Decrypt with GPG, says I need a passphrase when I am inputting passphrase


I have 2 boxes, box A and B. Box A and B both use the same public/private key pair to encrypt and decrypt data. Everything works fine in box A, but in box B I can't decrypt the files i encrypt with the same key.

I export the key from A and import it to B, and when doing a simple encryption/decryption I get the following:

In A I am running pgp version:

PGP Command Line 9.0.6 build 59

and I encrypt/decrypt with the following:

pgp --recipient <KEY UID> --encrypt foo  
pgp --passphrase <PASSPHRASE> --decrypt foo.pgp

And the file encrypts/decrypts without failure.

Now in B running gpg version:

gpg (GnuPG) 2.0.22

and I encrypt/decrypt with the following:

gpg --recipient <KEY UID> --encrypt foo  
gpg --passphrase <PASSPHRASE> --decrypt foo.gpg 

But when encrypting I get the following output:

gpg: <SUBKEYID>: There is no assurance this key belongs to the named user

pub  1024R/<SUBKEYID> 2017-12-15 <KEY UID>
 Primary key fingerprint: <PKEY FINGERPRINT>
      Subkey fingerprint: <SKEY FINGERPRINT>

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y

And it encrypts successfully (imo) and then when decrypting with the exact same passphrase that works in A, I get the following error:

You need a passphrase to unlock the secret key for
user: "<KEY UID>"
1024-bit RSA key, ID <SUBKEYID>, created 2017-12-15. (main key ID <PUBID>)

gpg: cancelled by user
gpg: encrypted with 1024-bit RSA key, ID <SUBKEYID>, created 2017-12-15
      "<KEY UID>"
gpg: public key decryption failed: Operation cancelled
gpg: decryption failed: No secret key

Why could I be getting the error in B if it's the same key and passphrase that works in A? I've tried a lot of things online that haven't worked and I am new to this so really stuck. Thanks in advance.

Best Answer

You need to set the trust level of the key that you imported:

gpg --edit-key <KEY_ID>
gpg> trust

You will be asked to select the trust level from the following:

1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu

Select 5 since you trust yourself ultimately. It will ask you to confirm your decision:

Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y

After confirming, you should be able to encrypt using that key.

Related Question