by regulations. AES-128 with a great password is usually more than adequate for many but by no means ALL purposes. But a symmetric enciphered file can be deciphered by anyone if they know the password and have the software to decipher the file. But if you are using email and public key encryption, when you encipher the message to send to multiple people, Enigmail in Thunderbird and what ever is used in Claws Mail encrypts a separate copy for everybody using EACH PERSON'S public key. I just copy my whole key ring (contents of ~/.gnupg folder on Linux) among my multiple OS with the random_seed file modified with hexedit and the 0-9 & A-F modified with no plan (pure serendipity) so each of them have a different random_seed file. There are no guarantees whether or not that 'F' is going to be replaced by yet another 'F' or any scheme at all of which nibble gets modified or not. So each of my keyrings has its own random_seed file. ALL of my OS are 32 bit LE versions even if 64 bit is available. The two Linux systems have ways of using all of the 7 GB and 12 GB of RAM (e.g. PAE for Ubuntu) RAM available. I rarely use Windows but have two Windows 7 OS. You can get hexedit (binary) editors for Windows. But if you have even mixed 32 bit LE and 64 bit LE that approach will most likely NOT work (not tried, no proof, copying strongly discouraged). Ditto for BE (Macintosh Power PC, et al - copying is IMPOSSIBLE). You need to export / import under those conditions. Just be sure to erase the files copied with a pretty strong eraser for ALL of these files being transferred around, especially the priv key export files. I use the included AES-128 symmetric cipher in 7-Zip for the transfer for anything copied to a flash drive. You cannot use OpenPGP to do it because you have a chicken versus egg problem; you are transferring what needs to be on the other end to get it unpacked.. I apologize if there is a more elegant or better answer. Does that answer your question or were you asking something else? HHH
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
