On 08/16/2013 04:20 PM, Steven Bonda wrote: > I did a lot of research and digging and was finally able to get the file to > decrypt: > > c:\temp>gpg2 --batch --try-all-secrets --passphrase pass -o temp.txt -d > temp.txt.pgp > gpg: anonymous recipient; trying secret key A328FC0E ... > gpg: WARNING: cipher algorithm IDEA not found in recipient preferences > gpg: okay, we are the anonymous recipient. > gpg: encrypted with RSA key, ID 727A253D > gpg: old style (PGP 2.x) signature > gpg: Signature made 08/15/13 03:31:01 Eastern Daylight Time using DSA key ID > C0649AF6 > gpg: Can't check signature: No public key > gpg: WARNING: message was not integrity protected
You are decrypting a public key enciphered file. The only way you can do that is you must have the secret key. That is why Werner told you to list all of the secret keys below. Without that secret key you are not going to be able to decipher the file. By telling it to try all of the secret keys it finally found the right secret key to decipher the file. gpg2 didn't see IDEA in your choice of ciphers. I should not want to see the IDEA cipher either, since it is not in my preferences. IDEA is an old archaic cipher along with 3DES. But note that I want 3DES only as a last resort. I will be much happier with the use of TWOFISH or AES. Paradoxically, at one time AES (also called AES128) was actually stronger than AES256. I don't know if this is still the case but have no desire to change my preferences. You probably also have a key setup problem in gpg/gpg2. I never was able to either use my GnuPG keys with PGP or vice versa without an export of the secret key and import and then a lot of twiddling with the trust levels and other things to make them work. Let me show you what happens with my secret key with a --edit-key (no --verbose or -v which are the same thing): http://www.securemecca.com/public/GnuPG/GnuPG_Prefs.txt What you have that is different than what I have is something you want to look at as the possible cause of the problem. I suspect you have a trust problem but gpg / gpg2 can see that the 727A253D has a secret key available and deciphered the file although gpg2 didn't like the use of the IDEA cipher. Now that I have said all of this I am not so sure that what Werner said and how he said it isn't actually a lot better. What I am hoping is that contrasting what you have (which is not working) with what I have (which does work) might help you. Just do a "?" at the "Command> " to get a list of things that can be done. I think you may need to change the trust level for your keys. Start with Werner's commands below minus the verbose, contrast with mine and then do the commands exactly as Werner has given and go from there. If you give Werner the verbose output he can probably tell you exactly what needs to be changed but you also may see the debug information gives you all you need to know. > c:\temp> > > fwiw, I'd welcome any information on what happened just > because I'd like to know what happened. > > Maybe this helps someone in the future. > > Thanks for all the help. > -- STeve > > -----Original Message----- > From: Werner Koch [mailto:w...@gnupg.org] > Sent: Friday, August 16, 2013 10:36 AM > To: Steven Bonda > Cc: gnupg-users@gnupg.org > Subject: Re: No secret key on 1 file > > On Fri, 16 Aug 2013 14:56, sbo...@advance-medical.com said: > >> gpg: encrypted with RSA key, ID 727A253D >> gpg: decryption failed: No secret key > > Please check thenoutput of > > gpg2 -v -K 727A253D > > If you can't see the reason, you may want to > > gpg2 -v --edit-key 727A253D > > to see some more details. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
