Compatibility with older versions of PGP        

<< Click to Display Table of Contents >>

Navigation:  Robo-FTP User's Guide > Script Programming > Select Topics in Script Programming >

Compatibility with older versions of PGP        

 

The specification for PGP encryption upon which Robo-FTP is based, OpenPGP, has undergone many changes over the years. While the default settings Robo-FTP uses to generate keys and encrypt and sign files will work with the vast majority of other PGP software packages, you may encounter a situation where a recipient's PGP software is unable to decrypt a file encrypted with PGP. Likewise, you may encounter a situation where a recipient's PGP software is unable to verify a signature on a file signed by Robo-FTP.

 

It is not practical to document all the possible error messages you could see, as there are simply too many vendors and versions of software in use today. However, in many cases, the error message will indicate a problem with an unknown format for a key and/or file.

 

Here are a couple examples of the kinds of error messages you might see:

 

Bad Session Key

 

*No appropriate OpenPGP secret key for decryption found

*Key cannot be found in your keyring. [1280]

 

When you encounter a situation where a recipient is unable to decrypt and/or verify the signature on a file encrypted and/or signed by Robo-FTP, the first thing you should do is try encrypting the file again, adding the /compat to the PGPENCRYPT command. See the Help file entry for PGPENCRYPT for more details on this option.

 

If the recipient's PGP implementation is particularly old, using the /compat option with PGPENCRYPT may not be sufficient on its own, because some older versions of some PGP software packages do not support PGP subkeys. Therefore, you may also need to generate a new key pair using the "Old PGP key compatibility" option in the Configurator, which will allow you to create a key without subkeys. If you choose a key type of RSA then this key can be used for both encrypting and signing. If you choose a key type of DSA then this key can only be used for signing. Be sure to send your new public key to the recipient afterwards. See the Help file entry for Configure PGP: Create Key for more information.