[Gpg4win-users-en] Private and Public Keys and their Extensions

L LSmok3 at riseup.net
Sat Jul 11 21:56:20 CEST 2015


Gpg encrypts with a public key and signs and decrypts with a private
key, the latter matching the former, correct? If Bob wants to send Jim
an encrypted message, he encrypts it using Jim's public key, signs it
with his own private key, and Jim alone is able to decrypt it using his
private key.

When I generate a key pair using the only commands available in GnuPG, I
get TWO files, both with extension .key. They are apparently named for
their fingerprints. I have no immediate way of distinguishing what these
two files are, are how this corresponds to public and private keys, if
at all (you suggest not, I think). I am thinking in files.
I know I generate an ascii key by exporting, but this does not select a
file but a key (by the email address specified when the key was created).
When I input gpg --list-secret-keys, I get nothing. Encrypting a file
with my own key and then attempting to decrypt it produces a "no secret
key" message.
All of this implies that the creation process is not creating a
private/secret key at all, only public ones that can be listed using
--list-public-keys (which works) or exported as ascii.
I need a way to identify the .key files created, link them to IDs, and
retain the pertinent binary matched to its corresponding ascii key,
including isolating my private key (which appears not to exist via this
creation method).
What on earth is going on?


On 7/10/2015 10:57 AM, Daniel Kahn Gillmor wrote:
> On Fri 2015-07-10 13:49:08 -0400, L wrote:
>> I'm afraid, having got to the point where I start to mess around with
>> key generation, that I have run into a mire.
>> The problem involves the concept of public/private/secret keys and their
>> identification.
> 
> when generating a key, the secret keys are generated first.  then the
> public keys are derived from the secret key material.
> 
> primary vs. subkey is entirely orthogonal to public vs. private -- the
> primary key is the asymmetric key associated with your identity.  it has
> a public part and a secret part.  a subkey is an additional asymmetric
> key that is bound to your primary key, but is used for other purposes.
> each subkey also has a public part and a secret part.
> 
> for example, your primary key might be used for signing documents and
> making identity assertions ("certifying other keys"), while your subkey
> might be used for people to encrypt messages to you.
> 
>> in Gpg as "pub" and "sub" respectively.
> 
> these are the public keys associated with the primary key ("pub") and
> any associated subkeys ("sub").  you can see them with "gpg --list-keys"
> 
>> Someone else referred to private keys resolving as "sec" and "ssb" but I
>> can find no mention of this in manuals nor any means to create them.
> 
> These are the secret keys, associated with the primary ("sec") and any
> associated subkeys ("ssb").  You can see them with "gpg
> --list-secret-keys"
> 
> hth,
> 
>         --dkg
> 



More information about the Gpg4win-users-en mailing list