Decrypting with ECDH: no secret key

Werner Koch wk at
Wed Jun 26 17:40:10 CEST 2013

On Wed, 26 Jun 2013 11:15, daniele.athome at said:

> sec    256E/8C5A3D53 2013-06-16
> uid                  Test ECDSA-ECDH (Key and subkey are 256 bits
> long) <test.ecdsa.ecdh at>
> ssb#   256e/8BA3201C 2013-06-16

The hash mark after "sbb" indicates that the subkey if off-line.  There
is only a stub key left.  In the case of GnuPG 2.1 this is similar; the
gpg-agent does not have access to the actually key below

If you run

   gpg2 --with-keygrip -K 8C5A3D53

You will see something like:

  ssb   1024g/47BE2775 2003-12-31
        Keygrip = 7E201E28B6FEB2927B321F443205F4724EBE637E

Now to check whether the key is really available do

  ls ~/.gnupg/private0keys-v1.d/7E201E28B6FEB2927B321F443205F4724EBE637E.key

I don't know why it is missing.  You may however import it again from an
exported copy of that secret key ("gpg2 --import seckey.gpg")



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list