1. Forum
  2. Usenet
  3. LINUX.GENTOO.USER

  • [gentoo-user] GPG problem

    From [email protected]@21:1/5 to All on Sun Jul 10 11:00:01 2022
    Hello!
    Some time ago I have made a backup of my secret key and all the
    subkeys, and then deleted by-hand the master secret key by

    rm ~/.gnupg/private-keys-v1.d/[keygrip].key

    The subkeys were moved to a yubikey. Everything was great. Now I wanted
    to import my master key for a moment... and here we have a problem.
    Right now what happens, after running

    gpg --import secret_key.asc

    is:

    1) gpg complains:

    gpg: key D444252908A80B6D: "sxrmn" not changed
    gpg: key D444252908A80B6D/D444252908A80B6D: error sending to
    agent: Invalid argument
    gpg: key D444252908A80B6D: secret key imported
    gpg: Total number processed: 1
    gpg: unchanged: 1
    gpg: secret keys read: 1
    gpg: secret keys unchanged: 1

    2) gpg -K is aware of the master secret key, though it says it's not
    there:

    sec# ed25519 2022-07-06 [SC]
    902404424B39514B6126A2F2D444252908A80B6D
    uid [ absolutne ] sxrmn
    cv25519 2022-07-06 [E]
    ed25519 2022-07-06 [S]

    3) seret subkeys get imported (now they are back on yubikey, but they
    got imported OK)

    For reference, the exactly same file on FreeBSD gets imported with no
    errors at all. "diff" tells, that key exported from FreeBSD is no
    different from the one I try to import to Gentoo. Therefore I guess
    it's more a local GPG version problem than problem with the key.
    Strangely though I am trying to import the key generated on Gentoo, so
    it seems GPG can't import it's own child.

    There are however some version differences between FreeBSD and Gentoo.

    FreeBSD:
    $ gpg --version
    gpg (gnuPG) 2.3.3
    libgcrypt 1.9.4
    Copyright (c) 2021 Free Software Foundation, Inc.
    ....

    Gentoo:
    $ gpg --version
    gpg (GnuPG) 2.2.35
    libgcrypt 1.9.4-unknown
    Copyright (C) 2022 g10 Code GmbH
    ...

    So... any ideas why this happens and what can I do about it?

    --
    xWK

    -----BEGIN PGP SIGNATURE-----

    iHUEAREIAB0WIQQDlhT0eXq9QZcYNDCwxtjiG5GR4gUCYsqUMgAKCRCwxtjiG5GR 4n2aAPkB5H0d8HTrv6HyfD680af1DF4+SYOHyP8736hhp51iLwD9HZLkdgi1COx9 y2v9BC/Qte0JZJBu+WqMukrPMBkkQio=
    =Pcjt
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From [email protected]@21:1/5 to [email protected] on Sun Jul 10 18:10:01 2022
    On 7/10/22 02:56, [email protected] wrote:
    Hello!
    Some time ago I have made a backup of my secret key and all the
    subkeys, and then deleted by-hand the master secret key by

    rm ~/.gnupg/private-keys-v1.d/[keygrip].key

    The subkeys were moved to a yubikey. Everything was great. Now I wanted
    to import my master key for a moment... and here we have a problem.
    Right now what happens, after running

    gpg --import secret_key.asc

    is:

    1) gpg complains:

    gpg: key D444252908A80B6D: "sxrmn" not changed
    gpg: key D444252908A80B6D/D444252908A80B6D: error sending to
    agent: Invalid argument
    gpg: key D444252908A80B6D: secret key imported
    gpg: Total number processed: 1
    gpg: unchanged: 1
    gpg: secret keys read: 1
    gpg: secret keys unchanged: 1

    2) gpg -K is aware of the master secret key, though it says it's not
    there:

    sec# ed25519 2022-07-06 [SC]
    902404424B39514B6126A2F2D444252908A80B6D
    uid [ absolutne ] sxrmn
    cv25519 2022-07-06 [E]
    ed25519 2022-07-06 [S]

    3) seret subkeys get imported (now they are back on yubikey, but they
    got imported OK)

    For reference, the exactly same file on FreeBSD gets imported with no
    errors at all. "diff" tells, that key exported from FreeBSD is no
    different from the one I try to import to Gentoo. Therefore I guess
    it's more a local GPG version problem than problem with the key.
    Strangely though I am trying to import the key generated on Gentoo, so
    it seems GPG can't import it's own child.

    There are however some version differences between FreeBSD and Gentoo.

    FreeBSD:
    $ gpg --version
    gpg (gnuPG) 2.3.3
    libgcrypt 1.9.4
    Copyright (c) 2021 Free Software Foundation, Inc.
    ....

    Gentoo:
    $ gpg --version
    gpg (GnuPG) 2.2.35
    libgcrypt 1.9.4-unknown
    Copyright (C) 2022 g10 Code GmbH
    ...

    So... any ideas why this happens and what can I do about it?


    Did you make/or have a backup of your .gpg directory?

    Run: gpg --list-secret-keys --with-keygrip
    Does it show Keygrip =

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Dr Rainer Woitok@21:1/5 to you on Sun Jul 10 18:10:01 2022
    xWK,

    On Sunday, 2022-07-10 10:56:18 +0200, you wrote:

    ...
    There are however some version differences between FreeBSD and Gentoo.

    FreeBSD:
    $ gpg --version
    gpg (gnuPG) 2.3.3
    libgcrypt 1.9.4
    Copyright (c) 2021 Free Software Foundation, Inc.
    ....

    Gentoo:
    $ gpg --version
    gpg (GnuPG) 2.2.35
    libgcrypt 1.9.4-unknown
    Copyright (C) 2022 g10 Code GmbH

    Gentoo provides non-stable version 2.3.6-r1. Maybe this could help?

    Sincerely,
    Rainer

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From [email protected]@21:1/5 to All on Sun Jul 10 19:40:01 2022
    Dnia 2022-07-10, o godz. 10:08:31
    [email protected] napisaƂ(a):


    Did you make/or have a backup of your .gpg directory?

    Run: gpg --list-secret-keys --with-keygrip
    Does it show Keygrip =

    No, I don't have the copy (my mistake!). It shows correct keygrip,
    which (obviously) doesn't exist as a *.key file in my private keys.

    --
    xWK

    -----BEGIN PGP SIGNATURE-----

    iHUEAREIAB0WIQQDlhT0eXq9QZcYNDCwxtjiG5GR4gUCYssOxwAKCRCwxtjiG5GR 4uUDAP95ZuNBvyniRDSvGI8RgQq9XyXpBfHZcOkiD/vEl4K0jgD/SCRCKOsjPaw5 vsBNvobQIOZ5Z2/cm2zlnEZ2cAqWr1s=
    =eVqt
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)