Hi Vedaal, You are correct that is not my real key ID.
Funny enough the key was generated in Nov-2015. However you are absolutely correct about the --s2k-cipher-algo option. I added that to my gpg.conf and after that symmetric + public works exactly as I expected. I get AES256 every time. There is one thing I would like to understand - the man page says: --s2k-cipher-algo name Use name as the cipher algorithm used to protect secret keys. The default cipher is CAST5. This cipher is also used for conventional encryption if --personal-cipher-pref‐ erences and --cipher-algo is not given. So CAST5 is the preferred cipher for secret keys and is also the default for symmetric. On the other hand using --personal-cipher-preferences does not seem to apply to symmetric + public encryption. Is this by design? Regards, Martin On Fri, 26 Feb 2016 at 14:52 <ved...@nym.hush.com> wrote: > > On 2/26/2016 at 5:48 AM, "Martin Ilchev" <martini5...@gmail.com> wrote: > > >I did set my key preferences a few months ago and made sure the > >key had > >them as well. Here is the output of showperf: > > > > Cipher: AES256, AES192, AES, CAST5, 3DES > ..... > > >> > 2. Symmetrically encrypt and also encrypt for my own public > >key: > >> > gpg2 -vvv --symmetric --encrypt --sign -r 0x1234567890ABCDEF > > >> > decrypting the file shows that the cipher used is CAST5 > > ===== > > 0x1234567890ABCDEF is obviously not your real key id. > > I suspect the key was generated some time ago, when the default cipher to > protect one's secret key, was CAST5 > > GnuPG's default choice for the encryption algorithm for a symmetric cipher > will be what the s2k-cipher-algo is. > > In your case for that key, it is CAST 5 > > > Try This: > > gpg2 --s2k-cipher-algo AES256 --symmetric --encrypt --sign -r > 0x1234567890ABCDEF filename > > The encryptions should now be with AES256 for both the symmetric part and > the part encrypted to your key. > > > vedaal > >
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users