On 27/01/17 03:25, Reid Vail wrote: > rsv2@rsv2-Serval-Pro ~ $ gpg --with-fingerprint rsv869@runbox.com_public.asc > pub 2048R/26F66FEB 2016-11-09 Reid Vail <rsv...@runbox.com> > Key fingerprint = 3A74 A1DB 2C79 6657 D14B A6B8 3EDE 6A32 26F6 6FEB > sub 2048R/14C2E935 2016-11-09 > pub 2048R/A780EFF6 2017-01-17 Reid Vail (runbox) <rsv...@runbox.com> > Key fingerprint = 1F35 6DC3 3182 016A 8E59 E509 9A72 F153 A780 EFF6 > sub 2048R/1ED8FE07 2017-01-17
This merely shows the content of a file on your disk. > The one I want to sign is A780EFF6. To sign a key, you need to have it in your keyring. However, based on > rsv2@rsv2-Serval-Pro ~ $ gpg --default-key A780EFF6 --clearsign REIDgpg > > You need a passphrase to unlock the secret key for > user: "Reid Vail (runbox) <rsv...@runbox.com>" > 2048-bit RSA key, ID A780EFF6, created 2017-01-17 I'm thinking you're trying to sign your own key, which is not something that can be done. There is the so-called self-signature, but it is not done by --sign-key but rather by changing some aspect of your key with --edit-key. It would appear (because it asks for a passphrase) that your system has this private key in its keyring. > gpg: can't open `REIDgpg': No such file or directory You are asking GnuPG to issue a detached signature on a file in your current directory called REIDgpg. This file appears not to exist. > That last is obviously my misunderstanding the command structure, but the man > pages > are just a little too opaque for me.... The man pages are reference manuals, not introductory texts. They are indeed opaque if you're trying to learn how to do stuff on the command line. [1] is better, but it is old. I must admit I'm not really well acquainted with introductory texts. You can see which private keys your system has in its keyring by $ gpg -K And it would appear you have multiple since GnuPG complains "no default secret key". What are you trying to do? Please try to indicate the end rather than the means. When you say "I want to sign key A780EFF6" it is not clear to me what you are trying to accomplish by that. Do you want to make that key valid? If it's your own key, that won't work. That's for making other people's keys valid. Your own key should have its trust level set to "ultimate" to make it valid. This is something that GnuPG does automatically when creating a key, but not when importing a secret key that was created with a different GnuPG installation. Hope that helps a little bit, Peter. [1] https://www.gnupg.org/gph/en/manual.html > > Any suggestions are welcome. > > RSV869 > > > On Mon, 23 Jan 2017 15:36:18 -0500 > ved...@nym.hush.com wrote: > >> >> >> On 1/23/2017 at 1:00 PM, "reid vail" wrote:Hi vedaal - >> >> thanks for your response. I'll follow those instructions. >> >> when you say that's the 'default' key I believe you mean it's the >> default key fore that that specific GnuPG correspondent, right? And >> by extension, when I import any other public keys I need to sign them >> as trusted (in this case, by Seahorse), as you instructed below. >> That's the process, I think :-> >> >> ===== >> >> yes. >> >> also, should you ever need to upgrade to a newer linux system, and >> want to import your keys, >> >> you would need to first make a keypair in the GnuPg Seahorse or GPA or >> whatever gui you use, in the new system, and then import your keys and >> sign them the the new key >> vedaal > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
