Re: gpg: signing failed: Bad secret key
On Mittwoch, 24. Januar 2024 22:05:53 CET Leo Coogan via Gnupg-users wrote:
> It looks like there's only that non-functioning signing subkey. Huh. Do
> I need to create a new signing subkey?
Copy the content of ~/.gnupg/private-keys-v1.d from your fedora machine to
your nixox machine (after making a backup) to restore the missing secret key.
Regards,
Ingo
> On 1/24/24 12:37, Werner Koch wrote:
> > On Tue, 23 Jan 2024 12:38, Leo Coogan said:
> >> sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
> >>
> >>C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
> >>Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB
> >
> > You don't have a signing key. Ther primary key has been taken offline
> > ('#') and can thus not be used for signing.
> >
> >> ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
> >>
> >>143454E3276F11C51D01B35363D14EA6FDB00D9F
> >>Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21
> >
> > The subkey is not capable of signing (by usage flags and algorithm).
> >
> > Did you had another signing subkey and that one expired?
> > Add
> >
> >--list-options show-unusable-subkeys
> >
> > to the listing command to check.
> >
> >
> > Salam-Shalom,
> >
> > Werner
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
Here's the command run on my fedora machine:
```
> gpg -K --list-options show-unusable-subkeys
/home/lcoogan/.gnupg/pubring.kbx
sec ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
uid [ultimate] Leo Coogan (Personal)
uid [ultimate] Leo Coogan (Personal GPG key)
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
```
and on my nixos machine:
```
> gpg -K --list-options show-unusable-subkeys
gpg: enabled compatibility flags:
gpg: using pgp trust model
/home/lcoogan/.gnupg/pubring.kbx
sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
uid [ultimate] Leo Coogan (Personal)
uid [ultimate] Leo Coogan (Personal GPG key)
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
```
It looks like there's only that non-functioning signing subkey. Huh. Do
I need to create a new signing subkey?
On 1/24/24 12:37, Werner Koch wrote:
On Tue, 23 Jan 2024 12:38, Leo Coogan said:
sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB
You don't have a signing key. Ther primary key has been taken offline
('#') and can thus not be used for signing.
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
143454E3276F11C51D01B35363D14EA6FDB00D9F
Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21
The subkey is not capable of signing (by usage flags and algorithm).
Did you had another signing subkey and that one expired?
Add
--list-options show-unusable-subkeys
to the listing command to check.
Salam-Shalom,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
On Tue, 23 Jan 2024 12:38, Leo Coogan said:
> sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
> C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
> Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB
You don't have a signing key. Ther primary key has been taken offline
('#') and can thus not be used for signing.
> ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
> 143454E3276F11C51D01B35363D14EA6FDB00D9F
> Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21
The subkey is not capable of signing (by usage flags and algorithm).
Did you had another signing subkey and that one expired?
Add
--list-options show-unusable-subkeys
to the listing command to check.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
This is Nixos.
I don't believe I have two binaries of gpg.
My Nixos config contains:
```nix
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
```
and the package pinentry-gnome is installed.
I did `which` gpg and gpg2, and gpg2 was a symlink to gpg. So I don't
believe I have another binary of gpg.
```
> gpg -K --with-subkey-fingerprint --with-keygrip \
--list-options show-pref-verbose \
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B 2>&1| wl-copy
gpg: enabled compatibility flags:
gpg: using pgp trust model
sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB
uid [ultimate] Leo Coogan (Personal)
Cipher: AES256, AES192, AES, 3DES
AEAD: OCB
Digest: SHA512, SHA384, SHA256, SHA224, SHA1
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, AEAD, Keyserver no-modify
uid [ultimate] Leo Coogan (Personal GPG key)
Cipher: AES256, AES192, AES, 3DES
AEAD: OCB
Digest: SHA512, SHA384, SHA256, SHA224, SHA1
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, AEAD, Keyserver no-modify
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
143454E3276F11C51D01B35363D14EA6FDB00D9F
Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21
```
On 1/22/24 02:48, Werner Koch wrote:
Hi!
[GNUPG:] KEY_CONSIDERED C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B 2
gpg: writing to stdout
[GNUPG:] BEGIN_SIGNING H10
gpg: signing failed: Bad secret key
Plase run
gpg -K --with-subkey-fingerprint --with-keygrip \
--list-options show-pref-verbose \
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
Is there a second gpg binary on your system?
Is that Debian?
Salam-Shalom,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: signing failed: Bad secret key
On Fri, 19 Jan 2024 14:19, Leo Coogan said: > When I run `git commit -m` on nixos, I receive this error: For debugging add "verbose" to ~/.gnupg/gpg.conf . This should give you more information what's up. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
