Re: "gpg: decryption failed: No secret key" after export-import to another host

Sun, 06 Jun 2021 14:29:36 -0700 

I found the sequence to reproduce my problem:


$ rm -rf .gnupg
$ gpg --gen-key --batch <<EOF
        %echo Generating a 25519 key
        Key-Type: eddsa
        Key-Curve: Ed25519
        Key-Usage: cert
        Subkey-Type: ecdh
        Subkey-Curve: Ed25519
        Subkey-Usage: encrypt
        Name-Real: test
        Name-Email: t...@test.com
        %commit
        %echo done
EOF
gpg: directory '/home/test/.gnupg' created
gpg: keybox '/home/test/.gnupg/pubring.kbx' created
gpg: Generating a 25519 key
gpg: /home/test/.gnupg/trustdb.gpg: trustdb created
gpg: key 6C6DB60F0545821C marked as ultimately trusted
gpg: directory '/home/test/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/home/test/.gnupg/openpgp-revocs.d/268017E33AFCBAD119C2FB626C6DB60F0545821C.rev' 
gpg: done
$ gpg -K
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
/home/test/.gnupg/pubring.kbx
-----------------------------
sec   ed25519 2021-06-06 [C]
      268017E33AFCBAD119C2FB626C6DB60F0545821C
uid           [ultimate] test <t...@test.com>
ssb   ed25519 2021-06-06 [E]

$ echo test | gpg --encrypt --recipient t...@test.com | gpg --decrypt
gpg: encrypted with 256-bit ECDH key, ID 683197C0DF776EC0, created 2021-06-06 
      "test <t...@test.com>"
test

$ gpg --export-secret-keys -a > keys.asc
$ rm -rf .gnupg
$ gpg --import --trust-model always keys.asc
gpg: directory '/home/test/.gnupg' created
gpg: keybox '/home/test/.gnupg/pubring.kbx' created
gpg: key 6C6DB60F0545821C: public key "test <t...@test.com>" imported
gpg: key 6C6DB60F0545821C: secret key imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
$ gpg -K
gpg: /home/test/.gnupg/trustdb.gpg: trustdb created
/home/test/.gnupg/pubring.kbx
-----------------------------
sec   ed25519 2021-06-06 [C]
      268017E33AFCBAD119C2FB626C6DB60F0545821C
uid           [ unknown] test <t...@test.com>
ssb#  ed25519 2021-06-06 [E]

$ echo test | gpg --encrypt --recipient t...@test.com | gpg --decrypt
gpg: 683197C0DF776EC0: There is no assurance this key belongs to the named user 

sub  ed25519/683197C0DF776EC0 2021-06-06 test <t...@test.com>
Primary key fingerprint: 2680 17E3 3AFC BAD1 19C2 FB62 6C6D B60F 0545 821C Subkey fingerprint: C0E4 F2BE 8532 1C1A 3777 8963 6831 97C0 DF77 6EC0 

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
gpg: encrypted with 256-bit ECDH key, ID 683197C0DF776EC0, created 2021-06-06 
      "test <t...@test.com>"
gpg: decryption failed: No secret key
$


Is this a gnupg bug or I'm doing something wrong?

--
sergio.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to