Discussion:
PGP disk user error, <Unknown user>
(too old to reply)
][zero
2008-12-22 14:26:15 UTC
Permalink
Hello! I have a trouble with my PGP disk (*.pgd)....
Yesterday I try to open my disk after I had reinstalled Windows Vista
on my notebook. But its seems to be trouble..
The absolutley true and created by me passphrase doesnt accepted
now....
The PGP I use is PGP_Professional_Desktop_9.8.1. Disk was created by
this version too!
After reinstallation of my OS the PGP say that I'm not an
administrator of that disk....
The only user avaliable for this pgd-disk is <Unknown User> =>
"Unknown key: Unable to locate key or keyring."


You also must to know, that I saved all files in C:\Users\admin
\Documents\PGP\ before reinstalling the system and put them back
after reinstalling WinVista!!! Files have such extensions: *.pkr and
*.skr

When I trying to add a user to the list for that disk or change the
passphrase, program tell such a message: "The passpharase you entered
is not a valid passphrase for this PGP Disk. (Note that there were one
or more users with public keys that could not be cheked, possibly
because these private keys are not on the default keyring or the token
has not been inserted.) Please try again."

Yet another message: "The admin user's private key is not present on
this machine. You will not be able to perform any operations that
require the administrator password."

Anoter one: "You can only change the passphrase of this user using the
Keys module."


Does anybody know what the trouble with this disk? Please help me to
recover my 40Gb and 12Gb PGP-disks!!
Thanks!!
][zero
2008-12-22 14:47:35 UTC
Permalink
For you knowledge: Mechanism: AES (256bit)
Neil - Salem, MA USA
2008-12-22 15:07:20 UTC
Permalink
Post by ][zero
Hello! I have a trouble with my PGP disk (*.pgd)....
[...snip...]
When I trying to add a user to the list for that disk or change the
passphrase, program tell such a message: "The passpharase you entered
is not a valid passphrase for this PGP Disk. (Note that there were one
or more users with public keys that could not be cheked, possibly
because these private keys are not on the default keyring or the token
has not been inserted.) Please try again."
Yet another message: "The admin user's private key is not present on
this machine. You will not be able to perform any operations that
require the administrator password."
[...snip...]
Does anybody know what the trouble with this disk?
[...snip...]
It surely sounds like a private key problem.

If you feel certain that you have indeed properly migrated your keyrings
from you previous installation to the current one, try this: Verify that
your key has Implicit Trust. Open up PGP Desktop, find your key and
double-click on it to view its properties. Find the setting called Trust
and set it to "Implicit".

When keyrings are imported to a new PGP installation, this setting of
"Implicit" Trust for one's private keys is initially downgraded to "None"
(probably as a security measure).

Neil - Salem, MA USA
][zero
2008-12-22 16:10:46 UTC
Permalink
Post by Neil - Salem, MA USA
When keyrings are imported to a new PGP installation, this setting of
"Implicit" Trust for one's private keys is initially downgraded to "None"
(probably as a security measure).
Thanks a lot, Mr. Neil! You are absolutley write!
And I had already do it myself first!! =)
And now reading your answer I understand that problem.


Do you know why program edit my backup keys in other folder when I
delit keys from files in native directory C:\Users\admin\Documents
\PGP?
Can I recover edited files in my backup folder?

My 40Gb, 12Gb and 3Gb disk a mountable now!! But another disk the key
for wich I deleted have an unknown user yet, and cannot be
decrypted....
Do you know how can I restore deleted key or edited files in my backup
directory?
Neil - Salem, MA USA
2008-12-22 17:30:57 UTC
Permalink
Post by ][zero
Post by Neil - Salem, MA USA
When keyrings are imported to a new PGP installation, this setting of
"Implicit" Trust for one's private keys is initially downgraded to "None"
(probably as a security measure).
Thanks a lot, Mr. Neil! You are absolutley write!
And I had already do it myself first!! =)
And now reading your answer I understand that problem.
Do you know why program edit my backup keys in other folder when I
delit keys from files in native directory C:\Users\admin\Documents
\PGP?
Can I recover edited files in my backup folder?
My 40Gb, 12Gb and 3Gb disk a mountable now!! But another disk the key
for wich I deleted have an unknown user yet, and cannot be
decrypted....
Do you know how can I restore deleted key or edited files in my backup
directory?
Come to think of it, I don't think I've ever used the backups of my PGP
keyrings. (My backup keyrings are automatically saved to the same folder as
my primary keyrings. The backups are automatically called pubring-bak.pkr
and secring-bak.skr.)

However, I guess, if I were to try to use my backups, I'd probably do the
following. Note, my example assumes the names of backup keyrings are
pubring-bak.pkr and secring-bak.skr. You may have backup keyrings that you
created manually that have other names.

1) Disable "Backup keys upon exiting PGP Desktop", then close PGP Desktop
2) Rename pubring.pkr to pubring.pkr.2
3) Rename pubring-bak.pkr (or whatever your backup keyring filename is) to
pubring.pkr
4) Rename secring.skr to secring.skr.2
5) Rename secring-bak.skr (or whatever your backup keyring filename is) to
secring.skr
6) Open PGP Desktop

If I find a key on a backup keyring that does not exist on the original
keyring, I'd probably export it (including the private key) and then later
import it into my original keyrings.

After exploring the backup keyrings, I'd reverse the procedure above and
restore the original keyrings, making sure that I disable "Backup keys upon
exiting PGP Desktop" before beginning the restoration.

The way my PGP installation is configured, my keyrings are backed up every
time I exit PGP. So, if I accidentally deleted a key and then exited PGP, I
believe that my automatically generated backup keyrings would also have the
key deleted. It makes me wonder about the usefulness of this automatic
backup feature.

Instead, it's probably a good idea to manually backup your keyrings
periodically, giving them unique names (perhaps choosing names that indicate
the date you made them).

All of what I'm suggesting is pure "guessing", since, as I said, I've never
had occassion to use a pair of backup keyrings. Other readers may have much
simpler ways of doing things, so they should please feel free to add their
thoughts.

Neil - Salem, MA USA
Neil - Salem, MA USA
2008-12-22 20:36:40 UTC
Permalink
Post by Neil - Salem, MA USA
Post by ][zero
Post by Neil - Salem, MA USA
When keyrings are imported to a new PGP installation, this setting of
"Implicit" Trust for one's private keys is initially downgraded to "None"
(probably as a security measure).
Thanks a lot, Mr. Neil! You are absolutley write!
And I had already do it myself first!! =)
And now reading your answer I understand that problem.
Do you know why program edit my backup keys in other folder when I
delit keys from files in native directory C:\Users\admin\Documents
\PGP?
Can I recover edited files in my backup folder?
My 40Gb, 12Gb and 3Gb disk a mountable now!! But another disk the key
for wich I deleted have an unknown user yet, and cannot be
decrypted....
Do you know how can I restore deleted key or edited files in my backup
directory?
Come to think of it, I don't think I've ever used the backups of my PGP
keyrings. (My backup keyrings are automatically saved to the same folder
as my primary keyrings. The backups are automatically called
pubring-bak.pkr and secring-bak.skr.)
However, I guess, if I were to try to use my backups, I'd probably do the
following. Note, my example assumes the names of backup keyrings are
pubring-bak.pkr and secring-bak.skr. You may have backup keyrings that
you created manually that have other names.
1) Disable "Backup keys upon exiting PGP Desktop", then close PGP Desktop
2) Rename pubring.pkr to pubring.pkr.2
3) Rename pubring-bak.pkr (or whatever your backup keyring filename is) to
pubring.pkr
4) Rename secring.skr to secring.skr.2
5) Rename secring-bak.skr (or whatever your backup keyring filename is) to
secring.skr
6) Open PGP Desktop
If I find a key on a backup keyring that does not exist on the original
keyring, I'd probably export it (including the private key) and then later
import it into my original keyrings.
After exploring the backup keyrings, I'd reverse the procedure above and
restore the original keyrings, making sure that I disable "Backup keys
upon exiting PGP Desktop" before beginning the restoration.
The way my PGP installation is configured, my keyrings are backed up every
time I exit PGP. So, if I accidentally deleted a key and then exited PGP,
I believe that my automatically generated backup keyrings would also have
the key deleted. It makes me wonder about the usefulness of this
automatic backup feature.
Instead, it's probably a good idea to manually backup your keyrings
periodically, giving them unique names (perhaps choosing names that
indicate the date you made them).
All of what I'm suggesting is pure "guessing", since, as I said, I've
never had occassion to use a pair of backup keyrings. Other readers may
have much simpler ways of doing things, so they should please feel free to
add their thoughts.
Neil - Salem, MA USA
Silly me. I've discovered it is much easier to simply change the path of
the two keyrings (public and private) rather than doing all the file
renaming that I described above.

Simply open PGP Desktop, Click on Keys - Keyring Properties..., then browse
to your backup keyrings.

I thought it must be easier than I originally described!

Neil - Salem, MA USA
][zero
2008-12-25 07:52:50 UTC
Permalink
Thank you, Mr. Neil for your help!!

Loading...