On Freitag, 3. Januar 2020 13:53:00 CET Gabriele Pohl wrote: > After upgrading my PC to Fedora 30 [...] > a problem with decrypting came up. > > Encryption works: > > $ gpg --verbose --output test.txt.gpg --recipient [email protected] > --encrypt test.txt [...] > gpg: RSA/AES256 encrypted for: "4BB3049F19616A80 Gabriele Pohl > <[email protected]>" [...] > But decrypting fails: > > $ gpg --verbose --decrypt test.txt.gpg > gpg: public key is 4BB3049F19616A80 > gpg: using subkey 4BB3049F19616A80 instead of primary key 9C7646202CE0CBB2 > gpg: encrypted with 4096-bit RSA key, ID 4BB3049F19616A80, created > 2016-09-05 "Gabriele Pohl <[email protected]>" > gpg: decryption failed: No secret key > > The secret key is available: > > gpg> list > > sec rsa2048/9C7646202CE0CBB2 > created: 2012-09-05 expires: 2020-03-16 usage: SC > trust: ultimate validity: ultimate > ssb rsa2048/51E12CABCB4F0264 === > created: 2012-09-05 expired: 2016-09-04 usage: E > sub rsa4096/4BB3049F19616A80 === > created: 2016-09-05 expires: 2020-03-16 usage: E > [ultimate] (1). Gabriele Pohl <[email protected]>
The secret key of subkey 4BB3049F19616A80 is not available (it's listed as "sub", but not as "ssb"). Only the secret keys of the main key and the expired subkey are available. I suspect a gpg1 vs. gpg2 problem, i.e. the secret key of subkey 4BB3049F19616A80 is only available to gpg1 or gpg2, but not to both (they use different key storages). Fedora 30 probably used gpg2 when you run 'gpg' while the previous version used gpg1. Possible solution: * Make a backup (just to be sure). * Re-run the migration of the keys from the old storage format to the new one. I think all you have to do is to remove the file ~/.gnupg/.gpg-v21-migrated. Regards, Ingo _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
