On Wed, 6 Jan 2021 14:14, Dino Edwards said: > Something changed in the code and it now prompts me for the key > password before it proceeds. I see the value in this, however this is
Yes, since version 2.1. The reasons is that the internal store for the private key uses a more modern way of protecting the key. Thus when exporting in the OpenPGP format we need to re-encrypt and thus need to ask for the passphrase. As usual since 2.1 you need to pass --pinentry-mode=loopback and for example --passphrase-fd N so that the gpg-agent (which does the re-encryption) does not pop up a pinentry but asks back. If you do not need to convey the private key in OpenPGP format you can actually do easier: Run gpg as in this example $ gpg --with-colons --with-keygrip -K USERID_OR_FPR sec:-:4096:1:CD21A80AC8C52565:1505892159:::q:::scESC:::+:::23::0: fpr:::::::::B2CCB68383325D61BAC50F9FCD21A80AC8C52565: grp:::::::::AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345: uid:-::::1505892159::AE446DD05E9FF3A53C106836A52904256819CBC3::rs[...] ssb:-:4096:1:9883B66CDCF2F7EA:1505892215::::::e:::+:::23: fpr:::::::::BE280C5D679B2219748052909883B66CDCF2F7EA: grp:::::::::C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2: and grep for the the grp lines (keygrips); for example: $ [...] | awk -F: '$1=="grp" {print $10}' AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345 C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2 Then copy the files ~/.gnupg/private-key-v1.d/AEFF9F945E3F569062FAF62D21F1ADFF4D9A0345.key ~/.gnupg/private-key-v1.d/C1B641A6DD92DECA9E1E4FF92AA8B8F1F90BCAE2.key to the target machine. They are encrypted but better use a secure channel. You also need to copy the public keys the usual way. Using this method you may also selectively share a subkey. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users