On 06/18/2014 04:46 AM, Richard Ulrich wrote: > $ gpg -d test.txt.gpg > gpg: Anonymer Empfänger; Versuch mit geheimem Schlüssel 0AE275A9 … > gpg: sending command `SCD PKDECRYPT' to agent failed: ec=6.91 > gpg: Anonymer Empfänger; Versuch mit geheimem Schlüssel 8760DB3E … > gpg: Alles klar, wir sind der ungenannte Empfänger. > gpg: verschlüsselt mit RSA Schlüssel, ID 00000000 > > It first tries to decrypt using the primary key. And since the card with > the primary key is not plugged in, it outputs an error, before it tries > the sub key that succeeds.
> I tried using the -r option to specify the key to use, but it was > seemingly ignored. > > Is there a way to specify which key to try first? see the --try-secret-key option or the --default-key option as described in gpg(1). > PS: out of curiosity: What does the "ID 00000000" mean in the output > from gpg : > gpg: verschlüsselt mit RSA Schlüssel, ID 00000000 This is a "hidden recipient" in the public key encrypted session key packet. from https://tools.ietf.org/html/rfc4880#section-5.1 : An implementation MAY accept or use a Key ID of zero as a "wild card" or "speculative" Key ID. In this case, the receiving implementation would try all available private keys, checking for a valid decrypted session key. This format helps reduce traffic analysis of messages. hth, --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
