Daniel, Thanks for taking the time. See below for the unexpected (to me at least) solution.
Good point about the public servers, but in this case neither of the two keys had been published. Also, fwiw this is on an Ubuntu 10.04 machine. As for "how does it fail", the command> prompt from --edit-key <key_name> kept returning "Invalid command (try "help")" for any input not in the form "uid <key_name or n>." Whether a "delsig" was appended to the command> or not, it returned to "command>" without affecting any signature. I was unable to input a multi-line command without the Invalid output. However, your response encouraged me to go back and hack at it some more. After another failure and return to "command> (try "help")", I actually tried "help" at the command prompt. Lo and behold, context sensitive help. At the end of help's 30-item list of possible commands was: "minimize compact unusable user IDs and remove all signatures from key." SOLUTION $ gpg --edit-key <key_name> Typing "minimize" at the "command>" prompt returned: "User ID "name <email>": 1 signature removed"; and returned me to "command>" where a "save" command saved changes, quit GPG and returned me to my shell prompt. The key's self-signature was intact and the unwanted personal key signature was gone. Regards, Max Burley On Tue, 2010-10-05 at 14:11 -0400, Daniel Kahn Gillmor wrote: > On 10/05/2010 12:21 PM, Max Burley wrote: > > I have two keys: > > - a personal key (used to sign this message); and > > - a business key. > > > > Inadvertently, I signed the business key with the personal key. Trying > > to remove that personal signature with delsig fails. > > how does it fail? > > to be clear, if this sig is already pushed to the keyservers you cannot > delete it effectively, and your best bet is to revoke it. > > > Bringing up the business key with "gpg --edit-key <key_name>" gives me > > the "command>" prompt, at which point entering "<UID (n)> delsig" runs > > without an error message, but the personal key signature is still > > attached to the business key when I run "gpg --list-sigs <key_name>". > > > > Am I missing something terribly obvious here? > > It's not terribly obvious, but i think what you want to do within the > gpg --edit-key prompt is a multi-line approach: > > uid <X> > delsig > > <then keep pressing "n" until you see the sig you want to delete -- > at that point, choose Y> > > <choose q if there are no more sigs you want to delete> > save > > and then you should be back at your shell's prompt. > > hth, > > --dkg >
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users