On Wed 2019-04-10 17:28:54 +0200, Peter Lebbing wrote: > On 10/04/2019 17:24, Peter Lebbing wrote: >> gpg> delkey > > Sorry, my fatigued head was being silly. That's for deleting the public > part, not the secret part. I don't think I know the way to delete the > secret part when you just want to delete some subkey.
I agree with Peter that delkey doesn't do what you want it to do. I was trying to figure out how to do it through the user interface, and it's pretty clunky, with some scary failure modes. I've opened https://dev.gnupg.org/T4457 about it. I know that with the version of GnuPG that you're using right now, you can delete the secret key by learning its keygrip and asking gpg-agent to delete it for you. Start by getting a snapshot of how GnuPG sees the key: gpg --with-keygrip --list-secret-keys "$YOUR_FINGERRINT" Then take the keygrip of the subkey you care about as $KEYGRIP and do: gpg-connect-agent "delete_key $KEYGRIP" /bye (note that gpg-agent might prompt you about deletion when you do this) Now you can verify that this worked by running the snapshot again and comparing it with the earlier run: gpg --with-keygrip --list-secret-keys "$YOUR_FINGERPRINT" The difference should be that you should see a "#" appear after the "ssb" line that talks about the associated subkey. the "#" means "no secret key available." hth, --dkg
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
