Daniel Kahn Gillmor <d...@fifthhorseman.net> writes: > does this succeed with gpg2 --decrypt as well, or just gpg --decrypt?
Aha. Here's a problem: mithrandir:~/private/db$ gpg2 --decrypt personal gpg: error reading keyblock: Legacy key gpg: keydb_get_keyblock failed: Legacy key gpg: encrypted with RSA key, ID 7CE29A76E9769486 gpg: decryption failed: No secret key I have no idea what that means, and Google was not particularly enlightening. > do you see files listed when you look at the GnuPG 2.1 secret key storage: > ls -l ~/.gnupg/private-keys-v1.d/*.key Yes. > what about checking to see the date that GnuPG 2.1 did the keyring > migration: > ls -l ~/.gnupg/.gpg-v21-migrated > ? Looks like this afernoon just when this problem started. > Depending on the output of the above, maybe you can try importing your > secret keyring again: > gpg2 --import < ~/.gnupg/secring.gpg > (this should have been imported automatically for you upon your first > use of gpg 2.1 after the upgrade) I get a lot more "legacy key" errors, and this weird error that I don't understand: gpg: key D15D313882004173: no valid user IDs gpg: this may be caused by a missing self-signature gpg: keydb_get_keyblock failed: Legacy key gpg: key D15D313882004173: failed to re-lookup public key That key definitely has a self-signature. It's the same key I use for Debian. mithrandir:~/private/db$ gpg -kv D15D313882004173 pub 4096R/D15D313882004173 2009-05-29 [expires: 2017-09-17] uid [ultimate] Russ Allbery <ea...@eyrie.org> uid [ultimate] Russ Allbery <r...@stanford.edu> uid [ultimate] Russ Allbery <r...@debian.org> uid [ revoked] Russ Allbery <ea...@windlord.stanford.edu> uid [ultimate] Russ Allbery <r...@cs.stanford.edu> sub 4096R/7CE29A76E9769486 2009-05-29 [expires: 2017-09-17] sub 2048R/7D80315C5736DE75 2010-09-17 [expires: 2016-03-20] -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>