Mailing List Archive: Fw: GPG problem

Good Morning Everyone,

I have recently been working on a new Linux system with GPG 2.2.20.

I have had no problem generating the key pair. Then I have used the new public key to encrypt a file without problem.

However, the decryption attempt has failed due to no secret key error.

I have tried to look around for an answer and fix but failed.

I was puzzled at the output from “gpg –export-secret-key”.

I have posted all the related information at inline text attachement.

Any help for clue and fix will be greatly appreciated.

Thank you,

Shaoping

(sfgadmin@nyvmapc20)> sx_DecryptionCML TestFile01.pgp

The decrypted file is name by default as ./TestFile01

gpg: encrypted with 4096-bit RSA key, ID 8E39ACE53BF145A8, created 2022-10-21

      "GFDS OpCo (OpCo PROD PGP KEY) <gfds@opco.com>"

gpg: public key decryption failed: Permission denied

gpg: decryption failed: No secret key

TestFile01.pgp has failed to be decrypted as ./TestFile01

Please log on the account of and check the process. Aborting...

(sfgadmin@nyvmapc20)> gpg --version

gpg (GnuPG) 2.2.20

libgcrypt 1.8.5

Copyright (C) 2020 Free Software Foundation, Inc.

License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Home: /export/home/sfgadmin/.gnupg

Supported algorithms:

Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA

Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

        CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

Compression: Uncompressed, ZIP, ZLIB, BZIP2

(sfgadmin@nyvmapc20)> cd .gnupg

(sfgadmin@nyvmapc20)> ls -al *

-rw-rw-r--. 1 sfgadmin sfgadmin 3147 Oct 20 23:26 OpCoProd_PGP_PublicKey.20221020.asc

-rw-rw-r--. 1 sfgadmin sfgadmin 2487 Oct 20 22:10 pubring.kbx

-rw-------. 1 sfgadmin sfgadmin   32 Oct 20 22:07 pubring.kbx~

-rw-------. 1 sfgadmin sfgadmin 600 Oct 21 21:14 random_seed

srwx------. 1 sfgadmin sfgadmin    0 Oct 22 04:52 S.gpg-agent

srwx------. 1 sfgadmin sfgadmin    0 Oct 21 22:28 S.gpg-agent.browser

srwx------. 1 sfgadmin sfgadmin    0 Oct 21 22:28 S.gpg-agent.extra

srwx------. 1 sfgadmin sfgadmin    0 Oct 21 22:28 S.gpg-agent.ssh

-rw-------. 1 sfgadmin sfgadmin 1280 Oct 20 22:11 trustdb.gpg

openpgp-revocs.d:

total 8

drwx------. 2 sfgadmin sfgadmin   58 Oct 20 22:10 .

drwx------. 4 sfgadmin sfgadmin 4096 Oct 22 05:11 ..

-rw-------. 1 sfgadmin sfgadmin 1798 Oct 20 22:10 A920E42C97EB0173F8A98A8B0209E20DD685B6D1.rev

private-keys-v1.d:

total 12

drwx------. 2 sfgadmin sfgadmin 110 Oct 20 22:10 .

drwx------. 4 sfgadmin sfgadmin 4096 Oct 22 05:11 ..

-rw-------. 1 sfgadmin sfgadmin 2055 Oct 20 22:10 81E9A09A83A2D4F254194177446787C9D5269569.key

-rw-------. 1 sfgadmin sfgadmin 2071 Oct 20 22:10 F5EB2EBCDEDCB08B4DC1468F473DDFAF3A2A28C0.key

(sfgadmin@nyvmapc20)> gpg --list-secret-keys

/export/home/sfgadmin/.gnupg/pubring.kbx

----------------------------------------

sec   rsa4096 2022-10-21 [SC]

      A920E42C97EB0173F8A98A8B0209E20DD685B6D1

uid           [ultimate] GFDS OpCo (OpCo PROD PGP KEY) <gfds@opco.com>

ssb   rsa4096 2022-10-21 [E]

(sfgadmin@nyvmapc20)> gpg --list-keys

/export/home/sfgadmin/.gnupg/pubring.kbx

----------------------------------------

pub   rsa4096 2022-10-21 [SC]

      A920E42C97EB0173F8A98A8B0209E20DD685B6D1

uid           [ultimate] GFDS OpCo (OpCo PROD PGP KEY) <gfds@opco.com>

sub   rsa4096 2022-10-21 [E]

(sfgadmin@nyvmapc20)> gpg --export-secret-key

gpg: key 81E9A09A83A2D4F254194177446787C9D5269569: error receiving key from agent: Permission denied - skipped

gpg: key F5EB2EBCDEDCB08B4DC1468F473DDFAF3A2A28C0: error receiving key from agent: Permission denied - skipped

gpg: WARNING: nothing exported

This communication and any attached files may contain information that is confidential or privileged. If this communication has been received in error, please delete or destroy it immediately. Please go to www.oppenheimer.com/legal/email-disclosure.aspx for important information and further disclosures pertaining to this transmission.

Hi Bernhard,
It seems that the problem was caused by "sudo su": For some reason on Linux Redhad 8, "sodu su" does not behave as in the earlier version.
There is no difference between "sudo su - XYZ" and "sudo su XYZ".

Actually, I failed to generate the key pair when I logged on the system and then sudo-ed su to the working ID. I had to log on the system as the working ID to generate the key pair successfully.
Again, I had to decrypt the files by logging on the system as the working ID.
The behavior of sudo in Redhad 8 may be due to some configuration issues.
Thank you for reply! Shaoping

On Monday, October 24, 2022 at 11:29:58 AM EDT, Bernhard Reiter <bernhard@intevation.de> wrote:

Hello Shaoping Xie,

> gpg: public key decryption failed: Permission denied

if your keypair has a passphrase set,
did an interactive pinentry come up?

(If you want to run unattended, one method is to not set a passphrase
and secure the system accordingly.)

> I was puzzled at the output from “gpg –export-secret-key”.

Probably the same problem.

Regards,
Bernhard

--
https://intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter

Mailing List Archive

Mailing List Archive

Attached Files: