I recently changed my primary UID from dan...@pocock.com.au to dan...@pocock.pro
I've been able to sign from one machine but not from another. The second machine only has subkeys. On the second machine, I would always get "secret key not available" errors from git tag, signing packages, etc. In fact, the secret key was never changed, I just added more UIDs, so this error appeared inaccurate. Programs like "git tag" and dpkg-genchanges could be coerced to sign things on the second computer if I manually specified the numeric key ID on the command line. Adding "default-key" in ~/.gnupg/gpg.conf didn't help either - it always seems necessary to specify the key ID on every occasion. Looking at it again today, "gpg --list-secret-keys" shows me that two of my UIDs, including the new one, were not listed on the second computer. However, looking at it with "gpg --edit-key" the uids are listed in the public view but not the secret key view. It seems that running "adduid" doesn't fully update the list of uids for secret key usage. I came across this rather detailed blog from somebody else who had this problem: https://we.riseup.net/risuplabs+paow/missing-uid-in-secret-key and I couldn't help wondering, isn't it feasible to just copy the ~/.gnupg/secring.gpg from one computer to the other? I made a backup and tried doing so and it appears to solve the problem. The only gotcha I can think of is that if the second computer is only meant to contain subkeys, then the secret master key needs to be removed as described in https://wiki.debian.org/Subkeys Is copying the file like this a valid solution? Is there an easier way to deal with this situation? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
