How to specify private key when decrypting a file using GnuPG?

linux encryption gnupg
81,278

Solution 1

I already have the private key with which the file has been encrypted, but I am not sure how can I specify it.

I understand this as "I've got a file containing the private key, but do not know how to tell GnuPG to use it".

GnuPG requires keys (both public and private) to be stored in the GnuPG keyring. This is as easy as

gpg --import [keyfile]

Afterwards, you should be able to decrypt the file exactly the way you already tried.

Solution 2

bash-4.2$ gpg --import b_secret.key
gpg: key 23E7859B: already in secret keyring
gpg: Total number processed: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1
bash-4.2$ gpg --decrypt b_txt.asc
gpg: key 23E7859B: secret key without public key - skipped
gpg: encrypted with RSA key, ID 04702E37
gpg: decryption failed: secret key not available

Solution 3

You don't need to expressly declare the secret key in the gpg decrypt command. If the keypair- both Public AND Private keys- as Jens states are present on the keyring on the host where you're decrypting, GPG will automagically determine the secret key required for decryption and present a password challenge.

HOWEVER if you wish to try all (non-cached) keys (maybe you're testing a file encrypted with multiple keys), using the switch --try-all-secrets will cycle through all the secret keys on your keyring trying them in turn. ie:

gpg -d --try-all-secrets test-gpg.txt.asc

HTH- Terrence

Share:
81,278

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin over 1 year

    I am trying to decrypt a file with GnuPG, but when using the command below:

    gpg --decrypt filename.gpg

    I get the following message:

    gpg: encrypted with RSA key, ID 3662FD5E
gpg: decryption failed: No secret key

    I already have the private key with which the file has been encrypted, but I am not sure how can I specify it. Is there any option I can include when doing the decryption to point to this key?

  • Vlastimil Ovčáčík
    Vlastimil Ovčáčík over 8 years
    Welcome to SuperUser, your suggestion is already in another answer. You should upvote that answer instead of making new one. You don't have enough reputation to do that yet, wait until you do.
  • RollRoll
    RollRoll almost 8 years
    So is gpg smart enough to know which key to decrypt once you have several keys imported?
  • Jens Erat
    Jens Erat almost 8 years
    Yes. Usually the key is even referenced in the encrypted file, if not GnuPG tries all keys.
  • jlh
    jlh over 6 years
    I use GnuPG programmatically and have a keyring with hundreds of private keys and message may be encrypted with dozens of them. It seems a bit wasteful that it just tries them all (actually it tries to unlock them all using the given passphrase and takes the first one that works).
  • Jens Erat
    Jens Erat over 6 years
    GnuPG only tries them all if the key was hidden by the sending party. It feels your use case was not one of the design targets of GnuPG. If you know the correct private key although it is not stored in the encrypted file, consider managing different GnuPG home directories/keyrings with a single private key instead.
  • jlh
    jlh over 5 years
    Yes, it seems that my use case isn't well suited for gpg. For completeness here's a more detailed observation: My recipient IDs are not hidden (not using -R), so gpg knows which of the maybe a dozen keys it should try, it doesn't have to try the entire keyring. However gpg doesn't know for which key I supplied the passphrase, so it does have to try those dozen keys, which slows down things considerably.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Set up gpg to decrypt own local files without supplying passphrase
Decrypt and encrypt a file using gpg without re-typing the passphrase
How to automatically delete the original files after encrypting with GPG?
How to delete a subkey on Linux in GnuPG?
How to have a different pass phrase for a gpg subkey?
What are the correct permissions for the .gnupg enclosing folder? gpg: WARNING: unsafe enclosing directory permissions on configuration file
gpg: import failure key xxxxxxxx: no valid user IDs
how to encrypt a file using private key in gpg
Can't link OpenSSL code
Debian apt error: "The following signatures were invalid: NODATA 1 NODATA 2"