Silk Road forums
Discussion => Security => Topic started by: ClayG on July 23, 2011, 03:47 am
-
I read a few guides here and else where, having a real pain in the ass getting gpg going through gpa or seahorse in Ubuntu.
I created a key, ok that seems to work.
Then I gave my key to 3 people to sort of make sure it worked.
One person could send me an encrypted message I was able to decrypt, I was unable to ad that persons key to my keyring, I even erased all keys and tried to re-add, no dice.
The other 2, I could add their key with no problem but when they sent me an encrypted message, it shows me jackshit when I decrypt it, it asked for my passphrase and gives no errors, it's almost like it's empty - IN BOTH CASES.
Probably something simple I overlooked. I'm extremely eager to get pgp up and running immediately.
Another thing, lets say I want to just encrypt a message and pm it to someone, I keep looking for the best way to do this and I keep seeing guides talking about created a text file then encrypt it? Is it secure to have plain text files saved on your computer even if you erase them after? I thought it's possible to find erased stuff.
Is there any way to just click "encrypt text" or something and typing the message you want encrypted?
What am I missing?
-
I use PGA rather than Kleopatra, and it has a clipboard where you just type up the message you want, then encrypt it with the keys I've got stashed there. Seemed simpler to use.
I do keep my public key in a text file on my my Desktop for sending off to others. I like PGA better. But I have Debian OS, and don't use email program so about all I use gpg for is to send pms on here. Were you able to decrypt the file I sent you?
One thing I found in Windows, if I remember right, is you have to be careful that you have wordrap format 'off' in your text files. (I forget what it's called,) but if you open up a file and encrypt it and have the format thing 'on' it can cause problems. In linux I just use PGA and I like it better...with the clipboard I don't have to worry about any of that...
You did check out that tutorial, right? It's pretty handy, doesn't take that long:
http://www.gpg4win.org/doc/en/gpg4win-compendium.html
-
I don't run windows, I'm running Ubuntu and thanks to you now tails.
Also..THANKS ALOT, the clip board feature is also in GPA which I guess is this distro's version of PGA. I didn't look at it until you mentioned it. Worked like a charm for both you and the other guy I was able to import their key.
In the case where I was able to read a message but not import the person's key I did it through the command line by just typing gpg it asked the message and I pasted the encrypted message in and it showed what he wrote. But when I tried doing the same thing with you and the other guy it just showed what looked like success but no message, it looked like the person sent a blank message it had the headers or whatever.
Umm If the member who I'm having trouble importing his key is willing to post here and put his key up for others to see what I might be doing wrong it would be appreciated. I've tried importing him after importing everyone (thanks for a members AWESOME advice of copying each page and letting gpg/gpa do the work) from the public key thread, I tried importing his through PM and couldn't find him after wards to encrypt a message to. I then erased all of the keys I imported before and imported just him, still didn't show up.
Either way thanks alot, the clip board is what I'm looking for and so far as far as reading your messages it works, I'd like to post an encrypted message now for you to tell me if you can read it.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.14 (GNU/Linux)
hQEMAwisYFpLTWUcAQf/VfZSByfiAhiL+9bLlU8s1CVILOhY4lgc3xMyv+ZBQvtc
pZ/ewb9WY5WZWTjCkyx1Yqdz0yQrwGFnAs3Ftz4VenfcPVSBksiA2pw1w2Q/tUgs
dDD3SUoPrt/b3zg6oe3gbQCgFXlKjAch3K5BXYMBt0jsbIP4k4jmyqQZsBQA6uUK
75ktnt2f8t+GnolhkpsEDjtbQaDAg9HKq/JZGzXDSNzgtmp2dCxxdznR2TnNTfZg
3pQ7GqF2ZSAOkkR8I29/pXeqGkcPC0pE9ralOq813r/jNVaEkW+8ZM4ngeGIBWnE
Xf8SZGKiy2Q70tGqQna8RnKKqhLSgxZqTifDADWvUdJhAbujT1+H33zo92o5owNC
BIlPbQpJ8quIya9ryZ4LtQTYXFEIGXNiVrlq1ZQNWUQ7xmeOBiX+wAInLeutvAXL
5Uk0QM4QBrKvHrmQnjbaItKjSthby+lJ0PcDJhbb5US3zw==
=CbbX
- -----END PGP MESSAGE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQEcBAEBAgAGBQJOKwT5AAoJELVmfqlPopvvw6kH/1Hkft6Qf8wNQbKFt/7oKxgL
hsV81/CT9WkUna/3eyAhqLNwzlHFxy3Jf2i6Wm1VJPtJ32AhA839KYcuhrhbggHJ
6OJXoSMhO97RIMAfNAZbTpW2PQucB72mIwHShHraaREl1ByzXAUaI4Lpl0+ahwN6
nwxePgTYbkfB0+fCHbil5ajp9FLQHR9WOS33LX2AwHUs1wY5Nolz6XdAAXXXWmc2
NDBJYiZ8ihKuK+EbfuDC+yqhiSnf4lVXpDDf8HgBTagi9MfY1Wm7GOzborf5m20V
PXE6Xnh1B2qMe9G8t2L8V4xdAKQSwYvkvQK/QDXPjtETbotsbMFEwa3LFTrv66o=
=VxO/
-----END PGP SIGNATURE-----
Hope that was done correctly.
-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yep: I could read it, and signature was valid. Now, I guess only I can read it, since it was posted with
my public key, but it was valid signature by you, so it worked good!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQEcBAEBAgAGBQJOK42aAAoJEO/K7Dlw/H6xxWQH/2BH/4yNPCrp2bWDClxbR3Yn
SXePMsFEetvbdUv8FoTUqvuH10O6qpQkAmXmvXoQWswJODA48tqOx52uub1UlHMS
CQLBK4zf9jIpHq4AqIIdBI1KvGJF7MSVRJucWnsZpFfjlMRTQNHlIoKWkvIRADB6
wHJDFNTtBmVsiOJwIinqjZhO9c/PNkbHK4dbnGfITD0OumDLQGgearGp5nqM4gg9
FQoHePSNyak4N0yXqGaT+0ExB6FFM7vre8jJB4E7kSL9jsaiekA9VUSycV5Pc8tX
1ijCYy3rhSvzKx2yJuYJTceCn7RnHeaQPSUEo+Dl+v/2Lj6YWNSSSc0aNgTcLTM=
=Us98
-----END PGP SIGNATURE-----
edit: I goofed: I meant GPA Gnu Privacy Assistant not the Golf Pro deal :)