How does one go about transferring an existing install to another server? On the new server PGP is already installed and licensed. We'd just like to export our existing keychain and others public keys from the old server to this new server.
A customer is sending an encrypted file and I can't get it decrypted. The first file had an extension of .csv.asc, the error I got was 3031:input does not contain PGP data. The customer sent a new file as .csv. This one gets error 3090:operation failed, ascii armor input incomplete. Is it their file or am I missing something?? I'm new at this so any help would be great.
Good Morning,
Im trying to test PGP Command Line as a standalone product without a Management server and i wanted to find out the basic switches
to Encrypt the Boot Partition or the whole disk, is this option available through the command line ?
The Guide is over 300 pages and i can seem to find anything about "Whole Disk Encryption" or Boot Partition, from what i can gather it can definatly do files but im really just after doing this for the whole disk in Windows 7.
Thank You
My company needs to automate the decryption of PGP files, probably in batch processing mode, but the license of PGP Command Line is pretty expensive, is there any way I can do the automation in a more economical way?
When I run a pgp command line "verify" command on a file, I get *.pgp:verify (3113:data is armored). Have no clue what this means and how to resolve it? Any help is greatly appreciated. Thank you.
We encrypted several zipped SAS datasets with PGP, but are receiving errors when we try to decrypt them (see below). The files are over 2GB in size. We know the files were not corrupt to begin with as we could load/view them in SAS. Did the encryption process corrupt the files? Is there a way to decrypt these or recover the original contents? Thanks in advance for your help.
Error 1:
Error 2:
Hello,
I need send keypair and public key for the keyserver.
1- Create the keyrings;
2- Create user keys;
3- In this moment, I executed the following command:
pgp --keyserver-send xxxxx --keyserver ldap://keys.xxxx.xxx
Results of command:
pgp:keyserver send (2710:days left in current license, 11)
xxxxx:keyserver send (2509:keyserver error)
ldap://keys.xxxxx.xxx:keyserver send (3090:operation failed, Server is unwilling to perform)
How can resolve this problem?
Thanks,
Hi
We use command line 10.0.
The PGP key is set to 'NEVER" for expiry.
But when I import this key into GPG ( for a client ), and list, Created date shows up as both created and expired date.
so when I try to encrypt any file from GPG for this PGP recipient, it gives
Dears,
I'm new to PGP command line and now install two instance of PGP command line in differant meachines
on first machine i create private and public key and encrypt some of file using below command:
pgp --encrypt --input F:\PGPTest\Original\A1.txt --output F:\PGPTest\Encrypted\A1.txt.pgp -r "SAQWA"
after that im export the public key of first machine (the machine that create encrypted file) to the second machine
and i import the key and sign itand trust it, after that im try to decrypt the encripted files using:
pgp --decrypt --input C:\PGPTest\Encrypted\A1.txt.pgp --output C:\PGPTest\Encrypted\A1.txt --passphrase "P@ssw0rd" --overwrite remove --temp-cleanup remove --input-cleanup remove
error occured 1080: No private key found?
HELP ASAP :(
Hi
Sorry this will be a bit long as I try to describe the problem in sufficient detail.
We have installed PGP Command Line on a remote server. Our users access this server through a 3rd party client tool that sends a command to the command line, which runs the PGP Decryption process. However, it appears the PGP Command Line program is creating randseed.rnd files for each user in their user folder: C:\Users\[user]\AppData\LocalLow\PGP Corporation\PGP. Since each user does not have a Users folder, the program is failing for users that do not have one.
We have already configured PGP Command Line to have a separate home folder using the PGP_HOME_DIR environmental directory. We are also including an argument with each command to use that same directory: --home-dir "C:\Program Files\PGP Corporation\PGP Command Line".
We would like the PGP Command Line application to only use files in the PGP_HOME_DIR directory. For security reasons we do not want users have access to multiple locations on the server. Additionally, we'd like all users to have the same randseed.rnd, secring,skr, and pubring.pkr files.
Thank you
Hi All,
I'm planning to install PGP CLI on Solaris 11 server and need following information on Key Management & Renewal
1) Is it possible to get Enterprise(Full Licensed-Never Expiring) PGP tool to be installed on Solaris server
2) How can I renew a existing Public & Private pair Key after expiry(as i don't want to exchange public Key with interfaces during renewal)
3) Do I need to generate a new private and public pair for every license renewal of PGP tool.
Hi,
I need to find the right command string to export a public key along with the x509 certificate. (that will give me a .crt file extension) I actually need it in .CER format but I don't believe pgp commandline can do that (i'll have to convert it using other means)
Looking at the manual the --export command along with --export-format looks like whta I need to do, but doesnt really give me any syntax guidance:
Export Format
PGP Command Line supports multiple export formats:
It doesn't tell me what syntax I need to use to get it out in X.509 format. There is a command example:
Thanks!
Hi
While trying to decrypt a file received from a client I am getting the error “Private key not found” .
1080:no private key could be found for decryption.
I have done the following as mentioned by the user dfinkelstein in another post.
C:\Users\Administrator>pgp --list-keys
Alg Type Size/Type Flags Key ID User ID
----- ---- --------- ------- ---------- -------
1) My first question is from the above output which column displays prviate keys, and public keys.
I have also run the following
C:\Users\Administrator>pgp --verify "F:\esco\New folder\test.pgp"
and I get the following output.
file.pgp:verify (3144:data is encrypted to unknown ID 0x73345F23)
Hi,
PGP Server - Windows Server 2003
PGP Version - 10.2 build 283
Client Encryption tools - GPG 4 Win Version 2.1.0
File encrypted without ascii armor mode. File upload via Tectia File Transfer binary mode.
Scenario:
Client uploaded 2 files for us. Both file also return error when we try to decrypt using the following command:
pgp --decrypt *filename --overwrite remove
Error:
<3131:multiple PGP blocks found in single input stream>
<3090:operation failed, Modified data detected in integrity-protected encrypted data>
Tried dump packet with the follow result:
pgp --dump-packets LU0815T2.dat.gpg
Old: Public-Key Encrypted Session Key Packet(tag 1)(268 bytes)
New version(3)
Key ID - 0x04783150B6239486
Pub alg - RSA Encrypt or Sign(pub 1)
RSA m^e mod n(2048 bits) -
0: 80 7b cd c3 44 35 19 c0 65 cf a6 77 eb 34 c6 38 |.{..D5..e..w.4.8|
16: 5b a0 fb 50 75 a7 fd 28 76 a7 4a ac 69 3b 02 3c |[..Pu..(v.J.i;.<|
32: 57 38 9d 55 ba 35 e3 8d c2 82 b7 3a 17 3d f1 d6 |W8.U.5.....:.=..|
48: 08 6e 05 51 10 77 08 3c 69 00 16 03 f5 58 e7 a6 |.n.Q.w.<i....X..|
64: 6f 3f 27 8c 7b bd a4 db ce 4a 39 8e a8 6c 02 03 |o?'.{....J9..l..|
80: 03 c4 af 3f b4 aa 2a c3 ac c9 58 2a f7 1a ab 0f |...?..*...X*....|
96: 4b 28 37 e4 69 c9 07 49 4c 97 25 69 c9 9f fe 64 |K(7.i..IL.%i...d|
112: d1 28 ac 10 3f 98 2d 91 eb d0 18 ba 06 33 ca c9 |.(..?.-......3..|
128: a0 3c a4 17 df 66 4e df ae 7d 29 56 67 72 9e 75 |.<...fN..})Vgr.u|
144: 02 9d 65 66 cb 91 62 ee 67 8a 43 0c d6 44 88 64 |..ef..b.g.C..D.d|
160: e0 6c bf e1 4b 7f e6 94 2b 52 d1 b6 8a 80 ed 0b |.l..K...+R......|
176: 29 77 eb 11 f1 ec b3 27 95 14 b4 55 2f d6 37 78 |)w.....'...U/.7x|
192: 9e 0c 02 b9 73 c4 9a 11 d0 65 3c 98 64 13 3f b4 |....s....e<.d.?.|
208: d5 ca d4 a8 3c 73 59 c0 74 bf 28 53 ad 34 3a 5a |....<sY.t.(S.4:Z|
224: b9 4f aa 12 0c d8 83 a8 a3 b6 a0 1c 55 b7 c1 10 |.O..........U...|
240: c4 4a b7 32 90 4d e2 5d 4b 79 89 38 1f 85 87 89 |.J.2.M.]Ky.8....|
-> m = sym alg(1 byte) + checksum(2 bytes) + PKCS-1 block type 02
New: Symmetrically Encrypted and MDC Packet(tag 18)(8192 bytes) partial start
Ver 1
Encrypted data [sym alg is encrypted in the pub session key above]
(plain text + MDC SHA1(20 bytes))
New: (8192 bytes) partial continue
New: (8192 bytes) partial continue
New: (8192 bytes) partial continue
New: (189 bytes) partial end
New: unknown(tag 49)(58 bytes)
Old: Reserved(tag 0)(114 bytes)
Old: Trust Packet(tag 12)(until eof)
Trust -
LU0815T2.dat.gpg:dump packets (0:packets decoded successfully)
Attached the affected file as well.
How to fix this issue/avoid this issue in the future?
PGP Server - Windows Server 2003
PGP Version - 10.2 build 283
Scenario:
We've created a script to auto decrypt .PGP file. The script is triggered by 3rd party software (IBM Connect Direct via it's RunTask function).
Script:
@echo off
set DecFilPath=D:\XXXXX\abc\%1 ⇔ to define the Decryption File path in set environment
set VendrFile=%DecFilPath%\%2.gpg ⇔ to define the location of client uploaded encrypted file
set EncryptFile=%DecFilPath%\%2.pgp ⇔ to define the targeted encrypted file
ECHO [%TIME:~0,8% %DATE%] Start Decryption >> %DecFilPath%\LogDownload.txt
IF EXIST %EncryptFile% Del %EncryptFile% ⇔ if similar targeted encrypted file exist, delete the old encrypted file
Rename %VendrFile% *.pgp ⇔ rename the client uploaded encrypted file to extension .pgp for PGP to able to decrypt.
pgp --decrypt %EncryptFile% --overwrite remove >> %DecFilPath%\LogDownload.txt 2>&1
ECHO [%TIME:~0,8% %DATE%] End Decryption >> %DecFilPath%\LogDownload.txt
* %DecFilPath%\LogDownload.txt ⇔ logging purpose
Expected outcome:
D:\XXXXX\abc\xyz\clientfile.txt.pgp:decrypt (0:output file D:\XXXXX\abc\xyz\clientfile.txt)
Error outcome:
D:\XXXXX\abc\xyz\clientfile.txt.pgp:decrypt (0:output file clientfile.txt)
The decrypted file should always decrypted to the same path as the encrypted file located as above Expected outcome stated.
But in our scenario, the decrypted file were decryted to the 3rd party software installation path:
D;\Program Files\Sterling Commerce\Connect Direct v4.2.00\Server\program
I know i could introduce the -o option during the decryption, but may i understand what is the behavior of PGP decryption if i do not introduce the -o function? Isn't pgp will always output the file to the same location as the encrpytion file path?
Hello,
It has been now more than 2 weeeks where I have regestered for trial version of PGP command line (latest version).
I need the trial version ASAP so that I can test my issue and if that worked, I need to buy it.
Please provide the same ASAP.
I have searched the forum for the error we are receiving (1080:no private key could be found for decryption) and the scenarios are for movement between two servers. My scenario is the following:
Keypair created on development server. Both encrypt and decrypt commands work perfectly at the command line.
When trying to decrypt by running the script as a concurrent program, we are getting the 1080 error. I can cut and paste the exact line to the command line and it works perfectly: /opt/pgp/bin/pgp --decrypt HSA_OpenBankAccounts.csv.pgp --passphrase "Dev Password"
So for our development work, we are just doing the encrypt/decrypt on the same box. I can run an ecrypt through the concurrent program without problems. Can someone please try to point me in the right direction?
Using PGP Command Line 10.3.1 build 12070
Hi there,
I've just installed PGP commandline 10.0.
I have entered the license info and then I created a new keypair with the command
pgp --gen-key "NAME <MAIL@AAA.COM>" --key-type rsa --encryption-bits 2048 --signing-bits 2048 --passphrase 'SOMEWORD'
I've repeated this process several times because I'm creating a manual for another department.
In between I've used pgp --remove-key-pair NAME --force to delete the existing keypair.
Suddently I came to a point where I can't create a new keypair anymore, I see the following error message:
pgp:generate key (3071:too many user IDs specified)
What should I do?
Hello,
Currently PGPCMDLine 10.0 is running on Windows XP system. Customer would like to upgarde system to windows 7 and want to upgarde PGPCMDLine to 10.3 version on same hardware.
I would like know about belwo things
Regards,
Ajeet
I have the following setup:
An "Admin Group" containing myself and several other people I want to be able to re-encrypt folders as needed.
A "User Group" of people that should not be able to manage the File Share, but can decrypt content.
My personal key/account.
I'm able to use either the Windows UI or the pgpnetshare.exe command line to create an encrypted file share such that the "admin group" has the admin role, my account is a group admin, and a "user group" is assigned as a user role. Here's the command line I use for that:
pgpnetshare -e --recipient-owner "ADMIN GROUP KEYID" --recipient-operator "MY KEY ID" --recipient "USER GROUP KEY ID" --signer "MY KEY ID" --passphrase "MY PASSPHRASE" --universal-server "pgpserver.mycompany.com""C:\encrypted_file_share_folder"
With that, I'm able to have other people in the "Admin Group" re-encrypt and otherwise change the file share folder as needed through the Windows UI, but what I'm not able to find a way to re-encrypt or change anything using the command line application on the new File Share once these roles are assigned.
Here's the command line I try to use to re-encrypt:
pgpnetshare --reencrypt-delta --recipient-owner "ADMIN GROUP KEYID" --recipient-operator "MY KEY ID" --recipient "USER GROUP KEY ID" --signer "MY KEY ID" --passphrase "MY PASSPHRASE" --universal-server "pgpserver.mycompany.com""C:\encrypted_file_share_folder"
I get the error:
Error: You are attempting to manage a File Share Encryption-protected file or folder, but you do not have rights to do so.
Which leads me to believe that the command line doesn't check to see if I'm on the "Admin Group" users list. Note that the Windows UI does check this and I'm able to re-encrypt the folder through the Windows UI, just not the command line.
I'm able to use the above re-encrypt command line if my account is in the "Admin Role", but not the "Group Admin Role". And after I issue the command, I can again, no longer manage the folder with the command line. Everything still works as expected through the Windows UI.
Is there a command line option that I'm missing or is this a limitation of using the command line tool?
I'd really love to have a solution so I could create a script to re-encryption at regular intervals without losing the ability to have multiple people manage the group.
Thanks in advance for any help.