Can't check signature: public key not found
EncryptionCmdPgpGnupgEncryption Problem Overview
I try to decrypt file using following command:
gpg --output file.txt --decrypt file.pgp
File is decrypted successfully but i get an error:
> "gpg: Can't check signature: public key not found"
Any idea, why I get this error?
Encryption Solutions
Solution 1 - Encryption
You get that error because you don't have the public key of the person who signed the message.
gpg
should have given you a message containing the ID of the key that was used to sign it. Obtain the public key from the person who encrypted the file and import it into your keyring (gpg2 --import key.asc
); you should be able to verify the signature after that.
If the sender submitted its public key to a keyserver (for instance, <https://pgp.mit.edu/>;), then you may be able to import the key directly from the keyserver:
gpg2 --keyserver https://pgp.mit.edu/ --search-keys <sender_name_or_address>
Solution 2 - Encryption
You need the public key in your gpg key ring. To import the public key into your public keyring, place the public key block in a text file with a .gpg extension, and then issue the following command:
gpg --import <your-file>.gpg
The entity that encrypted the file should provide you with such a block. For example, ftp://ftp.gnu.org/gnu/gnu-keyring.gpg has the block for gnu.org.
For an even more in-depth explanation see Verifying files with GPG, without a .sig or .asc file?
Solution 3 - Encryption
There is a similar problem.it is a tomcat digital signature.
$ gpg --verify apache-tomcat-9.0.16-windows-x64.zip.asc apache-tomcat-9.0.16-windows-
x64.zip
gpg: Signature made 2019年02月 5日 0:32:50
gpg: using RSA key A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
gpg: Can't check signature: No public key
but then I use the RSA key it provided to receive the public key to verify.
$ gpg --receive-keys A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
gpg: key 10C01C5A2F6059E7: 38 signatures not checked due to missing keys
gpg: key 10C01C5A2F6059E7: public key "Mark E D Thomas <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
Then successfully.
$ gpg --verify apache-tomcat-9.0.16-windows-x64.zip.asc
gpg: assuming signed data in 'apache-tomcat-9.0.16-windows-x64.zip'
gpg: Signature made 2019年02月 5日 0:32:50
gpg: using RSA key A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
gpg: Good signature from "Mark E D Thomas <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: A9C5 DF4D 22E9 9998 D987 5A51 10C0 1C5A 2F60 59E7
Solution 4 - Encryption
I got the same message but my files are decrypted as expected. Please check in your destination path if you could see the output file file.
Solution 5 - Encryption
If you know that your signature is right, you can bypass gpg
and test it manually:
Here I used sha256sum
to validate my debian live ISO:
$% sha256sum debian-live-11.2.0-amd64-standard.iso | grep dd0dbffdb9c53ee8a35f869e95111a50e231a1800977dfd1604b64a0525709c9
dd0dbffdb9c53ee8a35f869e95111a50e231a1800977dfd1604b64a0525709c9 debian-live-11.2.0-amd64-standard.iso
Solution 6 - Encryption
If you are on Debian, just try :
sudo apt-get install debian-keyring debian-archive-keyring
sudo apt-key update
sudo apt-get update
Then, do your do :
gpg --output file.txt --decrypt file.pgp
Solution 7 - Encryption
I faced this while repo init, I had to update the path variable in my linux machine and that resolved it.
PATH=~/bin:$PATH