LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 10-05-2011, 02:20 PM   #1
imchi
LQ Newbie
 
Registered: May 2007
Posts: 7

Rep: Reputation: 0
Import and export keys, PGP to GnuPG


Hi,

I need to export an existing PGP key and import it into GnuPG on a different machine.
This is how I did the export:

Code:
pgp -kx myuser _myuser_public  
pgp -kx myuser _myuser_private secring.skr
(this is from the pgp installation directory that contains secring.skr).

This produced two files:
_mykey_public.pgp
_mykey_private.pgp.

Then I moved them to the target machine and did this:

Code:
gpg --import _myuser_public.pgp
gpg --import _myuser_private.pgp
The later gives me the message "key not changed". Not sure what it means - could it be that the second import did not work?

Now if I try to encrypt the file "test" with gpg:

Code:
gpg --encrypt -r myuser test

I get this message:

Code:
There is no assurance this key belongs to the named user.
(then there is a command prompt for Y/N).

My understanding is that I am supposed to sign the key for my user. So, I tried doing this:
Code:

Code:
pg --edit-key myuser
Output:
Code:
pub  xxxx  created: xxxx expires: xxxx       usage: xxxx
                     trust: unknown       validity: unknown
sub  xxx  created: xxxx  xxxx: never       usage:xxxx
Then I see a GPG command prompt and issue the command "sign". I get the message:
Code:

Code:
gpg: no default secret key: No secret key
I also tried doing
Code:
gpg --sign myuser
And got this message:
Code:
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
At this point, I am not sure how to proceed. What else do I need to do to make the key trusted? I've read a lot of documentation on the web, but it hasn't been very helpful.

Thanks in advance.
 
Old 10-07-2011, 10:23 AM   #2
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,290

Rep: Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478
Quote:
Originally Posted by imchi View Post
Hi,

I need to export an existing PGP key and import it into GnuPG on a different machine.
This is how I did the export:

Code:
pgp -kx myuser _myuser_public  
pgp -kx myuser _myuser_private secring.skr
(this is from the pgp installation directory that contains secring.skr).
I think you should be using secring.skr from your personal directory, eg: ~/.pgp on Unix, C:\Users\myuser\AppData\Roaming\PGP on Windows. I could be wrong about this as apparently the public import seemed to work...
Quote:

This produced two files:
_mykey_public.pgp
_mykey_private.pgp.

Then I moved them to the target machine and did this:

Code:
gpg --import _myuser_public.pgp
gpg --import _myuser_private.pgp
The later gives me the message "key not changed". Not sure what it means - could it be that the second import did not work?
You should be seeing something like gpg: key xxxxx: secret key imported. It seems like your private key was not imported. Try exporting again with additional option -a (for ascii) and check that _myuser_private.pgp has the line -----BEGIN PGP PRIVATE KEY BLOCK-----.
 
Old 10-11-2011, 10:13 AM   #3
imchi
LQ Newbie
 
Registered: May 2007
Posts: 7

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by ntubski View Post
I think you should be using secring.skr from your personal directory, eg: ~/.pgp on Unix, C:\Users\myuser\AppData\Roaming\PGP on Windows. I could be wrong about this as apparently the public import seemed to work...

You should be seeing something like gpg: key xxxxx: secret key imported. It seems like your private key was not imported. Try exporting again with additional option -a (for ascii) and check that _myuser_private.pgp has the line -----BEGIN PGP PRIVATE KEY BLOCK-----.
Thank you for your help. I was finally able to export and import the private key by gpg directly from the original secring file.
But now, I am having a problem decrypting with that private key. This is what I get:
Code:
You need a passphrase to unlock the secret key for
user: "myuser"
...
can't connect to `/home/myuser/.gnupg/S.gpg-agent': No such file or directory                                
gpg-agent[3922]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
....
gpg: public key decryption failed: General error
gpg: decryption failed: No secret key
I don't have the gpg-agent daemon running. I need to be able to enter the passphrase manually. How do I switch off the agent mode??
 
Old 10-11-2011, 12:50 PM   #4
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,290

Rep: Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478Reputation: 1478
Quote:
How do I switch off the agent mode??
You may be out luck here:
Quote:
--use-agent
--no-use-agent
This is dummy option. gpg2 always requires the agent.
From GPG Manual: How to change the configuration
Downgrade to gpg 1.x, perhaps?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Location of GNUPG keys? Ordinary12 Ubuntu 1 05-06-2009 06:08 PM
gnupg pgp kmail bong.mau Linux - Security 0 05-03-2006 03:00 PM
PGP keys wwnexc Linux - Security 2 04-02-2006 07:47 AM
how to add PGP key to GnuPG or PGPKeyring " zameer_india Linux - Software 3 10-06-2004 12:21 AM
PGP or GNUPG SkYzOpReNiCk Linux - Software 1 02-28-2001 05:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration