On Wed, 6 Jan 2021 14:14, Dino Edwards said: > Something changed in the code and it now prompts me for the key > password before it proceeds. I see the value in this, however this is
Yes, since version 2.1.
The reasons is that the internal store for the private key uses a more
modern way of protecting the key. Thus when exporting in the OpenPGP
format we need to re-encrypt and thus need to ask for the passphrase.
As usual since 2.1 you need to pass
--pinentry-mode=loopback
and for example
--passphrase-fd N
so that the gpg-agent (which does the re-encryption) does not pop up a
pinentry but asks back.
If you do not need to convey the private key in OpenPGP format you can
actually do easier: Run gpg as in this example
$ gpg --with-colons --with-keygrip -K USERID_OR_FPR
sec:-:4096:1:CD21A80AC8C52565:1505892159:::q:::scESC:::+:::23::0:
fpr:::::::::B2CCB68383325D61BAC50F9FCD21A80AC8C52565:
grp:::::::::AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345:
uid:-::::1505892159::AE446DD05E9FF3A53C106836A52904256819CBC3::rs[...]
ssb:-:4096:1:9883B66CDCF2F7EA:1505892215::::::e:::+:::23:
fpr:::::::::BE280C5D679B2219748052909883B66CDCF2F7EA:
grp:::::::::C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2:
and grep for the the grp lines (keygrips); for example:
$ [...] | awk -F: '$1=="grp" {print $10}'
AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345
C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2
Then copy the files
~/.gnupg/private-key-v1.d/AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345.key
~/.gnupg/private-key-v1.d/C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2.key
to the target machine. They are encrypted but better use a secure
channel. You also need to copy the public keys the usual way. Using
this method you may also selectively share a subkey.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
