On Sun, 16 Aug 2020 04:33, renws said: > And I don't have any backup of my public key, so I would like to know > whether it's possible to decrypt my files (I've still got > ~/.gnupg/private-keys-v1.d, which I think stores my private key?).
If you just want to decrypt your files, you can do this:
- Create a new key, best using the mail address you used in your lost
key.
- Add a subkey so you can decrypt old data, for example
$ gpg --expert --edit-key NEWKEYID
Secret key is available.
[Prints infor about that key]
gpg> addkey
Please select what kind of key you want:
(3) DSA (sign only)
(4) RSA (sign only)
(5) Elgamal (encrypt only)
(6) RSA (encrypt only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
(10) ECC (sign only)
(11) ECC (set your own capabilities)
(12) ECC (encrypt only)
(13) Existing key
(14) Existing key from card
Your selection? 13
Enter the keygrip:
here you need to enter the keygrip of your lost key. That is the
name of the file in private-keys-v1.d/ without the ".key" suffix.
With your new key you should have 4 files in that directory, chekc
the date to pick the right one; if it does not work, you picked then
signing key and not the encryption key. Start over in this case.
Enter "save" and you have a new encryption subkey which matches the
old one mathematically.
- To decrypt with the new/old file you need to add the option:
--try-all-secrets
The last point is an obvious drawback but it is the easiest way to get
to your data.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
