old vs new gnupg - encrypting files

Chris Clifton juice.qr at gmail.com
Wed Jul 25 16:37:54 CEST 2012 

Hi,

I have a problem with encrypting some text files with gpg,
We recently upgraded our old encrypt/decrypt server (old 32 bit rhel4 box)
to a new amazon linux 64 bit server on aws.

I moved the gpg keyring to the new server and can encrypt files just fine
with the keys on the public keyring, no problems. We have one public key
however that the end user (that we send the encrypted files to) is saying
they can't decrypt when we encrypt with their key on the new server.

I've tried encrypting the same file (md5sum matches) on the old server and
new server, and the encrypted file size differs by 1 or 2 bytes on the new
server. As expected, the md5sums of the encrypted file on old and new
server also don't match.

I thought the problem might have something to do with how the new server
doesn't have ELG-E in its cipher list, only ELG, but another person has
since told  me that shouldn't matter.


key details on new server,
########################
pub  1024D/96765440  created: 1998-10-06  expires: never       usage: SCA
                     trust: ultimate      validity: ultimate
sub  2048g/0840DAA8  created: 1998-10-06  expires: never       usage: E
[ultimate] (1). XYZ Corp (XYZ)


gpg> showpref
[ultimate] (1). XYZ Corp (XYZ)
     Cipher: CAST5, 3DES, [1]
     Digest: SHA1
     Compression: ZIP, Uncompressed
########################

key details on old server,
########################
pub  1024D/96765440  created: 1998-10-06 expires: never      trust: u/u
sub  2048g/0840DAA8  created: 1998-10-06 expires: never
(1). XYZ Corp (XYZ)

Command> showpref
pub  1024D/96765440  created: 1998-10-06 expires: never      trust: u/u
(1). XYZ Corp (XYZ)
     Cipher: CAST5, 3DES, [1]
     Digest: SHA1
     Compression: ZIP, Uncompressed
#######################





########################
Old server gpg --version:

-bash-3.00$ gpg --version
gpg (GnuPG) 1.2.6
Copyright (C) 2004 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256
Compression: Uncompressed, ZIP, ZLIB, BZIP2

########################
New server gpg --version:

-bash-4.1$ gpg --version
gpg (GnuPG) 2.0.18
libgcrypt 1.4.5
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html
>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
        CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


Thanks,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120725/63ebe78b/attachment-0001.htm>

More information about the Gnupg-users mailing list