Menu
I am not able to decrypt my file without secret key. I know this question is asked on this before, solutions on this question did not help me.
This is my problem's scenario. This error I receive on command prompt while using --decrypt command.
gpg: decryption failed: No secret key
I have public key and a passphrase with me. I have used following commands to check if there is secret key or not.
• gpg --list-secret-keys
• gpg --list-keys
Both the above commands returned blank result(no error). so I decided to import public key with --import .
• gpg --import "C:\PATH\TO_MY_PUBLIC_KEY"
After --import command I can see public is imported. I could not find the way to deal with secret key. Is there any way I can find secret key or create new secret key.
894
Is it possible to decrypt a PGP encrypted message without the private key of the sender? You cannot decrypt the message EVEN with the private key of the sender ! The message is encrypted using the public key of the recipient, so you need the private of the recipient to decrypt it !
"GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user's private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate."
Namely, whenever the decryption procedure fails it indicates “some correlation between the secret key and the encryption randomness” that reveals “information about the secret key” [21]. This is widely acknowledged.
I also received blank output from the same 2 commands:
gpg --list-secret-keys
gpg --list-keys
I had reason to suspect this was to do with recent changes to the ~/.gnupg/pubring.kbx file, which lead me to run the following 2 commands to re-import missing keys:
Re-import missing secret keys:
gpg --import < ~/.gnupg/secring.gpg
Re-import missing public keys:
gpg --import < ~/.gnupg/pubring.gpg
pubring.kbx: https://gpgtools.tenderapp.com/discussions/nightly/1415-gpg-keychain-broken-pubringkbx-file
60
This message can also happen if your pinentry program isn't working properly, and thus gpg can't get the passphrase to unlock the decryption key. This has happened to me a couple of times. If this is the case, gpg -d -v will appear to select the correct key and then just hang for a while before giving up. This is it waiting for the pinentry that never actually returns.
The steps depend on your specific environment, but checking (or creating) the pinentry-program option in ~/.gnupg/gpg-agent.conf is a good place to start. In my case (on OS X with Homebrew-installed gpg and pinentry-mac) I had to create that file with the following contents:
pinentry-program /usr/local/bin/pinentry-mac
And then run gpgconf --kill gpg-agent to reload the configuration (gpg-agent should automatically restart).
You will likely need to adjust the path above for whatever your preferred pinentry program is. locate pinentry may be helpful to find what options you have installed, or which your-pinentry-program-here will tell you the full path if you already know the name.
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
