Error - secret key needed to decrypt message
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
Hello,
I've tried Google to search for the answer to my Error - secret key needed to decrypt message in Thunderbird and I've tried everything that I can to fix the problem. I had to set up a new Thunderbird (17.0.6) on Windows XP and I've downloaded and set up Enigmail 1.5.1 so that the OpenPGP is showing up in Thunderbird. The email address can send and receive messages, but when I try to decrypt a message I get the (Error - secret key needed to decrypt message) message. I installed Ggp4win and GnuPG was found in C:\Program Files\GNU\GnuPG\pub\gpg.exe.
I have an old setup of Thunderbird program (3.1.10) on an old laptop running Enigmail 1.1.2 and I have the exact same setup from this version in my new Thunderbird (17.0.6) with the same signed key and the old version works fine, but I want to use the new version. The only difference I see between the two versions is in the Key Properties where it says in the Type section in the old version is (key pair) and in the new version it's (public key). All the other settings are the same.
Thanks
Hi,
this difference is the reason why you see the message "secret key needed to decrypt". Your new computer has only the public part of your key.
You need to transfer also the secret key to your new computer. On the old computer within Thunderbird go to OpenPGP->Key Management. Select your key pair (should be in bold letters). Right click, then a popup asks you what to export. Please select "Export secret keys" button, select a folder to export. Maybe the texts and dialog boxes look a little different, because it has an old version of Enigmail.
Then transfer the file to your new computer. On the new computer within Thunderbird go to OpenPGP -> Key management. Open "File -> Import keys from File", select the file and click ok. This should do the job!
Ludwig,
Thank you as this was the solution! I appreciate it!
You're welcome, glad that it worked out!
OH!! I have the same problems whit my friends!
We have already installed thunderbird and Enigmail and GgnuPG 1.4.13 on windows (i have xp my friends Seven).
My friends have send to me only your public keys..... but not the SECRET Keys.... and it's not possible to send email only use the Public Keys ???
If it's not possible it's useless to upload the public keys to a keyserver....... if it's needed the all two keys.
Help to understand how to work............. in the last version it's needed to obtain all two keys ?? the public and secret ??
OR it's possible to crypt an email only using the public keys ?? if it's possible how i can configure enigmamail or pgp to obtain this ?
In order to ENcrypt messages, you'll need your friends public keys and your secret key.
In order to DEcrypt messages you''ll need your secret key.
Thus, it's sufficient to have only the public keys.
PS. If you want to be able to decrypt something you encrypted, you'll have to treat yourself like a friend: you have to encrypt the message to yourself like to anyone else.
Wait... i can't understand :)
Me and my friends have two different pub+sec keys.... in this case:
- I ENcrypt my mail with my keys... my friends to DEctypt this same mail need all two my keys or not ?
- At this point when my friends try to response this mail ENcrypt the response whit your pub+sec keys and i, when i receive the response i need only the pub keys of my friends to DEcrypt ?
I thinks it's no working in this mode..... in this case i thinks we need all two pub+secret keys to obtain this example.
For using a single keys (pub+sec):
- I send a mail to my friends ENcrypy whit my keys
- My friends have my public keys and can be DEcrypt this mail
- For response to this mail my friends can be use my Public mail to ENcrypt the response
- When i receive the response i don't need nothing to DEcrypt the response...
IT's correct ?
Otherwise i have found a possibly bug in EnigmMail 1.5.1...... when i obtain a crypter mail and choose to write a response i need to activate the ENcrypt or the response it's been seed clearly (whitout crypted...) it's normal ?
Exist a option to set to obtain this ?
I have re-read your example... whit this mode this not working... example whit A and B like me and my friends:
1) A send crypter mail to B using A keys (and a keys contain a public+secret keys right)
2) A send to B only your public keys
3) B add the A "public keys".. and try to open the A mail
At this point when B Try to open the mail from A obtain the error "... need secret key ..."
I and my friends i already try this solution and it's not working..... we have exchange only the public keys (i obtain your and i have send my) but when i receive a mail crypter from my friend using your keys i can DEcrypt and i obtain "... need secret key ..." error.
I have found a workaround 4 now because i have send to my friend my public+secret keys and we have send to me the same your... now it's all working, but only whit the public keys it's no possible to DEcrypt a mail.. we have already tryed.
You must not exchange secret keys! That's the whole point in using public key cryptography. You only exchange the public keys. The public key is used to EN__crypt, and the secret key is used to __DE__crypt. So, you only need (and should) to exchange your __Public keys.