Video Screencast Help

PGP Desktop doesn't seem to recognize my private key

Created: 18 Apr 2013 • Updated: 21 Apr 2013 | 13 comments
This issue has been solved. See solution.

I'm trying to transition from XP to Win7. I just installed Symantec Encryption Desktop v10 on Win7. I have been using PGP 8.0 on XP. The install seemed to go OK. Then I tried to encrypt a file with my public key and a friend's key, using the context menu from Win Explorer. Instead of creating a separate file, as 8.0 would have, it somehow modified the source file to some kind of encrypted form. When I try to decrypt the file, it says I don't have the private key to either of the public keys. Buit my private key does display in the list of private keys shown on the keyring display. I  imported all the public keys and private keys from the key files I used with PGP 8.0. My keyrings are stored on a PGP encrypted virtual disk, so my private key has no passphrase. I don't know why it won't use my private key to decrypt the file. Back on XP, PGP 8.0 doesn't recognize it as any kind of PGP encrypted file, even if I rename it to xxx.pgp. As it is, I can't recover the file. Can somebody help me?

Operating Systems:

Comments 13 CommentsJump to latest comment

Tom Mc's picture

For the decryption, you may just need to right click on your key in All Keys, select Key Properties, and set Trust to Implicit.

As to the deletion of the file being encrypted:

When you right click on a file, and select the option of making a PGP Zip, in the resulting box, make sure you don't have Shred Original selected.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

Thank you. Trust is already set to implicit. See attached image (some fields blanked for privacy).

I didn't ask for a PGP Zip.

PGP1.jpg
Arif.Khan's picture

I guess the private key isnot imprted properly, While exporting your keys from PGP 8.0 make sure to include the private key before you hit the save buttng in export wizart. as per attached example. 

 

key.export.gif

Arif

Please mark posts as solutions if that helps you resolve the issue.

Tom Mc's picture

If you can't set Trust to Implicit, you do not have the private key.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

Trust is implicit, see above. I'm upset that there is apparently no compatibility on file encryption between PGP 8.0 and V10. So I can't encrypt files with V10, and send them to a friend still running PGP 8.0.

Tom Mc's picture

You, apparently accidently, just posted your private key to the forum.  Since you should never give your private key to anyone, I deleted that post.  However, others may have already captured your private key before I saw it.  Therefore, for your own security, you should generate a new key for your use, and for best protection of your security, you should revoke the old key and distribute the revoked key.  Anything you currently have encrypted to that key should now be encrypted to your new key instead, if you want to be sure it is still secure.

Having your key block does not tell me if your key is set to Implicit on your machine.  If you reviewed its key properties, and All Keys, and see that Trust is actually set to Implicit, then it is in fact set to Implicit on your machine.

There is full compatibility between PGP 8 and PGP 10.  The only potential problem is if the PGP 10 user generates a new key using algorithms or hashes not supported by the old PGP 8 version.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

As I noted, in my post, I had altered the Asc version of the private key I posted. You will note a string of many zeroes near the end. No-one can reconstruct my private key from that.I will re-attach the keypair example here.

The keys I'm using were all generated under PGP 8.0. I imported the key files I was (and am still) using with PGP 8.

What I'm experiencing is the the file encryption seems completely different and the two versions are not compatible with each other. Also attached is the error message I get when I try to decrypt the file I encrypted with V10, with V10.

pgp2.jpg
AttachmentSize
Edgar W. SwankPair2.asc_.txt 7.27 KB
Tom Mc's picture

I'm sorry I misunderstood.  I had expected to see the Key Properties, and was shocked to see a private key block.  As I tried to explain above, seeing a private key block, whether altered or not, does not tell us what Trust setting you have on your machine for that key.

Thanks for the error message.  This shows that the folder you have the file in is what use to be called NetShare protected; now called Symantec File Encryption.  I don't believe NetShare was included in PGP until PGP 10.  So with PGP 8, you would have been using file encryption instead.  That file encryption is still available in PGP 10, but is now referred to as PGP Zip. 

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

As I said, the private key block I uploaded, in ASC form, had been altered to make it unuseable. The purpose was to show that I had exported the private key along with the public key.

I don't think the entire folder is encrypted, just the single file. I remember having to set some parameter in V10 to allow single file encryption. It may be a PGP Zip, although I never saw that term when I asked V10 to encrypt it from the context menu of Win7 Internet Explorer. But now I can't decrypt it from either Win7 Desktop V10, or XP with PGP 8.0. This is why I say the file encryption is incompatible between 8.0 and V10.

Do you have any suggestions on how I can recover my file to its state before encryption? Or what is wrong that it doesn't seem to be able to use my private key to decrypt?

Tom Mc's picture

Okay - I finally understand showing the two keyblocks - thank you.

FileShare can be enabled for individual files, on what I'm guessing show as a FileShare tab of Options.   I think you can also use the option on that tab of Overlay PGP Icon....   to confirm whether the file and/or folder is FileShare encrypted.  I don't have a computer in front of me now with 10.3 installed, so there may be some changes for you compared to what I'm currently seeing.  Typically, you can decrypt a FileShare protected file, by opening it in the software for that file type and then saving the opened file to another location on your disk.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

I tried your suggestion, but got the attached error message. I should be the owner of the file, and I am an administrator on this system.

pgp3.jpg
Tom Mc's picture

I'm not finding anything specific on this error for NetShare.  However, I'm thinking a possible cause might be if the file is Read Only, such as would be the case if it is on a CD, or was on a CD.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Edgar S's picture

Found a solution! Instead of using directly my old PGP 8.0 keyrings, I created new, empty, public and private keyrings, then imported (drag & drop)  the public private key pair in ASC form that I had exported from PGP 8.0.  Then rebooted for good luck. Now when I view the encrypted file in W7 windows explorer, it shows the actual photo as a thumbnail, and when I ask to decrypt it, it does! I have yet to determine if I can now encrypt a file on Win7, and decrypt it with PGP 8.0 on XP. But at least I was able to recover the file I encrypted.

SOLUTION