Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Options file GPG Win32
dueze at multimania
Aug 11, 2000, 5:12 AM
Post #1 of 3 (308 views)
Permalink
I use GPG Win32.

In my option file I have tried :

s2k-cipher-algo CAST5
s2k-digest-algo SHA1
cipher-algo CAST5

but it doesn't work : PGP can't verify the GPG signatures and can't decrypt
the GPG conventional encrypted files.

Could someone give me a typical "options" file to allow GnuPG Win32 to work
with PGP 6.x ?

Thanks

--
Daniel

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Options file GPG Win32 [ In reply to ]
dueze at multimania
Aug 11, 2000, 7:46 AM
Post #2 of 3 (301 views)
Permalink
At 09:45 12/08/2000 -0400, you wrote:
>I asked the same question.

No, I don't want to export a GPG keyring or secret key : I want to decrypt
/ verify with PGP 6.5.1 some files encrypted / signed with GPG Win32. And
I'm looking for a "options" file which can do that.

--
Daniel

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Options file GPG Win32 [ In reply to ]
pietrzak at megahertz
Aug 12, 2000, 6:45 AM
Post #3 of 3 (300 views)
Permalink
I asked the same question. This works (thanks Todd):

From: "Todd L. Brooks" <todd.brooks@yale.edu>
CC: gnupg-users@gnupg.org

There is no need to leave the password empty when exporting a GnuPG
secret
key! By default, GnuPG encrypts the secret key using the Blowfish
algorithm, and PGP 6.5.3 does not understand this algorithm.

Here is a much more secure solution:

1. % gpg --edit-key --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 \
KEY-ID

2. Change the password (but not to an empty password!). You can just
change it to what is was before, but gpg will re-encrypt the key
using an algorithm pgp will understand.

3. % gpg --export-secret-key --no-comment KEY-ID > key.asc
% gpg --export --no-comment KEY-ID >> key.asc

4. Import key.asc into pgp and everything should work fine!

Todd

P.S. Hmmmm...I don't know why the --no-comment option is necessary
now...I
seem to recall not needing to use this in the past.

P.P.S. Perhaps this procedure should be added to the documentation or
some sort of FAQ? I seem to recall a PGP5-GnuPG HOWTO which
mentions the method of exporting an un-encrypted secret (which
is
fine if you are very very very careful), but I think it is
better
to never have to write your un-encrypted secret key to disk.

---------------------------------------
Todd L. Brooks
Department of Mechanical Engineering
Yale University
9 Hillhouse Avenue
PO BOX 208286
New Haven, CT 06520-8286
(203) 432-4362 (office and voice mail)
(203) 432-4363 (acoustics lab)
(203) 432-7654 (FAX)

For step 3, you don't have to do both (it generates two exactly the same
keys). This is enough "gpg --export-secret-key --no-comment KEY-ID >
key.asc"

dueze wrote:
>
> I use GPG Win32.
>
> In my option file I have tried :
>
> s2k-cipher-algo CAST5
> s2k-digest-algo SHA1
> cipher-algo CAST5
>
> but it doesn't work : PGP can't verify the GPG signatures and can't decrypt
> the GPG conventional encrypted files.
>
> Could someone give me a typical "options" file to allow GnuPG Win32 to work
> with PGP 6.x ?
>
> Thanks
>
> --
> Daniel
>
> --
> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal