On 18/12/14 15:39, Haritwal, Dhiraj wrote: > Hi, > > Thanks for your response. > > About the below command, it's asking for passphrase whereas my requirement is > to use only keys to encrypt/sign it. > > gpg2 -u FFEEDDCC -r AABBCCDD -se supersecret.txt > > I tried below command which shows confirmation screen where I have entered y > (yes) & now able to see a file named supersecret.txt.gpg. m not sure what > file it is because it think encrypted file should has an .asc extension. > > ./gpg --encrypt --hidden-recipient AABBCCDD supersecret.txt > gpg: 89709B71: There is no assurance this key belongs to the named user > > > Regards, > > Dhiraj
.gpg is the extension of encrypted files, .asc is normally ASCII armored files (Signatures and the like), if you'd like to generate one of those, look into the -a option (for Ascii). A complete command would look something like `gpg2 -u AABBCCDD -as supersecret.txt`. The generated supersecret.txt.asc will only verify to someone who already has the .txt that it hasn't been touched/modified and that the key AABBCCDD did verify it as being legitimate, they won't be able to extrapolate supersecret.txt out of it. It's _only_ for signing, _not_ for encrypting/transportation of data, which is why you often see them on this mailing list and downloads (You want to verify that the user sent the data, but not encrypt it (Since it's public)). If you try to run:- >gpg -d supersecret.txt.gpg It should tell you it's encrypted and the destination public key, then error out (As it's not destined for you). As for the "There is no assurance this key belongs to thhe named user", this is because you haven't trusted them yet. If you do trust the key as being the key they claim to be, and have verified the key through out-of-bands means (I.E. Not over the internet, or using an already secure channel over the internet, this is *not* emails, this is *not* Skype, this is *not* text messages), then you can take a look at this:- https://www.gnupg.org/gph/en/manual/x334.html P.S. I'm replying to you on-list for the reasons:- 1. People are able to verify if I say anything stupid 2. In the case I haven't said anything stupid, someone else could also learn from this (I.E. Location this thread in the future via a search engine). I recommend you do the same. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
