Cannot encrypt file in GNUPG v1.2.0 with private/public pair generated from GNUPG v1.0.6 - PGP

This is a discussion on Cannot encrypt file in GNUPG v1.2.0 with private/public pair generated from GNUPG v1.0.6 - PGP ; Has anyone experience the following problem: I have a private/public key I created in GNUPG v1.0.6. I upgrade my Windows Client to GNUPG v1.2.0. I did not create a new pair of keys when I upgrade, I just exported my ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Cannot encrypt file in GNUPG v1.2.0 with private/public pair generated from GNUPG v1.0.6

  1. Cannot encrypt file in GNUPG v1.2.0 with private/public pair generated from GNUPG v1.0.6

    Has anyone experience the following problem:

    I have a private/public key I created in GNUPG v1.0.6. I upgrade my
    Windows Client to GNUPG v1.2.0. I did not create a new pair of keys
    when I upgrade, I just exported my key pair out of GNUPG v1.0.6 and
    import it into GNUPG v1.2.0

    I received a public key from a customer of my, which they generated
    their public key out of an application called MegaCryption (os/390).
    The public key came to me in a .PKR format. I had to perform a
    --ignore-time-conflict and --sign-key to import this key into my key
    ring. The key imports OK. When I attempt to encrypt a file, here is
    the following error I received:

    C:\GNUPG>gpg --always-trust -e -r jdoe@acme.com --set-filename
    test2.tx
    t --output test2.pgp --encrypt test.txt
    gpg: public key 32EE10D0 is 20500 seconds newer than the signature
    gpg: jdoe@acme.com: skipped: unusable public key
    gpg: test.txt: encryption failed: unusable public key

    C:\GNUPG>

    -- Just for kicks, I created a new private/public pair in GNUPG
    v1.2.0, perform all the import steps to get this key into my ring and
    it works fine. It leads me to believe to me that my private/public
    key that I created in GNUPG v1.0.6 will not work with this particular
    key.

    Any ideas how I can get this new public key to be signed by my current
    key pair that I created in GNUPG v1.0.6 or do I have to create new
    public/private key pair for myself in GNUPG v1.2.0?

    Thanks in advance for your input.

  2. Re: Cannot encrypt file in GNUPG v1.2.0 with private/public pairgenerated from GNUPG v1.0.6

    Hi,

    > I have a private/public key I created in GNUPG v1.0.6. I upgrade my
    > Windows Client to GNUPG v1.2.0. I did not create a new pair of keys
    > when I upgrade, I just exported my key pair out of GNUPG v1.0.6 and
    > import it into GNUPG v1.2.0


    First you should update to at least version 1.2.2 (1.2.3 has been released
    just a few days ago) because there are some annoying bugs fixed. But this
    should not be of interest for your special problem.

    After the import of your old key, did you run 'gpg --edit '
    ? Does it show a 'u/u' for the trust/ownertrust of your private key?

    > I received a public key from a customer of my, which they generated
    > their public key out of an application called MegaCryption (os/390).
    > The public key came to me in a .PKR format. I had to perform a
    > --ignore-time-conflict and --sign-key to import this key into my key
    > ring.


    You have to sign an external key always to make it useable (or if the key
    is signed by someone else you have to 'trust' in the signing key). The fact
    that you have to use --ignore-time-conflict shows that there is something
    wrong either with the key of your customer or the time settings of your
    computer.

    > The key imports OK. When I attempt to encrypt a file, here is
    > the following error I received:
    >
    > C:\GNUPG>gpg --always-trust -e -r jdoe@acme.com --set-filename
    > test2.tx
    > t --output test2.pgp --encrypt test.txt
    > gpg: public key 32EE10D0 is 20500 seconds newer than the signature
    > gpg: jdoe@acme.com: skipped: unusable public key
    > gpg: test.txt: encryption failed: unusable public key


    Looks like your private key has some time problems. The signature on your
    private key is *older* than the creation time of your key. Have you
    invented a time machine? :-)

    Try to use --ignore-time-conflict during encryption, too.

    What is the output of "--list-secret-keys" ?

    > Any ideas how I can get this new public key to be signed by my current
    > key pair that I created in GNUPG v1.0.6 or do I have to create new
    > public/private key pair for myself in GNUPG v1.2.0?


    Fix your time settings?

    Regards,

    Holger


+ Reply to Thread