2 GnuPG questions - PGP

This is a discussion on 2 GnuPG questions - PGP ; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First, when I execute: gpg --search-keys --keyserver pgpkeys.mit.edu I get the following output: gpg: searching for " " from HKP server pgpkeys.mit.edu gpg: can't search keyserver: eof gpg: keyserver search failed: eof I've tried ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: 2 GnuPG questions

  1. 2 GnuPG questions

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    First, when I execute:

    gpg --search-keys --keyserver pgpkeys.mit.edu

    I get the following output:
    gpg: searching for "" from HKP server pgpkeys.mit.edu
    gpg: can't search keyserver: eof
    gpg: keyserver search failed: eof

    I've tried a couple other servers with the same message. What does this
    error usually mean? I am behind a proxy server but everything is
    supposed to be open and I'm using a proxy client that simlulates being
    directly connected to the net so I'm thinking that the proxy isn't the
    problem.

    Second problem. What is the proper procedure for moving keys between two
    computers? For example, at home I created a private key with passphrase
    A. At work, if all I have is passphrase A and the email I used, can I
    import that key from a server or something?

    Oh, and just a curiosity question...the pass phrase I come up with
    really isn't the private key is it? Is it combine with a random number
    (i.e. during that generation process that happens when generating a
    key)? I assume so or else if two people happened to use the same pass
    phrase you'd be able to decrypt each other's messages. So my assumption
    is that when you type in your phrase it is used in conjuntion with some
    random number to create your private key. Is that correct?

    Zach
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (MingW32)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFAn+iNC8HCcOZ0HIoRAjlXAJ9XuPYBCyC1/mdc9y8BrBHFN9tauQCePVsQ
    RpLG/hD8iM+nzTUdvjCvud0=
    =Ghzi
    -----END PGP SIGNATURE-----

  2. Re: 2 GnuPG questions

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In article <2ga7aqFfroaU1@uni-berlin.de>,
    individual_news@nibsworld.com says...
    > -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1First, when I
    > execute:gpg --search-keys --keyserver pgpkeys.mit.edu > address>

    I suspect that instead of using your email address, you should use
    your name and/or key ID.
    > > I get the following output:gpg: searching for ""

    > from HKP server pgpkeys.mit.edugpg: can't search keyserver: eofgpg:
    > keyserver search failed: eofI've tried a couple other servers with
    > the same message. What does thiserror usually mean? I am behind a
    > proxy server but everything issupposed to be open and I'm using a
    > proxy client that simlulates beingdirectly connected to the net so
    > I'm thinking that the proxy isn't theproblem.Second problem. What
    > is the proper procedure for moving keys between twocomputers? For
    > example, at home I created a private key with passphraseA. At work,
    > if all I have is passphrase A and the email I used, can Iimport
    > that key from a server or something?

    You can export your keys (public and secret) from their respective
    keyring files to two files. Take the two files to the office machine
    and import the the two keys from the two files to the respective
    keyrings.
    The passphrase only allows you to to use your secret key to decript
    or sign with.
    > > Oh, and just a curiosity question...the pass phrase I come up

    > withreally isn't the private key is it? Is it combine with a random
    > number(i.e. during that generation process that happens when
    > generating akey)? I assume so or else if two people happened to use
    > the same passphrase you'd be able to decrypt each other's messages.
    > So my assumptionis that when you type in your phrase it is used in
    > conjuntion with somerandom number to create your private key. Is
    > that correct?Zach-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.4
    > (MingW32)Comment: Using GnuPG with Thunderbird -
    > http://enigmail.mozdev.orgiD8DBQFAn+...AJ9XuPYBCyC1/m
    > dc9y8BrBHFN9tauQCePVsQRpLG/hD8iM+nzTUdvjCvud0==Ghzi-----END PGP
    > SIGNATURE-----


    -----BEGIN PGP SIGNATURE-----
    Version: 6.5.8ckt09

    iQA/AwUBQKAJu8jRYykNVyotEQIcHQCgmR9tCv6xM2KDV60vk4xXvw eCBtMAoInS
    9x4kbb4juCRlNzChvax6LMhX
    =J4H7
    -----END PGP SIGNATURE-----

  3. Re: 2 GnuPG questions

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Zach Wells writes:

    [Note: I am unable to verify your signature:

    gpg: Signature made Mon May 10 15:39:41 2004 CDT using DSA key ID E6741C8A
    gpg: no valid OpenPGP data found.
    gpg: Total number processed: 0
    gpg: Can't check signature: public key not found

    It seems that the keyservers do not have your key.]

    >First, when I execute:


    >gpg --search-keys --keyserver pgpkeys.mit.edu


    >I get the following output:
    >gpg: searching for "" from HKP server pgpkeys.mit.edu
    >gpg: can't search keyserver: eof
    >gpg: keyserver search failed: eof


    Maybe the keyservers don't have your key.

    A search works fine for me using my email address.

    >Second problem. What is the proper procedure for moving keys between two
    >computers?


    I normally use rsynch over ssh (via dsl) to synchronize my keyrings
    between home and work computer. I do this for both "pubring.gpg" and
    "secring.gpg".



    But you could use

    gpg --armor --export-secret-keys keyname > secret.asc
    gpg --armor --export keyname > public.asc

    to save to ascii files. Then copy those between your computers (maybe
    use a floppy or a usb memory stick), then use "--import" to import
    them on the other system.

    > For example, at home I created a private key with passphrase
    >A. At work, if all I have is passphrase A and the email I used, can I
    >import that key from a server or something?


    No. The passphrase by itself doesn't do anything. You need the
    secret key.

    >Oh, and just a curiosity question...the pass phrase I come up with
    >really isn't the private key is it?


    No.

    The private key is stored in your keyring, encrypted (conventional
    encryption). The passphase is what you need to decrypt the private
    key in order to access it.

    > So my assumption
    >is that when you type in your phrase it is used in conjuntion with some
    >random number to create your private key. Is that correct?


    Not quite. The pass phase is used to decrypt your private key.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (SunOS)

    iD8DBQFAoAoKvmGe70vHPUMRAsnxAJwJIxavewVH3lUtxkpela Jv8WIvSgCfTvXt
    row+IpwVyqFqFAwkVAKGMQ0=
    =66RI
    -----END PGP SIGNATURE-----


  4. Re: 2 GnuPG questions

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1



    Neil W Rickert wrote:



    Thanks for all that info. I've got much better understanding now (along
    with a new key) so things should be good.

    Zach
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (MingW32)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFApC0m1Jw/17R3M68RAumyAKCQayTPAl1amPzfF7yjAZynVGCbkACePOvu
    GRJx6HmOwLroCfCSgdzOlpo=
    =zz5E
    -----END PGP SIGNATURE-----

+ Reply to Thread