Re: Password Decript GPG public key
ved...@nym.hush.com wrote: > > > On 8/25/2020 at 3:21 PM, "Stefan Claas" wrote: > > > >Maybe he could try to use a secret key without a passphrase and > >give then the secret key personally to his friend? > > = > > And just have the ascii armored text of the secret key as the passphrase for > the symmetrically encrypted text? > > There still needs to be a way to 'enter' it as the 'passphrase'. If the OP > doesn't mind saving it in a file-decsriptor way, > that would work, but it would work the same as the secret key had a > passphrase, or even if it was an unpublished public key. Well, as we know GnuPG uses hybrid encryption when using public key encryption, so why use then direct symmetric encryption with a passphrase, if the shown workflow would work also with GnuPG? What I have shown would allow a group of people to use the same secret-key, among them, without having a public key to share (found on a keyservers ...) and without using a passphrase (preferably on an offline device). Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Password Decript GPG public key
On 8/25/2020 at 3:21 PM, "Stefan Claas" wrote: >Maybe he could try to use a secret key without a passphrase and >give then the secret key personally to his friend? = And just have the ascii armored text of the secret key as the passphrase for the symmetrically encrypted text? There still needs to be a way to 'enter' it as the 'passphrase'. If the OP doesn't mind saving it in a file-decsriptor way, that would work, but it would work the same as the secret key had a passphrase, or even if it was an unpublished public key. vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Password Decript GPG public key
vedaal via Gnupg-users wrote: > > > On 8/24/2020 at 8:36 AM, "Guille De La Torre via Gnupg-users" > wrote: > > > is it possible to create a key for symmetric encryption > >in such a way that the person who has my public key does not need > >to enter a password? to decrypt. > > = > No. and Yes.8^) > > It is not possible that the person does not have to enter 'anything' to > decrypt. Maybe he could try to use a secret key without a passphrase and give then the secret key personally to his friend? A workflow like this can be done with sequoia-pgp, have not tested with GnuPG. msg.txt: The quick brown fox jumps over the lazy dog. sq key generate -c cv25519 -e key No user ID given, using direct key signature -BEGIN PGP PRIVATE KEY BLOCK- Comment: 2E44 985D 3FAC 531F 029F F0EC 005C 8853 963C B85E xVgEX0VhThYJKwYBBAHaRw8BAQdAl00Pc6ZL/UvWA4z9Auvv9iA2HICkZfwJzOwe 6Yg3+8UAAQDqa37jLZ3yzxZVm46R6Kg3vs2thHLjVLdOHa9Bp+LC+RLpwocEHxYK ABgFgl9FYU4FiQWkj70CCwkCFQoCmwECHgEAIQkQAFyIU5Y8uF4WIQQuRJhdP6xT HwKf8OwAXIhTljy4Xg4EAQD61fVvaPLLhoglET9SR16mjUQumIgU/LdGs7gSS0nm kQD+M6GvdSjckDpf/cFutnir8OmOrg6ILpvFFrRVhVqPQQzHWARfRWFOFgkrBgEE AdpHDwEBB0BtUk9+bJA8zfYDht94kfQjmEitlykWjccx5LWh7VHJOQABAJiL7HXP KF+H2XfrbCspU1y15mdbk0o84qlTlPDBMGV9ELfCwDgEGBYKABIFgl9FYU4FiQWk j70CmwICHgEAmAkQAFyIU5Y8uF52oAQZFgoABgWCX0VhTgAhCRCSUbL52YRWFhYh BDnBZTfNWRsc6RHMj5JRsvnZhFYWUqMBAOlBob9vZLRf78Y2G0ReyrraIr5WnBzV NDKr6lIHuUINAQDOqSHYXJNZ9i6kT9mu7INTAD0U9j8WlsTHDEYHkiMhBxYhBC5E mF0/rFMfAp/w7ABciFOWPLhe5iwBAJxet8cZZI6YfE1qz1pUXSF/XBV/RR0pP6B4 dBYnOgy/AQDJaac+/9o/Rg7MSRMATSZFABhq0gc5NfPXP7J3VA9IAMddBF9FYU4S CisGAQQBl1UBBQEBB0CdQ3BFqAUfHsJCqsCUpupbfXaJqivk26ywapJ4zhgXRAMB CAkAAP9y3NMZM/14jHYw2rkJSS7nGF+QwEAMrFu8StTtkfcI+BF2woEEGBYKABIF gl9FYU4FiQWkj70CmwwCHgEAIQkQAFyIU5Y8uF4WIQQuRJhdP6xTHwKf8OwAXIhT ljy4XsiSAQCwrxIxD4wlh0Q67hksQlp4Tjn0Yq4onRbMQdMqmBHcawD/TnloezC8 ipZshjOeeimN6XXhyg/oJNj2K3+DKJIf4w4= =qQ2b -END PGP PRIVATE KEY BLOCK- sq encrypt --recipient-key-file key < msg.txt > msg_enc.txt msg_enc.txt: -BEGIN PGP MESSAGE- wV4DOqgrJ15WGrUSAQdAtkxy/GVuxw6MLOZerr2HTLcXlsouSxEiCEp2SZw0UiYw nNK5qmhvslxZErJ3WMsmjGmwqFLTKYAh132HkH9fSDlCF9i1Qv/cGEf0Q2E0F98h 0mcBsvCcpBjLqFzQSEslEOPWEqW3CHbMi6pMZxfU/CcGwNZKfd7m6ccgi3505t41 OuAs/KtlF/qZbyy75mRmDoU8+3SaT9nasQsobFcuET1e4Es3yJZ3RKOdmLE3+FJO u7gYo4wnDfUc =YTSR -END PGP MESSAGE- sq decrypt --secret-key-file key < msg_enc.txt > output.txt Encrypted using AES with 256-bit key Compressed using ZIP output.txt: The quick brown fox jumps over the lazy dog. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Password Decript GPG public key
On 8/24/2020 at 8:36 AM, "Guille De La Torre via Gnupg-users" wrote: > is it possible to create a key for symmetric encryption >in such a way that the person who has my public key does not need >to enter a password? to decrypt. = No. and Yes.8^) It is not possible that the person does not have to enter 'anything' to decrypt. But is it possible for you both to have a secret symmetric passphrase you share by sending your public key, if you create a public key, and don't post it anywhere or encrypt or sign anything with it, and send that public key, encrypted, to the intended receiver's public key. Now, use the key name and long fingerprint as the password for the symmetric encryption. Example: Here is a key created for this purpose: -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v2 Comment: Acts of Kindness better the World, and protect the Soul mQENBF9EEJEBCADKJIFeU4YaiZOp6tgbOMCp2ax12btTYDBqbnoveqTTwIrHZurX 1Gm2fU0X/c1WqyDbg7F5Kv9vmkn+2NGRD+AOpU6B1SiZny07ZNtgIps10zXIGI3A vgR+77HfhbZE46AK8BYuHriW0OpHmFdK11Zl3uRROA1bgPpmEGNT5dm9UzpQ+xSN 0d6O33pYisHd4E5S+uiroY08cU/i2LV0Q1YPoErtmP6OIkCvMvOWUpy3iEI+szwV db8mm0Cj4c28mYAL3qsJfKc7P8JEufjiAXmYIIsku60fmHEA0RuQtIb1zW/CGAVg 7de5rWR4fit+uyOQwW68BbvYK8VBZgOGP1MlABEBAAG0S214dHpwaHUua2xlbWF1 aiAobm9uLXB1YmxpY2l6ZWQga2V5KSA8bXh0enBodS5rbGVtYXVqQHF3ZWppZG5h bGxkaW9weHoud2RiPokBOQQTAQgAIwUCX0QQkQIbDwcLCQgHAwIBBhUIAgkKCwQW AgMBAh4BAheAAAoJECX/By3f019dnFMIAICCRK3YF3iDkXfcDYLV8+Kq+94BrZfx Bwjn9n+vgldTTtkHP+0AHvQ1QAYVRWH/gPJR7D9bU/oc3A2lWXQzt/wwR1WOogFC 1rDKJtSgPkjpeirEauoXQLiTOUCtNcM2w2Zn8yK9lAvOfdQoaH+RxN8AASYU7QUt 3CtJ7EQpA/dSRkDt5NHVVrhXcih6oCZuGyOoAldT1GB+Tz4BGDhveygWlcR6/e9o kcw6lgwgrPvfjXekQsQ2LeeO+UGcG1ITjjaBPRH6gA1Nlq/wCS/Nj98xoCzCyLab pzUcGdzOz8ScgHY11CfAR7CAlCNzcfOe1J8e3qQogXXgVtJiCB2Jav4= =tAGm -END PGP PUBLIC KEY BLOCK- Importing the key gives the following information: User-ID: mxtzphu.klemauj (non-publicized key) Validity: from 2020-08-24 15:10 until forever Certificate type: 2,048-bit RSA Certificate usage: Signing EMails and Files, Encrypting EMails and Files, Certifying other Certificates Key-ID: DFD35F5D Fingerprint: 9D7ECA9BEDF40F804EB26A3C25FF072DDFD35F5D The user id and email address were done by typing semi-randomly at the keyboard. Now use the userid and the long fingerprint as the passphrase for your symmetric encryption: mxtzphu.klemauj@qwejidnalldiopxz.wdb9D7ECA9BEDF40F804EB26A3C25FF072DDFD35F5D Only you and the person you send this key to, will be able to decrypt your symmetrically encrypted messages. vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Password Decript GPG public key
On 24-08-2020 8:08, Guille De La Torre via Gnupg-users wrote: > Hello good evening, is it possible to create a key for symmetric > encryption in such a way that the person who has my public key does not > need to enter a password? to decrypt. The receiver uses your public key only to encrypt and verify. If you send him encrypted mail you need HIS public key to encrypt the message, and the receiver needs his secret key to decrypt it. If the receiver protects his secret key with a password is something you have no influence over. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users