HPE Community
Operating System - HP-UX
1822034 Members
3452 Online
109639 Solutions
New Discussion юеВ

pgp command on unix ...This user will not be able to decrypt this message.

 
SOLVED
Go to solution
Manuales
Super Advisor

тАО09-22-2007 01:55 PM

тАО09-22-2007 01:55 PM

pgp command on unix ...This user will not be able to decrypt this message.

hi ...
there is a user named abcadm and currently is encrypting files to be sent ..

no , i have to use the user xyzadm user for this software without re-instaled again ... i copied the files /home/xyzadm/.pgp from /home/abcadm/.pgp

when i encrypt i got the following:

pgp --encrypt test.new --user 0xgfe12CD

output:
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.

Warning: Using insecure memory!


Cannot find the public key matching userid '0xgfe12CD'
This user will not be able to decrypt this message.
Error building recipient key set.

what do i have to do in order the user xyzadm can encrypt as the user abcadm?

please let me know .

the server where is running pgp is: B.11.11
pgp version 7.1.1.1
0 Kudos
Reply
14 REPLIES 14
Steven Schweda
Honored Contributor

тАО09-22-2007 02:49 PM

тАО09-22-2007 02:49 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

PGP encryption has everything to do with
keys, and nothing to do with users. Stop
worrying about users.

> [...] i copied the files [...]

And you can read them? (That's all you
need to worry about.)

> pgp version 7.1.1.1

This is too new for me, but you could try:
pgp -kv
to see which keys are on your key ring. From
the error message, I'd guess that you won't
see any with "gfe12CD" in them. Especially
if "gfe12CD" is supposed to be a hexadecimal
number. ("g"?)
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 03:16 PM

тАО09-22-2007 03:16 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

with user abcadm when i run pgp --key-list i got 21 keys founds and when i run the same command with xyzadm i got 17 keys found .. why??
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО09-22-2007 03:38 PM

тАО09-22-2007 03:38 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

> [...] .. why??

What am I, psychic? Show me the files (and
an "ls -l" report including all of them), and
the program output, and then, perhaps, I
could tell you something.

Or, if your brain is working at all, you
might see if there's something distinctive
about the items which appear in one list but
not in the other.

You might also wish to verify that both
users are using the same PGP program.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 03:57 PM

тАО09-22-2007 03:57 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

old user using pgp and it gets 21 pgp keys
server1> ls -rlt
total 1728
-rw-r--r-- 1 root sys 576 Aug 18 2004 EBusSvr.lic
-rw------- 1 abcadm sapsys 975 Sep 21 12:17 secring.skr
-rwxr-xr-x 1 abcadm sapsys 27450 Aug 18 2004 pgp.cfg
-rw------- 1 abcadm sapsys 23453 Sep 21 12:17 pubring.pkr
-rw------- 1 abcadm sapsys 512 Sep 22 14:02 randseed.rnd
-rw------- 1 abcadm sapsys 146 Jul 26 2006 PGPgroup.pgr

pgp --key-list
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.
Warning: Using insecure memory!
17 matching keys found.

new user for use pgp and it gets 17 pgp keys.
server1> ls -rlt
total 192
-rw-r--r-- 1 root sys 576 Aug 18 2004 EBusSvr.lic
-rwxr-xr-x 1 xyzadm sapsys 27450 Aug 18 2004 pgp.cfg
-rw------- 1 xyzadm sapsys 18805 Nov 28 2006 pubring.pkr
-rw------- 1 xyzadm sapsys 975 Nov 28 2006 secring.skr
-rw------- 1 xyzadm sapsys 146 Sep 22 18:24 PGPgroup.pgr
drwxrwxr-x 4 xyzadm sapsys2 8192 Sep 22 18:38 BACK_KEYS
-rw------- 1 xyzadm sapsys 512 Sep 22 23:03 randseed.rnd

pgp --key-list
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.
Warning: Using insecure memory!
21 matching keys found.

0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 03:59 PM

тАО09-22-2007 03:59 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

=========================00
sorry, there was an error, it was fixed
=========================

old user using pgp and it gets 21 pgp keys
server1> ls -rlt
total 1728
-rw-r--r-- 1 root sys 576 Aug 18 2004 EBusSvr.lic
-rw------- 1 abcadm sapsys 975 Sep 21 12:17 secring.skr
-rwxr-xr-x 1 abcadm sapsys 27450 Aug 18 2004 pgp.cfg
-rw------- 1 abcadm sapsys 23453 Sep 21 12:17 pubring.pkr
-rw------- 1 abcadm sapsys 512 Sep 22 14:02 randseed.rnd
-rw------- 1 abcadm sapsys 146 Jul 26 2006 PGPgroup.pgr

pgp --key-list
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.
Warning: Using insecure memory!
21 matching keys found.

new user for use pgp and it gets 17 pgp keys.
server1> ls -rlt
total 192
-rw-r--r-- 1 root sys 576 Aug 18 2004 EBusSvr.lic
-rwxr-xr-x 1 xyzadm sapsys 27450 Aug 18 2004 pgp.cfg
-rw------- 1 xyzadm sapsys 18805 Nov 28 2006 pubring.pkr
-rw------- 1 xyzadm sapsys 975 Nov 28 2006 secring.skr
-rw------- 1 xyzadm sapsys 146 Sep 22 18:24 PGPgroup.pgr
drwxrwxr-x 4 xyzadm sapsys2 8192 Sep 22 18:38 BACK_KEYS
-rw------- 1 xyzadm sapsys 512 Sep 22 23:03 randseed.rnd

pgp --key-list
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.
Warning: Using insecure memory!
17 matching keys found.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 04:09 PM

тАО09-22-2007 04:09 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

server1> pgp --encrypt test.new --user xxxxxxx
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.

Warning: Using insecure memory!


Cannot find the public key matching userid 'xxxxxxx'
This user will not be able to decrypt this message.
Error building recipient key set.

is there a permissionn into a configure file??

please let me know.
Thanks.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 04:15 PM

тАО09-22-2007 04:15 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

also i got the following from other pgp key:

crypting with the new userid "xyzadm", logon as xyzadm:

server1> pgp --encrypt test.new --user zzzzzzz
McAfee E-Business Server v7.1.1 - Full License
(c) 1991-2002 Network Associates, Inc. All Rights Reserved.

Warning: Using insecure memory!

Alg Type Size Flags Key ID User ID
DSS pub 2048/1024 [V----] zzzzzzz Vendor "gatito"

Encrypting file 'test.new'....
Error: file permissions
error encrypting file.

what file could be?
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 04:42 PM

тАО09-22-2007 04:42 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

uuuuuuura!!!

you know, i fixed the problem , it was due permissions over the folder where is going to be kept the pgp file ....

now, i have the following issue ...

i got only 17 pgp keys when they are 21 ..

how can i fix this one?
Regards.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 04:42 PM

тАО09-22-2007 04:42 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

uuuuuuura!!!

you know, i fixed the problem , it was due permissions over the folder where is going to be kept the pgp file ....

now, i have the following issue ...

i got only 17 pgp keys when they are 21 ..

with user abcadm i got 21 pgp keys
with user xyzadm i got 17 pgp keys
why can i not see the other 4?

how can i fix this one?
Regards.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-22-2007 05:28 PM

тАО09-22-2007 05:28 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

I got it ..

the file pubring.pkr is not the same
i have to have the same file !!!!!

i will verify this one....
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО09-22-2007 06:08 PM

тАО09-22-2007 06:08 PM

Re: pgp command on unix ...This user will not be able to decrypt this message.

> -rw------- 1 abcadm sapsys 23453 Sep 21 12:17 pubring.pkr

> -rw------- 1 xyzadm sapsys 18805 Nov 28 2006 pubring.pkr

Different files, different results. Amazing.
0 Kudos
Reply
Manuales
Super Advisor

тАО09-23-2007 02:18 AM

тАО09-23-2007 02:18 AM

Re: pgp command on unix ...This user will not be able to decrypt this message.

then ...
if user abcadm add a pgp this will be added into /home/chradm/.pgp/pubring.pkr

if user xyzadm add a pgp this will be added into /home/xyzadm/.pgp/pubring.pkr

right?
then, i have to control the file pubring.pkr, i mean, i have to update this file for all users who use pgp ... righh??

do i have to do other thing for this file be updated as general way, i mean, be accessed only for one file ...

please let me know.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО09-23-2007 03:23 AM

тАО09-23-2007 03:23 AM

Solution

Re: pgp command on unix ...This user will not be able to decrypt this message.

Shalom,

Perhaps another voice will help.

I didn't answer earlier because I use different products.

Public key: A key generated by a user designed to permit the recipient to decrypt a file. It is sent before you can send an encrypted file so that when the encrypted file arrives it can be decrypted.

Private key: A key that is not exchanged between systems. The Public key is based on it.

How server a decrypts file from server b.

Servre a uses a public key from server b to decrypt the file.

Until and unless public encryption keys are exchanged, two users on two systems or even on the same system can not decrypt files that are exchanged.

Why do we use public keys? So in case a file is intercepted in transmission it is useless to the entity that intercepts it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Steven Schweda
Honored Contributor

тАО09-23-2007 05:25 AM

тАО09-23-2007 05:25 AM

Re: pgp command on unix ...This user will not be able to decrypt this message.

> [...] right?

Yes. Bt default, PGP uses a key-ring file
under the user's home directory.

> [...] i have to update this file for all
> users who use pgp ... righh??

_Someone_ needs to update the users' key-ring
files.

> do i have to do other thing [...]

Have you tried replacing one user's (public)
key-ring file by a symbolic link to another
user's (public) key-ring file?
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.