mirror of
git://git.gnupg.org/gnupg.git
synced 2025-04-09 21:41:09 +02:00
updated 5.1 and 5.7 with comments by H.Felger, removed 5.3
This commit is contained in:
parent
ca8c871e54
commit
2473b7e2f0
65
doc/FAQ
65
doc/FAQ
@ -2,8 +2,8 @@
|
||||
GNUPG FREQUENTLY ASKED QUESTIONS
|
||||
|
||||
|
||||
Version: 0.37
|
||||
Last-Modified: Jan 25, 2001
|
||||
Version: 1.0
|
||||
Last-Modified: Feb 20, 2001
|
||||
Maintained-by: Nils Ellmenreich <nils 'at' gnupg.org>
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ most convenient if you could provide the answer to be included
|
||||
here. Your help is very much appreciated.
|
||||
|
||||
Please, don't send message like "This should be a FAQ - what's the
|
||||
answer?". If it hasn't been asked before, it isn't a FAQ. In that case,
|
||||
answer?". If it hasn't been asked before, it isn't a FAQ. In that case
|
||||
you could search in the mailing list archive.
|
||||
|
||||
|
||||
@ -29,7 +29,7 @@ you could search in the mailing list archive.
|
||||
1.1) What is GnuPG?
|
||||
1.2) Is GnuPG compatible with PGP?
|
||||
|
||||
2. SOURCES OF INFORMATION
|
||||
2. SOURCES of INFORMATION
|
||||
2.1) Where can I find more information?
|
||||
2.2) Where do I get GnuPG?
|
||||
|
||||
@ -59,14 +59,13 @@ you could search in the mailing list archive.
|
||||
4.15) Can't we have a gpg library?
|
||||
|
||||
5. COMPATIBILITY ISSUES
|
||||
5.1) How can I encrypt a message so that PGP 2.x is able to decrypt it?
|
||||
5.1) How can I encrypt a message with GnuPG so that PGP is able to decrypt it?
|
||||
5.2) How do I migrate from PGP 2.x to GnuPG?
|
||||
5.3) How can I conventional encrypt a message, so that PGP can decrypt
|
||||
it?
|
||||
5.3) (removed)
|
||||
5.4) Why is PGP 5.x not able to encrypt messages with some keys?
|
||||
5.5) Why is PGP 5.x not able to verify my messages?
|
||||
5.6) How do I transfer owner trust values from PGP to GnuPG?
|
||||
5.7) Older PGPs do not like my secret key.
|
||||
5.7) PGP does not like my secret key.
|
||||
|
||||
6. PROBLEMS and ERROR MESSAGES
|
||||
6.1) Why do I get "gpg: Warning: using insecure memory!"
|
||||
@ -116,7 +115,7 @@ you could search in the mailing list archive.
|
||||
the OpenPGP standard. But there are some interoperability
|
||||
problems. See questions 5.1ff. for details.
|
||||
|
||||
2. SOURCES OF INFORMATION
|
||||
2. SOURCES of INFORMATION
|
||||
|
||||
2.1) Where can I find more information?
|
||||
|
||||
@ -446,17 +445,36 @@ messages?
|
||||
5. COMPATIBILITY ISSUES
|
||||
|
||||
|
||||
5.1) How can I encrypt a message so that PGP 2.x is able to decrypt it?
|
||||
5.1) How can I encrypt a message with GnuPG so that PGP is able to decrypt it?
|
||||
|
||||
It depends on the PGP version.
|
||||
|
||||
PGP 2.x
|
||||
|
||||
You can't do that because PGP 2.x normally uses IDEA which is not
|
||||
supported by GnuPG because it is patented (see 3.3), but if you
|
||||
supported by GnuPG as it is patented (see 3.3), but if you
|
||||
have a modified version of PGP you can try this:
|
||||
|
||||
gpg --rfc1991 --cipher-algo 3des ...
|
||||
|
||||
Please don't pipe the data to encrypt to gpg but give it as a
|
||||
Please don't pipe the data to encrypt to gpg but provide it using a
|
||||
filename; otherwise, PGP 2 will not be able to handle it.
|
||||
|
||||
As for conventional encryption, you can't do this for PGP 2.
|
||||
|
||||
|
||||
PGP 5.x and higher
|
||||
|
||||
You need to provide two additional options:
|
||||
--compress-algo 1 --cipher-algo cast5
|
||||
|
||||
You may also use "3des" instead of "cast5", "blowfish" does not
|
||||
work with all versions of pgp5. You may also want to put
|
||||
compress-algo 1 into your ~/.gnupg/options file - this does
|
||||
not affect normal gnupg operation.
|
||||
|
||||
This applies to conventional encryption as well.
|
||||
|
||||
5.2) How do I migrate from PGP 2.x to GnuPG?
|
||||
|
||||
PGP 2 uses the RSA and IDEA encryption algorithms. Whereas the RSA
|
||||
@ -468,18 +486,9 @@ messages?
|
||||
to perform the migration.
|
||||
|
||||
|
||||
5.3) How can I conventional encrypt a message, so that PGP can decrypt
|
||||
it?
|
||||
|
||||
You can't do this for PGP 2. For PGP 5 you should use this:
|
||||
|
||||
gpg -c --cipher-algo 3des --compress-algo 1 myfile
|
||||
|
||||
You may replace "3des" by "cast5". "blowfish" does not work with all
|
||||
versions of pgp5. You may also want to put compress-algo 1
|
||||
into your ~/.gnupg/options file - this does not affect
|
||||
normal gnupg operation.
|
||||
5.3) (removed)
|
||||
|
||||
(empty)
|
||||
|
||||
5.4) Why is PGP 5.x not able to encrypt messages with some keys?
|
||||
|
||||
@ -507,9 +516,9 @@ it?
|
||||
where pgpkeyring is the original keyring and not the GnuPG one you
|
||||
might have created in the first step.
|
||||
|
||||
5.7) Older PGPs do not like my secret key.
|
||||
5.7) PGP does not like my secret key.
|
||||
|
||||
PGP probably bails out on some private comment packets used by
|
||||
Older PGPs probably bail out on some private comment packets used by
|
||||
GnuPG. These packets are fully in compliance with OpenPGP; however
|
||||
PGP is not really OpenPGP aware. A workaround is to export the
|
||||
secret keys with this command:
|
||||
@ -522,14 +531,16 @@ it?
|
||||
different algo:
|
||||
|
||||
$ gpg --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 \
|
||||
--compress-algo=1 --edit-key username
|
||||
--compress-algo=1 --edit-key <username>
|
||||
|
||||
Then use passwd to change the password (just change it to the same
|
||||
thing, but it will encrypt the key with CAST5 this time).
|
||||
|
||||
Now you can export it and PGP should be able to handle it.
|
||||
|
||||
|
||||
For PGP 6.x the following options work to export a key:
|
||||
$ gpg --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 \
|
||||
--export-secret-keys <Key-ID>
|
||||
|
||||
6. PROBLEMS and ERROR MESSAGES
|
||||
|
||||
|
61
doc/faq.raw
61
doc/faq.raw
@ -13,8 +13,8 @@ The most recent version of the FAQ is available from
|
||||
[H H1]GNUPG FREQUENTLY ASKED QUESTIONS[H /H1]
|
||||
|
||||
|
||||
Version: 0.37[H p]
|
||||
Last-Modified: Jan 25, 2001[H p]
|
||||
Version: 1.0[H p]
|
||||
Last-Modified: Feb 20, 2001[H p]
|
||||
Maintained-by: [$maintainer]
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ most convenient if you could provide the answer to be included
|
||||
here. Your help is very much appreciated.
|
||||
|
||||
Please, don't send message like "This should be a FAQ - what's the
|
||||
answer?". If it hasn't been asked before, it isn't a FAQ. In that case,
|
||||
answer?". If it hasn't been asked before, it isn't a FAQ. In that case
|
||||
you could search in the mailing list archive.
|
||||
|
||||
|
||||
@ -58,7 +58,7 @@ you could search in the mailing list archive.
|
||||
the OpenPGP standard. But there are some interoperability
|
||||
problems. See questions <Rcompat>ff. for details.
|
||||
|
||||
<S> SOURCES OF INFORMATION
|
||||
<S> SOURCES of INFORMATION
|
||||
|
||||
<Q> Where can I find more information?
|
||||
|
||||
@ -404,17 +404,37 @@ messages?
|
||||
|
||||
<Dcompat>
|
||||
|
||||
<Q> How can I encrypt a message so that PGP 2.x is able to decrypt it?
|
||||
<Q> How can I encrypt a message with GnuPG so that PGP is able to decrypt it?
|
||||
|
||||
It depends on the PGP version.[H UL]
|
||||
|
||||
[H LI] PGP 2.x
|
||||
|
||||
You can't do that because PGP 2.x normally uses IDEA which is not
|
||||
supported by GnuPG because it is patented (see <Ridea>), but if you
|
||||
supported by GnuPG as it is patented (see <Ridea>), but if you
|
||||
have a modified version of PGP you can try this:
|
||||
|
||||
[H pre] gpg --rfc1991 --cipher-algo 3des ... [H/pre]
|
||||
|
||||
Please don't pipe the data to encrypt to gpg but give it as a
|
||||
Please don't pipe the data to encrypt to gpg but provide it using a
|
||||
filename; otherwise, PGP 2 will not be able to handle it.
|
||||
|
||||
As for conventional encryption, you can't do this for PGP 2.
|
||||
|
||||
|
||||
[H LI] PGP 5.x and higher
|
||||
|
||||
You need to provide two additional options:
|
||||
[H pre]--compress-algo 1 --cipher-algo cast5 [H/pre]
|
||||
|
||||
You may also use "3des" instead of "cast5", "blowfish" does not
|
||||
work with all versions of pgp5. You may also want to put [H pre]
|
||||
compress-algo 1 [H/pre] into your ~/.gnupg/options file - this does
|
||||
not affect normal gnupg operation.
|
||||
|
||||
This applies to conventional encryption as well.
|
||||
[H /UL]
|
||||
|
||||
<Q> How do I migrate from PGP 2.x to GnuPG?
|
||||
|
||||
PGP 2 uses the RSA and IDEA encryption algorithms. Whereas the RSA
|
||||
@ -426,20 +446,9 @@ messages?
|
||||
to perform the migration.
|
||||
|
||||
|
||||
<Q> How can I conventional encrypt a message, so that PGP can decrypt
|
||||
it?
|
||||
|
||||
You can't do this for PGP 2. For PGP 5 you should use this:
|
||||
|
||||
[H pre]
|
||||
gpg -c --cipher-algo 3des --compress-algo 1 myfile
|
||||
[H/pre]
|
||||
|
||||
You may replace "3des" by "cast5". "blowfish" does not work with all
|
||||
versions of pgp5. You may also want to put [H pre] compress-algo 1
|
||||
[H/pre] into your ~/.gnupg/options file - this does not affect
|
||||
normal gnupg operation.
|
||||
<Q> (removed)
|
||||
|
||||
(empty)
|
||||
|
||||
<Q> Why is PGP 5.x not able to encrypt messages with some keys?
|
||||
|
||||
@ -469,9 +478,9 @@ it?
|
||||
where pgpkeyring is the original keyring and not the GnuPG one you
|
||||
might have created in the first step.
|
||||
|
||||
<Q> Older PGPs do not like my secret key.
|
||||
<Q> PGP does not like my secret key.
|
||||
|
||||
PGP probably bails out on some private comment packets used by
|
||||
Older PGPs probably bail out on some private comment packets used by
|
||||
GnuPG. These packets are fully in compliance with OpenPGP; however
|
||||
PGP is not really OpenPGP aware. A workaround is to export the
|
||||
secret keys with this command:
|
||||
@ -485,7 +494,7 @@ it?
|
||||
|
||||
[H pre]
|
||||
$ gpg --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 \
|
||||
--compress-algo=1 --edit-key username
|
||||
--compress-algo=1 --edit-key <username>
|
||||
[H /pre]
|
||||
|
||||
Then use passwd to change the password (just change it to the same
|
||||
@ -493,7 +502,11 @@ it?
|
||||
|
||||
Now you can export it and PGP should be able to handle it.
|
||||
|
||||
|
||||
For PGP 6.x the following options work to export a key:
|
||||
[H pre]
|
||||
$ gpg --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 \
|
||||
--export-secret-keys <Key-ID>
|
||||
[H /pre]
|
||||
|
||||
<S> PROBLEMS and ERROR MESSAGES
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user