LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-13-2019, 09:24 PM   #1
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Rep: Reputation: 162Reputation: 162
gpg decryption is wonky


It's encrypting okay but when it comes to decryption

Code:
gpg filename.gpg
it's wonky. 90% of the time it returns this:

Code:
gpg RuleNumber1.png.gpg
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase
File 'RuleNumber1.png' exists. Overwrite? (y/N)
and it gives me no password box and no decrypted file.

But sometimes it works properly.

And sometimes it decrypts the file without the password box!

Kind of scary. Any ideas?
 
Old 09-13-2019, 11:22 PM   #2
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,822

Rep: Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293
That’s pretty clear...you didn’t give a command...
What were you trying to do? Decrypt? Then
Code:
gpg —decrypt filename
See man gpg

(Oh...you said you were decrypting, so just include the command)

Last edited by scasey; 09-13-2019 at 11:24 PM.
 
1 members found this post helpful.
Old 09-14-2019, 03:28 PM   #3
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Original Poster
Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by scasey View Post
Thatís pretty clear...you didnít give a command...
What were you trying to do? Decrypt? Then
Code:
gpg ódecrypt filename
See man gpg

(Oh...you said you were decrypting, so just include the command)
Thanks Sean, but your command didn't decrypt the file. And was your command

Code:
gpg -decrypt filename
or

Code:
gpg --decrypt filename
?

(Seems to me you used an em-dash, not a hyphen or hyphens. Did you mean to do that?)

See "encrypt" attachment for what I was doing to encrypt and "decrypt" for what I was doing to decrypt.

But like I said doing it this was unreliable. Most of the time it didn't work and the some times it even worked without a passcode.

I did look over the man page but there seemed to be multiple ways to encrypt and it was confusing. So what's the simplest way to encrypt and decrypt a file?

Thanks.
Attached Thumbnails
Click image for larger version

Name:	encrypt.png
Views:	4
Size:	9.2 KB
ID:	31349   Click image for larger version

Name:	decrypt.png
Views:	3
Size:	5.1 KB
ID:	31350  
 
Old 09-14-2019, 03:41 PM   #4
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,822

Rep: Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293
That was dash dash...Safari is messing it up.

See man gpg2 ó command is always required

Quote:
--encrypt
-e
Encrypt data. ...

--decrypt
-d
Decrypt data

Last edited by scasey; 09-14-2019 at 03:46 PM.
 
1 members found this post helpful.
Old 09-14-2019, 08:43 PM   #5
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Original Poster
Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by scasey View Post
That was dash dash...Safari is messing it up.

See man gpg2 ó command is always required
Thanks but I'm still not getting it. Is the encrypting:

Code:
gpg -e filename
?

Because when I do that, I get this:

Code:
gpg -e fireman.png
You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID.  End with an empty line:
 
Old 09-14-2019, 09:03 PM   #6
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,822

Rep: Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293
Keys are associated with a user. You need to specify which user.
Note: I donít know the answers...Iím just reading the man page. Another option is to search the web for the error.
 
1 members found this post helpful.
Old 09-14-2019, 09:16 PM   #7
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,475

Rep: Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918
The way I see it:

Before you can encrypt a file, first set up keys for a user, for example gpg --generate-key. You will be asked for name, email address, passphrase. Keys are stored in $HOME/.gnupg.

To encrypt a file, gpg -r USER -e myfile, where USER is name or email address provided in the key generation step. The encrypted file is named myfile.gpg.

To decrypt the file, gpg -d myfile.gpg. This asks for the passphrase and writes the decrypted content to stdout.

EDIT: When you leave out the command (--decrypt, --encrypt, --generate-key etc), gpg is supposed to guess what you want. Therefore, Gregg Bell's original command should figure out that the input file is encrypted and should automatically decrypt it. I don't have information (or experience, to be honest) to understand what makes it fail, but personally, I feel more confident when I tell the computer exactly what it should to rather than relying on heuristics.

The GPG manual documents options and helper tools like gpg-agent, but it misses a "first steps" section and doesn't seem to cover typical workflows. There are a number of tutorials on the internet, though. When the official documentation of a tool is lacking, I tend to check whether there is something on the Archlinux wiki or in the DigitalOcean tutorials. Both web sites have high-quality content in my opinion.

Last edited by berndbausch; 09-14-2019 at 09:21 PM.
 
2 members found this post helpful.
Old 09-14-2019, 09:31 PM   #8
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,822

Rep: Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293
^^My guess is that the OP had missed the step of creating keys...I certainly didn't see that requirement until my upteenth pass through the man pages...and even then, not being interested in doing it myself, didn't even look to see how to do that step.
Definitely a lot of manual to read.

Excellent, well-focused post, berndbausch (As usual)

Last edited by scasey; 09-14-2019 at 11:04 PM.
 
Old 09-15-2019, 12:40 PM   #9
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Original Poster
Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by berndbausch View Post
The way I see it:

Before you can encrypt a file, first set up keys for a user, for example gpg --generate-key. You will be asked for name, email address, passphrase. Keys are stored in $HOME/.gnupg.

To encrypt a file, gpg -r USER -e myfile, where USER is name or email address provided in the key generation step. The encrypted file is named myfile.gpg.

To decrypt the file, gpg -d myfile.gpg. This asks for the passphrase and writes the decrypted content to stdout.

EDIT: When you leave out the command (--decrypt, --encrypt, --generate-key etc), gpg is supposed to guess what you want. Therefore, Gregg Bell's original command should figure out that the input file is encrypted and should automatically decrypt it. I don't have information (or experience, to be honest) to understand what makes it fail, but personally, I feel more confident when I tell the computer exactly what it should to rather than relying on heuristics.

The GPG manual documents options and helper tools like gpg-agent, but it misses a "first steps" section and doesn't seem to cover typical workflows. There are a number of tutorials on the internet, though. When the official documentation of a tool is lacking, I tend to check whether there is something on the Archlinux wiki or in the DigitalOcean tutorials. Both web sites have high-quality content in my opinion.
Thanks very much, berndbausch. I will give this a try. And I guess the simple way of doing it just doesn't work? (It used to seem to.) See attachments. And they're from https://www.cyberciti.biz/tips/linux...-password.html

As it is, I think I'm going to get rid of the encrypted files I have (created with the above method) because some of them get opened without requiring passwords.
Attached Thumbnails
Click image for larger version

Name:	encrypt.png
Views:	2
Size:	13.4 KB
ID:	31355   Click image for larger version

Name:	decrypt.png
Views:	2
Size:	10.3 KB
ID:	31356  
 
Old 09-15-2019, 04:39 PM   #10
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,822

Rep: Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293Reputation: 1293
I note this at the bottom of the posts in the link posted in #9
Quote:
This did not work for me. It encrypted the file alright, but when I typed Ďgpg Ď it decrypted the file without my typing in the password. What good is that?

j says:

itís using your key, use a different account and you will need the password
Might that be your issue as well?
 
Old 09-16-2019, 12:10 PM   #11
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Original Poster
Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by scasey View Post
I note this at the bottom of the posts in the link posted in #9

Might that be your issue as well?
Thanks Sean. I think I don't know enough of the basic terminology and the way things work.

My latest sticking point is (I was following berndbausch's advice) when I got to the passphrase step I ran into this:

Quote:
We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.
I didn't know what to do with that. Just put in a password? Or do all the other stuff?
 
Old 09-16-2019, 04:41 PM   #12
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,475

Rep: Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918Reputation: 918
Help the kernel generate random data by doing random things as described.

If your computer is a virtual machine, install haveged to speed up the random number generation process, otherwise it can take minutes or hours to accomplish this step.
 
1 members found this post helpful.
Old 09-17-2019, 07:09 PM   #13
Gregg Bell
Senior Member
 
Registered: Mar 2014
Location: Illinois
Distribution: Xubuntu
Posts: 1,868

Original Poster
Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by berndbausch View Post
Help the kernel generate random data by doing random things as described.

If your computer is a virtual machine, install haveged to speed up the random number generation process, otherwise it can take minutes or hours to accomplish this step.
Thanks for replying, berndbausch.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
gpg / gpg-agent -- Can't connect to /root/.gnupg/S.gpg-agent jrtayloriv Linux - Security 9 06-03-2019 10:06 AM
[SOLVED] Gpg decryption ZAMO Linux - General 6 07-22-2010 07:01 AM
GPG: Bad session key gpg between gpg on linux and gpg gui on windows XP konqi Linux - Software 1 07-21-2009 09:37 AM
GPG with out passphrase option for decryption vjayraghavan Linux - Newbie 1 07-01-2009 09:12 AM
gpg encrypted files -- recovery/decryption? 187807 Slackware 2 03-24-2005 07:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration