1748092 Members
5828 Online
108758 Solutions
New Discussion

Re: GNU PGP for 11.31

 
SOLVED
Go to solution
chindi
Respected Contributor

GNU PGP for 11.31

Can we use GNU PGP in our produciton environment to encrypt some reports and sftp them to our branches ?

11.31 O.S.

Its open source so no license issues right ?

But how can i decrypt the smae at our branches where we sftp this reports ?

9 REPLIES 9
Steven Schweda
Honored Contributor

Re: GNU PGP for 11.31

> Can we use GNU PGP [...] ?

   There is no "GNU PGP".  There is PGP, "Pretty Good Privacy".  There
is GPG, "GNU Privacy Guard".

      https://en.wikipedia.org/wiki/Pretty_Good_Privacy
      https://www.gnupg.org/

> It[']s open source so no license issues right ?

   "GnuPG is Free Software (meaning that it respects your freedom). It
can be freely used, modified and distributed under the terms of the GNU
General Public License."

> But how can i decrypt the smae at our branches where we sftp this
> reports ?

   If GPG was used to encrypt a file, most people would probably use the
same program to do the decryption.  Where is the mystery?


> [...] and sftp them to our branches ?

   If you're using SFTP to transfer the files, do you really need to
encrypt them first?

   What, exactly, is your goal?

chindi
Respected Contributor

Re: GNU PGP for 11.31

Hi Steven,

 

Goal is to encrypt Report at Location A , ftp it to Location B and decrypt Report there using PGP.

 

chindi
Respected Contributor

Re: GNU PGP for 11.31

root # >/usr/local/bin/gpg2 --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 2
Key expires at Wed Jul 15 18:26:09 2015 IST
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Test
Name must be at least 5 characters long
Real name: Test1
Email address: test1@test.com
Comment: Test1
You selected this USER-ID:
"Test1 (Test1) <test1@test.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

gpg: error running `/usr/local/bin/gpg-agent': terminated
gpg: DBG: running `/usr/local/bin/gpg-agent' for testing failed: General error
/usr/lib/hpux32/dld.so: Unable to find library 'libpth.so'.
gpg: can't connect to the agent: End of file
gpg: problem with the agent: No agent running
gpg: error running `/usr/local/bin/gpg-agent': terminated
gpg: DBG: running `/usr/local/bin/gpg-agent' for testing failed: General error
/usr/lib/hpux32/dld.so: Unable to find library 'libpth.so'.
gpg: can't connect to the agent: End of file
gpg: problem with the agent: No agent running
gpg: Key generation canceled.

 

HPUX 11.31

What am i missing here ?

Steven Schweda
Honored Contributor

Re: GNU PGP for 11.31

> > [...] and sftp them to our branches ?
>
>    If you're using SFTP to transfer the files, do you really need to
> encrypt them first?

> [...] ftp it to Location B [...]

   FTP and SFTP are different.  If you use SFTP, it's not obvious that
you also need to use GPG or other encryption.


> [,,,] using PGP.

   PGP and GPG are still two different programs.



      https://www.gnupg.org/

GnuPG comes in three flavours:

o 2.0.28 is the stable version suggested for most users,
o 2.1.6 is the brand-new modern version with support for ECC and many
  other new features,
o and 1.4.19 is the classic portable version.

 


> root # >/usr/local/bin/gpg2 --gen-key
> gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.

   Not a current version.

> gpg: error running `/usr/local/bin/gpg-agent': terminated
> gpg: DBG: running `/usr/local/bin/gpg-agent' for testing failed: General error
> /usr/lib/hpux32/dld.so: Unable to find library 'libpth.so'.

   Who built your GPG program(s)?  Who tested them?  I've always used
the older 1.4.x version, so I know nothing about 2.x.x, but there seems
to be a problem with your password agent program.  (I believe that 1.4.x
_can_ use gpg-agent, but does not _need_ to use it.  But what do I
know?)


> What am i missing here ?

   A working GPG program?  (A reason to use GPG?)

chindi
Respected Contributor

Re: GNU PGP for 11.31

Goal is to encrypt Report at Location A , ftp it to Location B and decrypt Report there using  any working encryption / decryption tool .

RenatoMartini
Frequent Advisor

Re: GNU PGP for 11.31

There was one problem: a dependency failed issue, the library libpth not installed, so that the gpg-agent can't running, because it needs the lib. In the gpg2 setting up, the gpg-agent (a daemon to caching securily the keys) is mandatory, it must be up and running. No libpth, no daemon,  the gpg2 failed to start...

 

Try to compile yourself the gpg release 1.4.x (ftp://ftp.gnupg.org/gcrypt/gnupg/), and solve any dependencies, but if you need the release 2, download it at http://hpux.connect.org.uk/hppd/cgi-bin/search?term=gnupg&Search=Search, but solving all dependencies to running the software.

 

 

 

 

 

--Renato Martini (Brazil)
http://renatomartini.net
http://www.iti.gov.br
RenatoMartini
Frequent Advisor

Re: GNU PGP for 11.31

... ops

by the way, my gpg config header, just to know:

 

 

 

# gpg --version
gpg (GnuPG) 1.4.3
Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512
Compression: Uncompressed, ZIP, ZLIB

--Renato Martini (Brazil)
http://renatomartini.net
http://www.iti.gov.br
Steven Schweda
Honored Contributor

Re: GNU PGP for 11.31

> # gpg --version
> gpg (GnuPG) 1.4.3
> Copyright (C) 2006 Free Software Foundation, Inc.

> [...]

   Also not a current version.  Around here (on a VMS system):

alp $ gpg --version
gpg (GnuPG) 1.4.19a
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /SYS$LOGIN/gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


> Try to compile yourself the gpg release 1.4.x
> (ftp://ftp.gnupg.org/gcrypt/gnupg/), and solve any dependencies, [...]


   I haven't built GPG 1.4.x on an HP-UX system lately, but I would not
expect there to be many (any?) external dependencies to cause trouble.
The 2.x versions are more complex.

Steven Schweda
Honored Contributor
Solution

Re: GNU PGP for 11.31

> Goal is to encrypt Report at Location A , ftp it to Location B and
> decrypt Report there using  any working encryption / decryption tool .

   A goal is not an implementation.  If your real goal is to transfer

files in a way that encrypts them during the transfer, then there is

more than one way to do it.

   If you use SFTP instead of FTP (as you said at first), then the data
will be encrypted before the transfer, and decrypted after the transfer,
all automatically, with no need to drag GPG into the process.

   If you must use FTP (or some other non-encrypting file transfer
scheme), then you may need to use a program like GPG (at both ends).

   If you decide to use GPG, then you'll need to get some version of GPG
to work (also at both ends).  GPG version 1.4.x is simpler, and probably
easier to get to work, than GPG version 2.x.  I haven't tried it, but
the Porting Centre seems to offer 2.0.28 (which is current), along with
its dependencies:

      http://hpux.connect.org.uk/hppd/hpux/Users/gnupg-2.0.28/