LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Pgp (http://www.linuxquestions.org/questions/linux-newbie-8/pgp-168288/)

Ruishanko 04-09-2004 04:36 PM

Pgp
 
Hi

Sorry to ask a really dumb question...

(How) Can I import my PGP keys from XP to use in Mandrake/ Kmail (or mozilla)?

I e-mailed all my keys from XP to myself in Mozilla (and Kmail) and seemed to be able to import, but when I try to decrypt/encrypt mail, I get an error (keys not found...)

I actually prefer Kmail from an an aesthetic point of view, but I'll take anything that works well with PGP.

I'm clearly missing something...

I am running Mandrake 9.2 via VMware virtual machine on XP...

Cheers
Gavin

dav7500 10-07-2004 01:27 PM

Just wondering if you ever got this going? I'm in a similar boat.

Tinkster 10-07-2004 01:59 PM

How similar is similar?

One of the key things to bear in mind is
that you need to export the SECRET keys.


Cheers,
Tink

dav7500 10-07-2004 02:04 PM

Yes, well, I was just about to post the question but I might as well start here. :)

Running XP Pro with 2 or 3 PGP keys that I'd like to export to my 2nd PC running RH Linux, particularly for use with KMail. Basically, I want to be able to encrypt/decrypt emails using the same keys I use in XP. (I'm not so concerned with PGP'g any files, etc...really only email via KMail app).

Thanks!

Tinkster 10-07-2004 02:16 PM

And what exactly is the question or problem you
have with that? :)



Cheers,
Tink

dav7500 10-07-2004 02:21 PM

Sorry for being unclear!

My question is HOW do I accomplish my listed goals.

I've copied the *.asc files from XP to linux.
I ran 'gpg --import file1.asc'
I ran 'gpg --import file2.asc'

Message states they were imported. Says total number processed & imported is '1' each time. (sounds good)

I also copied these *.asc files into the ~./gnupg directory.

Is that it or is there more to be done?

When I go into KMail: Settings --> Configure Kmail --> Identities --> Advanced and click on the 'change' button for 'OpenPGP key' field, the error states: "You either dont have GnuPG/PGP installed or you chose not to use GnuPG/PGP."

So...what did I do wrong?

Thanks.

Tinkster 10-07-2004 02:32 PM

What does
gpg --list-secret-keys
give you?


Cheers,
Tink

dav7500 10-07-2004 02:36 PM

Pretty much nothing:

[xxx@yyyy .gnupg]$ gpg --list-secret-keys
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
[xxx@yyyy .gnupg]$


Running 'gpg --list-public-keys' and 'gpg --list-keys' both show the 2 keys I imported.


Also, FYI:

[xxx@yyyy .gnupg]$ gpg --version
gpg (GnuPG) 1.2.6
Copyright (C) 2004 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256
Compression: Uncompressed, ZIP, ZLIB, BZIP2
[xxx@yyyy .gnupg]$

Tinkster 10-07-2004 02:48 PM

Which brings us back to the question how things
were exported from PGP ...

Obviously GPG has only got the public keys
which won't do you any good.


Cheers,
Tink

dav7500 10-07-2004 02:56 PM

Ok. I exported again from XP's PGP program, making sure to check off the option to 'include private key.' This created File3.asc. I copied this to the ~./gnupg dir on Linux. Then ran:

gpg --import File3.asc
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: key 0E4FE7C8: secret key imported
gpg: key 0E4FE7C8: public key "bla bla bla" imported
gpg: Total number processed: 2
gpg: imported: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1

Which is better than before since it now includes secret keys. Now, I get this:

gpg --list-secret-keys
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
/home/dr2778/.gnupg/secring.gpg
-------------------------------
sec 1024D/0E4FE7C8 2003-07-03 bla bla bla
ssb 2048g/9D0BEAA3 2003-07-03


Yes....progress!! (thank you)

Now, I still get the same error in KMail. :-(
How would I get KMail to start using these keys?

------------------------------------------------------------

Other good news: I encrypted a text file in XP and was able to successfully decrypt it on Linux using 'gpg --decrypt filename.txt'

dav7500 10-07-2004 03:05 PM

Ok. I got it! In KMail, under the Configure window, I went to the SECURITY icon in left column. Then, from the OpenPGP tab, the 'Encryption Tool' option was set to "dont use..." and after I changed it to "Autodetect" it selected "GnuPG - ... "
Then, I read some encrypted emails, entered my passphrase and pow! There it was...decrypted email. Woohoo!

Thanks for your awesome help. I really appreciate it.
(and it was much easier than reading the numerous websites & How To guides on PGP)

Tinkster 10-07-2004 03:12 PM

Ummm ... which version KMail are you using,
what encryption method did you tell it to use?

One thing is that you need to add trusts to
your own keys after having imported them,
otherwise KMail won't accept them.


It works just dandy here :} ... even using the
Aegypten plugin for PGP/MIME ...



Cheers,
Tink

dav7500 10-07-2004 03:17 PM

KMail 1.5 (Using KDE 3.1-13 Red Hat).

I have no idea what encryption method. I only did what I typed in this post...literally.
Dont know about 'adding trusts' either. KMail seems to be working ok.

When I decrypted my test text file, it mentioned below, which may answer your encryption method question but also confirms your point of adding trusts, etc.

--------------------------------------------------------------------------------------------
gpg --decrypt testfile.txt
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information

You need a passphrase to unlock the secret key for
user: "bla bla bla"
2048-bit ELG-E key, ID 9D0BEAA3, created 2003-07-03 (main key ID 0E4FE7C8)

gpg: encrypted with 2048-bit ELG-E key, ID 9D0BEAA3, created 2003-07-03
"bla bla bla"
gpg: Signature made Thu 07 Oct 2004 03:57:32 PM EDT using DSA key ID 0E4FE7C8
gpg: Good signature from "bla bla bla"
gpg: checking the trustdb
gpg: no ultimately trusted keys found
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2101 673A 53EF 1BCB 83FD DE16 7CD3 81FA 0E4F E7C8
gpg: WARNING: message was not integrity protected
--------------------------------------------------------------------------------------------

So, I guess I have "2048-bit ELG-E key" encryption?

How would I address these two points?

gpg: no ultimately trusted keys found

gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.

Tinkster 10-07-2004 03:59 PM

gpg --edit-key <name>
and then "sign"

man gpg
for details ;)


Cheers,
Tink


All times are GMT -5. The time now is 09:25 PM.