does anyone have a procedure of how to export a gpg key to another machine. I
created a gpg on machine A, if I export this key with 'gpg --export-key UID'
to another machine it does not work there. For example:
On Machine A:
RPMS/i586> rpm --resign lua-5.0-rb3.i586.rpm
Enter pass phrase:
Pass phrase is good.
lua-5.0-rb3.i586.rpm:
warning: lua-5.0-rb3.i586.rpm: was already signed by key ID 8c9b4b0d, skipping
Now export the key:
gpg --output blah --export-secret-key 8c9b4b0d
On machine B:
After that import the on machine B:
:~> gpg --import blah
gpg: key 8C9B4B0D: already in secret keyring
gpg: Total number processed: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
:~> gpg --list-keys
:~> gpg --list-secret-keys
/home/richard/.gnupg/secring.gpg
--------------------------------
sec 1024D/8C9B4B0D 2004-06-26 Richard Boss (rpm)
On Monday 05 July 2004 21.30, Richard Bos wrote:
After that import the on machine B: :~> gpg --import blah
gpg: key 8C9B4B0D: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 ^^^^^^^^^^^^^^^^^^^^
It was never changed, so was the passphrase the same on machine B?
:~> gpg --list-keys :~> gpg --list-secret-keys
/home/richard/.gnupg/secring.gpg -------------------------------- sec 1024D/8C9B4B0D 2004-06-26 Richard Boss (rpm)
ssb 1024g/0EF1D53E 2004-06-26 Doesn't look to bad....
But signing a package does not work, due to a failing passphrase.... RPMS/i586> rpm --resign asterisk-samples-0.9.1-1.i586.rpm Enter pass phrase: Pass phrase check failed
If I copy over the ~/.gnupg directory it works, but shouldn't it be possible to just export 1 key??
I seem to recall a discussion about this a while ago. What does your rpmmacro %_gpg_name look like on machine B?
Op maandag 5 juli 2004 21:41, schreef Anders Johansson:
On Monday 05 July 2004 21.30, Richard Bos wrote:
After that import the on machine B: :~> gpg --import blah
gpg: key 8C9B4B0D: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1
^^^^^^^^^^^^^^^^^^^^
It was never changed, so was the passphrase the same on machine B?
I can't change it...! See below; :~/packages/RPMS/i586> gpg --list-secret-keys /home/richard/.gnupg/secring.gpg -------------------------------- sec 1024D/8C9B4B0D 2004-06-26 Richard Boss (rpm) <emailaddress> ssb 1024g/0EF1D53E 2004-06-26 :~/packages/RPMS/i586> gpg --list-secret-keys 8C9B4B0D gpg: key 8C9B4B0D: secret key without public key - skipped gpg: error reading key: secret key not available or # gpg --edit-key 8C9B4B0D gpg (GnuPG) 1.2.4; Copyright (C) 2003 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. It just does not see the key!
:~> gpg --list-keys :~> gpg --list-secret-keys
/home/richard/.gnupg/secring.gpg -------------------------------- sec 1024D/8C9B4B0D 2004-06-26 Richard Boss (rpm)
ssb 1024g/0EF1D53E 2004-06-26 Doesn't look to bad....
But signing a package does not work, due to a failing passphrase.... RPMS/i586> rpm --resign asterisk-samples-0.9.1-1.i586.rpm Enter pass phrase: Pass phrase check failed
If I copy over the ~/.gnupg directory it works, but shouldn't it be possible to just export 1 key??
I seem to recall a discussion about this a while ago. What does your rpmmacro %_gpg_name look like on machine B?
Do you mean this http://lists.suse.com/archive/suse-linux-e/2004-Feb/3136.html? The $HOME/.rpmmacros file on machine A and B are the same. Also if I just copy the $HOME/.gnupg directory it works (that is without altering the .rpmmacros file). I have this in my .rpmmacros fille: %_signature gpg %_gpgbin "/usr/bin/gpg --use-agent" %_gpg_bin "/usr/bin/gpg --use-agent" %_gpg_name rpm I tried it as: %_signature gpg %_gpg_name rpm But that does not work too. If there is another way to copy a key it is fine as well! -- Richard Bos Without a home the journey is endless
On Monday 05 July 2004 22.08, Richard Bos wrote:
:~/packages/RPMS/i586> gpg --list-secret-keys 8C9B4B0D
gpg: key 8C9B4B0D: secret key without public key - skipped
Isn't this error message revealing? Apparently, gpg needs a public key to go with the secret. So export/import that as well and try
Do you mean this http://lists.suse.com/archive/suse-linux-e/2004-Feb/3136.html?
Yes
Op maandag 5 juli 2004 22:15, schreef Anders Johansson:
On Monday 05 July 2004 22.08, Richard Bos wrote:
:~/packages/RPMS/i586> gpg --list-secret-keys 8C9B4B0D
gpg: key 8C9B4B0D: secret key without public key - skipped
Isn't this error message revealing? Apparently, gpg needs a public key to go with the secret. So export/import that as well and try
Anders, that's it! Thanks you! -- Richard Bos Without a home the journey is endless
Op maandag 5 juli 2004 22:15, schreef Anders Johansson:
On Monday 05 July 2004 22.08, Richard Bos wrote:
:~/packages/RPMS/i586> gpg --list-secret-keys 8C9B4B0D
gpg: key 8C9B4B0D: secret key without public key - skipped
Isn't this error message revealing? Apparently, gpg needs a public key to go with the secret. So export/import that as well and try
(gpg --export-secret-key KEY; gpg --export KEY) > FILE The import results in: gpg: key 8C9B4B0D: secret key imported gpg: /home/richard/.gnupg/trustdb.gpg: trustdb created gpg: key 8C9B4B0D: public key "Richard Boss (rpm) <emailaddress>" imported gpg: Total number processed: 2 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 -- Richard Bos Without a home the journey is endless
On Monday 05 July 2004 22:08, Richard Bos wrote:
:~/packages/RPMS/i586> gpg --list-secret-keys 8C9B4B0D
gpg: key 8C9B4B0D: secret key without public key - skipped
Hmm, I'm not sure, but it seems the public key is also needed.
gpg: error reading key: secret key not available
Cheers, Leen
participants (3)
-
Anders Johansson
-
Leendert Meyer
-
Richard Bos