Silk Road forums

Discussion => Security => Topic started by: real pharmaceuticals on August 23, 2012, 01:19 pm

Title: GPG address unable to decrypt erro code 17
Post by: real pharmaceuticals on August 23, 2012, 01:19 pm
Hello ,

I am trying to decrypt a gpg message somone sent me but i keep getting error code 17 no secret key , i have refreshed the keyserver etc. Does any one know what i am doing wrong? Or have they not used my public key ? Thank you for taking the time to read this .

Kind regards
RP
Title: Re: GPG address unable to decrypt erro code 17
Post by: Wadozo on August 23, 2012, 01:36 pm
Hello ,

I am trying to decrypt a gpg message somone sent me but i keep getting error code 17 no secret key , i have refreshed the keyserver etc. Does any one know what i am doing wrong? Or have they not used my public key ? Thank you for taking the time to read this .

Kind regards
RP

Is the public key of the person your communicating with correct.? Could they have created a new one? One reason could be they forgot their passphrase, deleted their existing keys and created a new public and private key.  Have you for what ever reason created a new public key or have you always used the same one.? Could also be a corrupt file in the installed application. Un-installing, re-booting your system and then re-installing the software might solve the issue.
Title: Re: GPG address unable to decrypt erro code 17
Post by: pine on August 23, 2012, 05:36 pm
They can't have encrypted the message to your PGP public key. Tell them to resend it the message actually encrypted with your public key. It's a common mistake, but a recoverable one.

@Wadozo, it's not possible for the sender's PGP key to be the issue if the recipient is unable to decrypt a message, since the sender's PGP key was never involved in encrypting any data unless they mistakenly encrypted the message to their own public key. To PGP Club! Investigate the Russian Postal System analogy I posted in the thread to see why. It would be like locking a box and sending it to your friend with no key attached. Then your friend gets it and thinks: "WTF, I have no key for this!".

While we're here, why are you using keyservers? That is not really a good idea for us here. You shouldn't upload anything to a server from your GPG software unless it's torified (downloading non-SRian information is fine). It's a hypothetical, but it could be used as an exploit to deanonymize you. Better safe than sorry!