I can view a session key to the encrypted data using option gpg --show-session-key <file>
.
Knowing the session key, how can i decrypt the data without using my private key?
Asked
Active
Viewed 3,803 times
4
Reputet
- 43
- 1
- 3
1 Answers
9
To encrypt a file for a recipient:
$ gpg -ea -r foo@example.com < file > file.gpg
To get the session key for an encrypted file when you have the private key of the recipient:
$ gpg --show-session-key < file.gpg
...
gpg: session key: `9:901D6ED579AFF935F9F157A5198BCE48B50AD87345DEADBA06F42C5D018C78CC'
...
To use this session key to decrypt the file, without needing the private key:
$ gpg --override-session-key 9:901D6ED579AFF935F9F157A5198BCE48B50AD87345DEADBA06F42C5D018C78CC -d < file.gpg
This information was obtained by simply having a look at the man page for gpg:
--show-session-key
Display the session key used for one message.
See --override-session-key for the counterpart of this option
...
--override-session-key string
Don't use the public key but the session key string.
Steffen Ullrich
- 184,332
- 29
- 363
- 424
-
Oh, yea. I saw this option, but i didn't read the description to the end because the word "override" confused me. I thought that i understood a meaning of this option just after reading it. Thank you! – Reputet Feb 20 '16 at 21:27