Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [PGP/GnuPG] Importing and signing keys
Special Forums Cybersecurity [PGP/GnuPG] Importing and signing keys Post 302558393 by imchi on Friday 23rd of September 2011 12:34:26 PM
Old 09-23-2011
[PGP/GnuPG] Importing and signing keys
Hi,

I need to export an existing PGP key and import it into GnuPG on a different machine.
This is how I did the export:
Code:
pgp -kx myuser _myuser_public  
pgp -kx myuser _myuser_private secring.skr

(this is from the pgp installation directory that contains secring.skr).

This produced two files:
_mykey_public.pgp
_mykey_private.pgp.

Then I moved them to the target machine and did this:
Code:
gpg --import _myuser_public.pgp
gpg --import _myuser_private.pgp

The later gives me the message "key not changed". Not sure what it means.

Now if I try to encrypt the file "test" with gpg:

Code:
gpg --encrypt -r myuser test

I get this message:
Code:
There is no assurance this key belongs to the named user.

(then there is a command prompt for Y/N).

My understanding is that I am supposed to sign the key for my user. So, I tried doing this:
Code:
pg --edit-key myuser

Output:
Code:
pub  xxxx  created: xxxx expires: xxxx       usage: xxxx
                     trust: unknown       validity: unknown
sub  xxx  created: xxxx  xxxx: never       usage:xxxx

Then I see a GPG command prompt and issue the command "sign". I get the message:
Code:
gpg: no default secret key: No secret key

At this point, I am not sure how to proceed. What else do I need to do to make the key trusted? I've read a lot of documentation on the web, but it hasn't been very helpflul.

Thanks in advance.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Importing PGP keys

I'm hoping someone can help get me moving in the right direction here, so bear with me. I've got 2 RedHat Linux servers, let's call them A & B. - A receives "sensitive" files, which are PGP encrypted, and immediately sends them off to B for decryption/processing/deletion - B needs to make... (1 Reply)
Discussion started by: peteroc
1 Replies

2. Shell Programming and Scripting

Problem with GnuPG...need help

hello, i am writing an automated script for GnuPG decryption for a file, which was already being encrypted, homedir="/home/.gnupg" PassPhrase=`cat /home/.gnupg/.passphrase` echo $PassPhrase | gpg --homedir $homedir --passphrase-fd 0 --no-tty --output secret21.txt --decrypt-files... (0 Replies)
Discussion started by: manas_ranjan
0 Replies

3. UNIX for Dummies Questions & Answers

Gnupg

hey guys i need to restrict access to the GNUPG program because of the possibility that sensitive data like encryption keys and passwords that it is using may be written into the virtual memory swap partition on the hard disk and thus be retrieved at a later date long after the program has... (2 Replies)
Discussion started by: mile1982
2 Replies

4. Red Hat

Signing RPM packages using GPG

I am having difficulty getting rpm to trust the gpg key I have used to sign rpm packages I am creating. I used gpg --gen-key to create the key. I chose RSA, 1024. $ gpg --list-key /home/rpmbuild/.gnupg/pubring.gpg --------------------------------- pub 1024R/42A05359 2009-07-15 uid ... (2 Replies)
Discussion started by: Padow
2 Replies

5. UNIX for Dummies Questions & Answers

Import and export PGP/GnuPG keys

Hi, I need to export an existing PGP key and import it into GnuPG on a different machine. This is how I did the export: pgp -kx myuser _myuser_public pgp -kx myuser _myuser_private secring.skr (this is from the pgp installation directory that contains secring.skr). This produced two... (0 Replies)
Discussion started by: imchi
0 Replies

6. Shell Programming and Scripting

GnuPG Syntax Help

Hi all, I'm trying to decrypt a GnuPG file but not having much luck. I'm new to using it and have tried 4 different ways to do it but nothing works. Here are examples of the attempts I have made: gpg -o ./file_name.tar.Z --passphrase-fd 0 ./file_name.tar.Z.gpg 0<./password.txt cat... (5 Replies)
Discussion started by: Korn0474
5 Replies

7. Shell Programming and Scripting

PGP generating keys.

Hi Guys, Am facing issue in generating PGP keys. Can you please help me to figure this out?? I fired the below command to generate keys. The log say keys successfully created. But when i tried to list it doesnt shows me the keys created. pgp --gen-key "pgptest<ram@gmail.com>"... (3 Replies)
Discussion started by: Vinoth Kumar G
3 Replies

8. AIX

PGP importing public keys method

Hi Guys, I am trying to import the public of vendor to my system. I am getting below error while importing public key. can anyone please help me with this?? laranakejt4:/u/raja/.pgp $ pgp --import secure.asc 0x1545A56A52:import key (4007:key failed signature check) secure.asc:import key... (0 Replies)
Discussion started by: Vinoth Kumar G
0 Replies

9. UNIX for Dummies Questions & Answers

PGP importing public keys method

Hi Guys, I am trying to import the public of vendor to my system. I am getting below error while importing public key. can anyone please help me with this?? laranakejt4:/u/raja/.pgp $ pgp --import secure.asc 0x1545A56A52:import key (4007:key failed signature check) secure.asc:import key... (2 Replies)
Discussion started by: Vinoth Kumar G
2 Replies

10. AIX

Use SMB/CIFS signing when mounting Win shares

Hi, We have a number of Windows Server 2003 shares mounted on our AIX server via CIFS, using a command similar to this: mkcifsmnt -f /test -d testshare -h testserver -c testuser -p pass -w DOMAIN The windows servers are currently being upgraded to 2012, and as part of this they are setting... (0 Replies)
Discussion started by: AndyG
0 Replies

LEARN ABOUT DEBIAN

keylookup

keylookup(1)															      keylookup(1)

NAME

       keylookup - Fetch and Import GnuPG keys from keyservers.

SYNOPSIS

       keylookup [options] search-string

DESCRIPTION

       keylookup  is  a wrapper around gpg --search, allowing you to search for keys on a keyserver.  It presents the list of matching keys to the
       user and allows her to select the keys for importing into the GnuPG keyring.

       For the search and actual import of keys GnuPG itself is called.

OPTIONS

       --keyserver=keyserver
	       Specify the keyserver to use. If no keyserver is specified, it will parse the GnuPG options file for a default  keyserver  to  use.
	       If no keyserver can be found, keylookup will abort.

       --port=port
	       Use a port other than 11371.

       --frontend=frontend
	       keylookup supports displaying the search results with 3 different frondends. Both whiptail and dialog are interactive and allow the
	       user to select the keys to import.  The third frontend plain is non-interactive and just prints the keys to STDOUT. The	user  must
	       then call GnuPG him/herself.

	       If available, /usr/bin/dialog is the default. If it is not available but /usr/bin/whiptail is installed, then this is used instead.
	       If nothing else works, we'll fall back to plain.

       --importall
	       Don't ask the user which keys to import, but instead import all keys matching the search-string. If this is given  no  frontend	is
	       needed.

       --honor-http-proxy
	       Similar	to GnuP keylookup will only honor the http_proxy environment variable if this option is given. If it is not given but your
	       GnuPG options file includes it, then keylookup will use it.

       --help  Print a brief help message and exit successfully.

ENVIRONMENT

       HOME	 Used to locate the default home directory.

       GNUPGHOME If set directory used instead of "~/.gnupg".

       http_proxy
		 Only honored when the option --honor-http-proxy is set or honor-http-proxy is set in GnuPG's config file.

EXAMPLES

       keylookup Christian Kurz
	      will query your default keyserver for Christian's keys and offer you to import them into your keyring with the dialog  frontend  (if
	      available).

       keylookup --honor-http-proxy --frontend plain wk@gnupg
	      will  query the default keyserver again, now using the http_proxy if the environment variable is defined and list wk@gnupg's (Werner
	      Koch)'s key on STDOUT.

       keylookup --keyserver pgp.mit.edu Peter Palfrader
	      will now ask the keyserver pgp.mit.edu for my (Peter's) keys and display them for import in dialog.

FILES

       ~/.gnupg/options
		 GnuPG's options file where keylookup will take the keyserver and honor-http-proxy values from if it exists.

SEE ALSO

       gpg(1)

BUGS

       Please report bugs using the Debian bug tracking system at http://bugs.debian.org/.

AUTHORS

       Christian Kurz <shorty@debian.org>
       Peter Palfrader <peter@palfrader.org>

Jun-2002															      keylookup(1)
All times are GMT -4. The time now is 11:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy