Quantcast
Channel: Symantec Connect - Security - Discussions
Viewing all 203 articles
Browse latest View live

Unable to generate key

$
0
0
I need a solution

Why does this not work (name, e-mail, and passprhase changed to protect the "innocent")

pgp --gen-key “Company email@company.com” --key-type rsa --bits 2048 --passphrase “Jack and Ji11 went up the hi11 T0 fetch a pai1 0f water Jack fe11 d0wn and br0ke his cr0wn And Ji11 came tumb1ing after”

https://support.symantec.com/en_US/article.TECH176699.html seems to indicate this should work though it doens't talk about the --key-type or --bits option.  The command line was copied DIRECTLY from the evaluation guide.

0

PGP Command Line Licenses.

$
0
0
I need a solution

Hi,

I have existing PGP Command Line License (Licenses to 8 CPU) on the old Microsoft Windows 2008 Servers (8 CPUs Physical Server ) and just renew to 09-Nov-2017.

We are migrating to new vmware Microsoft Windows 2012 Enterprise Server (4 vCPUs),

Question:

1. Can we reuse the existing PGP Command Line License for the new Server?

2. What is the difference of the number of licenses and is there any limitation for less CPUs?

0

pgp:encrypt (3090:operation failed, file operation error)

$
0
0
I need a solution

Hi,

I unable to create pgp file from windows service or job. Below I mentioned more details and steps what I did in the service/job.

Machine-1(PC):
pgp --gen-key "MyPublicID" --key-type RSA --bits 2048 --passphrase "mypass$283@3" (public key is generated based, i can see in the "pgp --list-keys")
pgp --export "MyPublicID" (Now I got the MyPublicID.asc file)

Machine-2(PC):
pgp --import "E:\MyDir\MyPublicID.asc" (From windows serivce/job, I import the public key which I was created on the Machine-1)
pgp -er MyPublicID "E:\TextFile\*.txt" -o "E:\PgpFile\EncryptFile_2016-01-28.pgp" (After importing, I try to create encrypted pgp file using the public key which I imported)

Windows service/job received an error "encrypt (3064:key invalid) pgp:encrypt (3090:operation failed, file operation error)", not creating pgp file.

Note: If we execute above mentioned same command manually(not as windows service/job), we can able to create pgp file.

Please help us, how to resolve this issue and create .pgp file from windows service/job.

Thanks

0

RSA Keys, and how to use them to create a .asc file

$
0
0
I need a solution

I have been sent an rsa key (just text in an email) and I need to know how to import this key with PGP Command line.  Can anyone help? Normally, the vendor sends me a .asc file and I just run the import command but this vendor did not send it that way...  Just sent the text of the key in an email.  The vendor says the key was generated using “ssh-keygen -t rsa” command.   Any ideas? I'm relatively new to PGP and encryption.

The text is similar to this...

machine - vendor.ab.xxxxx.com

Public rsa Key –

ssh-rsa

AAAAB3NzaC1yc2EAAAADAQABAAABAQDnf3dhLoBYuGX8y2zGO8

VqbLnYcfnQFYBEsjVHicKHPdfHdIHNvaVlv9VUxVRhrBshrx8ey4CWDm

bmk9djpXz6gWT9WSUexD0K1vbFmb5+hynEfj01OU3s3NzaC1yc2EA

AAADAQABAAABAQDnf3dhLoBYuG6u+oRGs6EVASWsZPs4kD/7Uxh

4+7Y+SS8k3Yt7sz5SaY5sqfIRgAb8I/PXpu8C264t vendorftp@sftp-p01

ssh-rsa

AAAAB3NzaC1yc2EAAAADAQABAAABAQDnf3dhuG65jUEDXXAy2zGO8

VqbLnYcfnQFYBEsjVHicKHxpZNwUWAx3z/H0B8MbOZLjL8ey4OKCWDm

bmk9djpXz6gWT9WSUexD0K1vbFmb5+hynEfj01OU3seDxpB3NzaC1yc2EA

AAADAQABAAABAQDnf3dhLoBYuG6u+oRGs6EVASWf5NxMrsZPs4kD/7Uxh

4+7Y+SS8k3Yt7sz5SaY5sqfIRgAoJINtZsfn0quNpu8C264t vendorftp@sftp-p02

Thanks in advance!

0

1080:no private key could be found for decryption

$
0
0
I need a solution

Hi,

I need to decrypt a file from a bank.   For past few weeks, all encryption / decruyption worked fine.  we stopped for 1 week,

then when bank sent me a test file Today, I got 1080:no private key could be found for decryption.

Could you help me if I cana find out where the problem is ? bank thought it's my mistake, I thought it's bank's.

below is the command

pgp --decrypt E:\XX\YY\OUT\ZZ_ToBeProcessed\ZZ_BAI_D160215133054020775.pgp --passphrase "MRSL" -o E:\XX\YY\OUT\ZZ_ToBeProcessed\ --home-dir "C:\Program Files\PGP Corporation\PGP Command Line"

thanks in advance,

gwang

0

3079:signing key invalid

$
0
0
I need a solution

I am geeting the following output when I try to decrypt a file from our client

C:\Users\client>pgp --decrypt "F:\test.pgp.pgp" --recipient "clientA" --passphrase "passclientA"
F:\test.pgp.pgp:decrypt (3177:message signed by key ID 0x6E228123)
F:\test.pgp.pgp:decrypt (3038:signing key 0x6E228123 Client A (IT) <it@clientA.com>)
F:\test.pgp.pgp:decrypt (3079:signing key invalid)
F:\test.pgp.pgp:decrypt (3040:signature created 2016-01-14T19:55:45+02:00)
F:\test.pgp.pgp:decrypt (3170:signature hash SHA-1)
F:\test.pgp.pgp:decrypt (3035:good signature)
F:\test.pgp.pgp:decrypt (3083:could not create output file test.gpg)

What could be the reason for the above error?

0

Are you sure you want to use this public key (y/N)?Ok,

$
0
0
I need a solution

I am using an old AIX server to do PGP encryption.  I have received the key and added it:

Type bits      keyID      Date       User ID
RSA  2048/2048 0xB1FDB5B9 2015/04/08 Feeds Gateway QA <FSTeam@searshc.com>

When I try to use the key to do encryption through a script I get "Are you sure you want to use this public key (y/N)?Ok, skipping userid Feeds Gateway QA <FSTeam@searshc.com>
Encryption error"

Here is my command line:

$HOME/.pgp/pgp -e +force +batchmode +compatible=on +verbose=2 "CLSINSSO.20100202.13020202.xml""FSTeam"

It looks like PGP is asking for approval to continue but I am running in batch, so I cannot reply "yes".  When I run interactively and I answer "yes" the process runs fine.  How do I stop PGP from asking this question?  I thought the +force command would force the answer "yes" to any questions.

I have tried to sign the key and it always comes back with a Key signature error:

risuser(Magneto):/homeappl/risuser/.pgp> pgp -ks "Feeds Gateway QA <FSTeam@searshc.com>"
Pretty Good Privacy(tm) Version 6.5.2
(c) 1999 Network Associates Inc.
Uses the BSafe(tm) Toolkit, which is copyright RSA Data Security, Inc.
Export of this software may be restricted by the U.S. government.

Key signature error.

0

PGP Command Line - encrypt via program call

$
0
0
I need a solution

I'm trying to take input from a web page and encrypt the info on the fly, store it in a file.

At no point can a file contain 'clear text'; we need to encrypt the data before it is written to a file.

Can PGP Command Line (or other Symantec tool) perform this?  and if so, How?

0

Encryption failing due to 3090:operation failed, write failed

$
0
0
I need a solution

Hi,

We have a deployed PGP Command Line 10.3.2 build 12316 in production and we are seeing the following error

3090:operation failed, write failed

With one specific setup when is generally working  as expected. The operation is encryption only operation and the file size is 200-300 MBytes.

Please advice on the cause for this error.

Thanks,

0

PGP encrypt: Invalid Key

$
0
0
I need a solution

We have recently installed pgp command line and imported a key provided to us by our vendor. This key we have previously used in PGP Desktop Encrypt to encrypt our files before we send to our vendor. We now want to use PGP command line to automate our encryption process but when we tried to encypt using the same key, we received this error:

(3064:key invalid)

Though a *.pgp file was created in the same folder where the original file is located.

I tried to sign the key but i received the (3049:key unsuitable for signing)

Please help

Thanks

Nathalee

0

Successful encryption Return Code

$
0
0
I need a solution

Hi All,

Can anyone help to inform me how I can check if the encrytion is successful using PGP command line.

We are trying to do a batch job to automatically generate a file and encrypt it and send to vendor. I need to be able to check if the encryption was successful and only then I should send the file to vendor.

Any help on this is greatly appreciated!

Nathalee

0

pgp:decrypt (2713:no license has been entered)

$
0
0
I need a solution

I need to decrypt file using command line

Executing the following command

C:\Program Files\PGP Corporation\PGP Command Line>pgp --decrypt C:\Users\B\Desktop\a.pgp --passphrase "**********"
pgp:decrypt (2713:no license has been entered)

OS Windows 10

What need to do

Also  checked pgp --version --verbose

C:\Program Files\PGP Corporation\PGP Command Line>pgp --version --verbose
PGP Command Line 10.3.2 build 12343
Copyright (C) 2014 Symantec Corporation. All rights reserved.
All rights reserved.
Use of this product is subject to license terms.
This Symantec product may contain open source and other third party materials
that are subject to a separate license. Please see the applicable Third Party
Notice at http://www.symantec.com/about/profile/policies/eulas/.

License information:
 State: Not licensed

Passphrase cache information:
 Cache new passphrases: Disabled
 Currently cached passphrases: 0

System information:
 Operating system: Win32
 Number of CPUs: 2

Time information:
 Time zone offset: 5:30
 Current time (UTC): 2016-04-25T11:21:22Z
 Current local time: 2016-04-25T16:51:22+05:30

File information:
 Home Directory: C:\PGP\
 Personal Directory: C:\PGP\
 Public Keyring: C:\PGP\pubring.pkr
 Private Keyring: C:\PGP\secring.skr
 Random Seed: C:\PGP\randseed.rnd

PGPsdk information:
 Runtime version: 4.2.1 release
 FIPS mode: Disabled

Public key algorithms:
 [EDSVG] RSA (PGP) - RSA
 [ED--G] Elgamal - Elgamal
 [--SVG] Digital Signature Standard - DSA
 [--SVG] Elliptic Curve Digital Signature Algorithm - ECDSA
 [ED--G] Elliptic Curve Shared Value Derivation - ECSVD

Symmetric ciphers:
 IDEA
 3DES
 CAST5
 Twofish
 AES128
 AES192
 AES256
 Blowfish

Hashes:
 MD5
 SHA
 RIPEMD160
 SHA256
 SHA384
 SHA512

Compression:
 None
 ZIP
 ZLIB
 BZIP2

0

Making a new pgp key for an expiring key

$
0
0
I need a solution

Forgive me, but I am fairly inexperienced with PGP.  I successfully created a key pair and have been using it for nearly 3 years.  But I have run into an issue. I extended the expiration date about a year ago, but now our partner wants us to create a new one with a 2 yr expiration date.

So, I have a couple of questions regarding creating a new key before the current one expires.  We send multiple files to a bank many times a day.  When I installed PGP, I created the initial key pair, then extended the expiration date.  Now, it is set to expire in few weeks, and they do not want me to extend the expiration date any more.  I want to keep using the old key while creating a new one for use once the bank gets it loaded.  The bank said it could take a few days and we don't want to interrupt our transmissions.  

So, is it as simple as just doing a command --gen-key with a different user and passphrase than my initial key pair 2 years ago?  Keep in mind, again, I don't want to interfere with our current keys.  I would continue to send the bank files with our old key until they get it loaded.  Then a couple days before expiring, I would start using the new key.

Then, once the expiration date passes and the bank has loaded our other key, would I do a --remove-key-pair command to remove my initial key pair leaving only our new one?

Thank you in advance.

Maddux

1440524050

PGP Command Line home directory

$
0
0
I need a solution

Can I change the home directory multiple times?

1443629917

Syntax for pgp --encrypt --sign

$
0
0
I need a solution

Hi,

We use pgp command line v10.0.

The bank we deal with would need to validate signature when receiving our encryted file (e.g. test1.txt.pgp).

The file is rejected with message "Reason Description: The file was received without signature."

how do I to add signature when performing pgp --encrypt ?  (if you have samples)

the command I used:

pgp --encrypt "E:\temp\test1.txt" --recipient "Wells Fargo - PGP"  --home-dir "C:\Program Files\PGP Corporation\PGP Command Line"

please help,

thanks,

-Gene

1444319026

Changing default path for Keyrings

$
0
0
I need a solution

I moved PGP Command Line to a new server, 2008 to 2012, also moved the keyrings to the PGP directory under Program Files. The software is looking to the My Documents folder instead of the installation folder so I need to change the path in PGP to look to the install folder instead of the My Documents folder.

0

3049:key unsuitable for signing

$
0
0
I need a solution

Hi,

Originally I have a key pair with a public key from bank which is signed.

bank needs to renewed public key every x years.

what I did:

1) I removed old public key

2) import new public key

3) sign this new public key

4) tried to pgp encrypt, BUT getting this error "3049:key unsuitable for signing"

please HELP, need to make it work in 2 days.

thanks!!!!!

0

Missing Partition Table - Need to recover.

$
0
0
I need a solution

An old machine running 10.1 on a partitioned (C and D) drive died - it gets to the bootguard and I can enter the passphrase but then it wants to run the OS system recovery. 

We've all already upgraded to 10.3.2 on every other machine in the lab.

When we mount the bad drive externally the drive mounts, as RAW, and PGP Desktop (10.3.2) doesn't recognize it. Is this because of a version mismatch? Or are my suspicions that it’s a missing partition table most likely true? 

Is there a PGP Tool to just repair the partition table? 

If I wanted to try and decrypt the bad drive I assume I'd want to use the latest 10.1 ISO. Correct?

What would you suggest be the best way to recover the data?  

0

PGP Command Line Syntax (adding user)

$
0
0
I need a solution

As a continuation of this thread (https://www-secure.symantec.com/connect/pt-br/foru...), I am having trouble with the command line syntax.

I am running this command:

./pgpwde --add-user --disk 0 --username test --passphrase testpass --admin-passphrase theadminpassphrase

However, it errors saying bad passphrase (I've verified that the admin passphrase is correct).

Am I using this command correctly?

Thanks.

0
1453502061

failures in Sign verification.

$
0
0
I need a solution

Hi,

One of our partner sends us the PGP signed files. it has shared its public key with us and we have added it in out public keyrings. the key can be seen by "pgp --list-keys"commnad in the keyring. 

however when I see the details of the key using "pgp --list-key-details <keyID>", I suspect below is not correct with the key details:

 Type: RSA (v4) public key
       Size: 2048
   Validity: Invalid
      Trust: Never
    Created: 2015-12-03
    Expires: 2022-08-02
     Status: Active
     Cipher: CAST5 (Absent)
       Hash: SHA-1 (Absent)
   Compress: Zip (Absent)

      Photo: No
  Revocable: No
      Token: No
  Keyserver: Absent
    Default: No
    Wrapper: No
 Prop Flags: Absent
 Ksrv Flags: Absent
 Feat Flags: Absent
  Notations: None
      Usage: Sign user IDs
      Usage: Sign messages
      Usage: Encrypt communications
      Usage: Encrypt storage
      Usage: PGP NetShare
      Usage: PGP WDE
      Usage: PGP ZIP
      Usage: PGP Messaging

  Subkey ID: None

        ADK: None

    Revoker: None

when I verify the messages sent by the partner signed with this key, I get below error log:

[rt6000946:/apps/bfg/shared/pgp]> ./pgp --verify /tmp/RJCT_993642151c5036949node1

/tmp/RJCT_993642151c5036949node1:verify (3042:suggested output file name ********)

/tmp/RJCT_993642151c5036949node1:verify (3177:message signed by key ID *********)

/tmp/RJCT_993642151c5036949node1:verify (3038:signing key *************)

/tmp/RJCT_993642151c5036949node1:verify (3079:signing key invalid)

/tmp/RJCT_993642151c5036949node1:verify (3040:signature created 2015-12-21T14:48:53+00:00)

/tmp/RJCT_993642151c5036949node1:verify (3170:signature hash SHA-256)

/tmp/RJCT_993642151c5036949node1:verify (3036:bad signature)

/tmp/RJCT_993642151c5036949node1:verify (0:verify complete)

However the sender claims that he can verify these files usign PGP Studio software at his end. I have hidden the key information from the above logs deliberately, however it matches with the key which partner has provided us and is present in our PGP public keyrings.

Could you please suggest, what could be wrong in this case.

Can it be due to preffered cipher and hash setting missing from the client's private key?

0
Viewing all 203 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>