Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

sharing a pgp key between multiple users

Created: 14 Feb 2013 • Updated: 20 Feb 2013 | 13 comments
This issue has been solved. See solution.

Hi,

Hope you can assist. I have a setup where a client uses FTP to place files directly to a shared network drive. The files are encrypted using PGP. I set this up with one user (who I provided the public key of to the client) and she is able to decrypt the files. I would now like to setup two more users to be able to decrypt the same files. I exported the key from the user, making sure I ticked the ''include private key(s)" checkbox. I then imported said key to the second users PGP desktop. However I am unable to open the file and get the following message:-

"It is not possible to decrypt this message because your keyring does not contain usable private key(s) corresponding to any of the above public keys(s)."

I checked the second users PGP and the private key has not imported as it is still stating that the key is a rsa public key and not a key pair.

Please could you assist with this as I am not sure on how to proceed.

Thanks,

Mukesh

Comments 13 CommentsJump to latest comment

Ashish-Sharma's picture

hi,

Check this artical may be help

HOW TO: Add Multiple Keys to a PGP NetShare Folder - PGP Desktop 10

 

Article:HOWTO42115 | Created: 2009-12-14 | Updated: 2012-01-26 | Article URL http://www.symantec.com/docs/HOWTO42115

 

Thanks In Advance

Ashish Sharma

 

 

Tom Mc's picture

It sounds like you may have exported the wrong keypair, so you may want to check this possibility.  If you are sure you exported the correct keypair, you may want to try exporting it again, again making sure to include the private key in the export.  After importing the key, you need to right click on it, select Properties, and set Trust to Implicit.  If you can't set Trust to Implicit, it means that you do not have the private key.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Muks761's picture

Hi Tom, thanks for your response. There is only one keypair as this is a first time install and only with this one client. This original user is the only one able to decrypt the file, therefore the private key must exist. Is there any reason why the private key would not get exported when exporting the keypair even though it is exported to include the private key? As i have exported the same keypair and still get the same error.  I am not sure what else I should be doing. Any help will be appreciated. Thanks.

Tom Mc's picture

I can't think of a reason why the private key would not be included when you select that option.  It might be interesting to open the exported key in Notepad, and see if it does include both the public and private key blocks.  This could happen if the person importing the key has the private keyring set as Read Only, such as would happen if it is on a CD.  The private key would not be exported if it is on a secure card or token.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Muks761's picture

Thanks Tom, I checked and the file is not read only. I also opened the .asc file in Notepad and it showed both key blocks. So it seems to be exporting correctly. Any ideas please?

Tom Mc's picture

Interesting.  Since the private keyring is not Read Only, it should be imported okay.  It may be interesting to delete the public key block in Notepad, and then try importing the remaining private key. 

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Muks761's picture

So, I deleted the public key block in notepad and imported the key, however once done, it still states its a rsa public key in the description field on the PGP desktop software. I then all the keys and imported this one key again and it came up with the same result. Not sure if the version makes a difference. All the versions that are installed are 10.2.0.

Muks761's picture

So, I deleted the public key block in notepad and imported the key, however once done, it still states its a rsa public key in the description field on the PGP desktop software. I then deleted all the keys and imported this one key again and it came up with the same result. Not sure if the version makes a difference. All the versions that are installed are 10.2.0.

 

Tom Mc's picture

The PGP version shouldn't matter, as long as the key was generated by a recent official version of PGP, and imported into a current PGP version.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Muks761's picture

Is there anything else that would cause the private key not to import other than the file being read only?

Tom Mc's picture

It doesn't seem likely to be the problem, but I'd suggest checking permissions for the private keyring to make sure the user has Full control.  It might also be interesting to try generating a new key, just to make sure there is write access to the private keyring.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Muks761's picture

It seems that by importing through the PGP desktop manager it does not import all the keys. I tried just importing directly by double clicking the .asc file and this imported the private key as well. It works this way for everyone. Thanks for your assistance.

SOLUTION
Tom Mc's picture

Glad to hear this!  That's how I always import keys.  If you use the Mark As Solution on your last post, it may be helpful to others.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &