decrypt pgp file using gpg and passphrase

learn.dw29 · 10-10-2011, 11:00 AM

Hi,
I'm trying to decrypt a file received from external source and i would like to know all the steps that i need to setup for decrypting the file. I tried couple of ways but it keeps asking about secret key not available.

gpg --output "/tmp/xxx.txt" --decrypt "/tmp/xxx.pgp"
gpg: encrypted with ELG-E key, ID 98F004C9
gpg: decryption failed: secret key not available

and if i try to use different option where in I pass passphrase i got i still get same error.

echo pphrase|gpg --passphrase-fd 0 --always-trust --batch --yes --quiet --output "/tmp/xxx.txt" --decrypt "/tmp/xxx.pgp"
gpg: decryption failed: secret key not available

Could you all please tell what kind of setup i need to make for this to work. Do I need to install some kind of key ring in some directory. If so in which directory should i install? in my home directory or in some common place which is accessible to all users. And finally what is the key.I went through some documentation online and could not get to the point.

What all should I need when i receive a encrypted file from someone and all the setup that I need to make on my server.

Thanks.

Ian John Locke II · 10-10-2011, 01:31 PM

I only recently (a few days ago) started diving into pgp/gpg. It seems to me, and I could be wrong, that when someone encrypts a file/message to send to you, they need to use your public key to encrypt it. Your public key is generated from your private key. To have a key in the first place you need to run

Code:

gpg --gen-key

This link should help though: http://www.spywarewarrior.com/uiuc/g...com-4.htm#4-1d

--
Edit
Also the output of your original command tells you that it was encrypted with ElGamal and gives you the key's ID.
If you know which keyserver (if any) the person used, you can use

Code:

gpg --keyserver keyserver.example.com --recv-key 98F004C9

To get their key. It may be that they encrypted it in such a way that you can decrypt it.

Noway2 · 10-10-2011, 01:50 PM

Ian John Locke II is correct in that files need to be encrypted with your (the recipient) key, not the sender's key. Files can be encrypted with a public key, which one normally publishes on key servers after generating it. File encrypted with the public key can only be decrypted with the private key. Using the recv-key command as shown above will obtain the public key, which can be used to send to that recipient, but unless that is your private key, you won't be able to decrypt anything encoded with it.