Recent problem

Harry A. Sutton sutton@attbi.com
Sat Oct 5 18:19:02 2002


Here's another data point: I've got another system, also running RedHat
7.3, which I haven't yet applied the most recent security updates.
Signing (as described below) appears to work fine on that system; both
of my other systems (a tower running RedHat 7.3 stock and a laptop
running RedHat 7.3 with Ximian Desktop) have had the latest updates
applied, and both exhibit the error behavior described below.

All three systems have the identical secret key (verified by
fingerprint).

	/Harry

On Sat, 2002-10-05 at 09:24, Harry A. Sutton wrote:
> Hi folks,
> 
> I've scanned through the FAQs and the archives of this group, but didn't
> see anything obvious to address this question. I do apologize if I've
> overlooked a source of information, but I've come to depend on GnuPG to
> sign my mail messages, and it's frustrating me that I can't right now.
> 
> I was recently away on vacation, and when I returned I found a couple of
> updates (from RedHat) waiting to be applied. (The most recent of these
> have been glibc, nss_ldap, unzip and tar.) Although I can't confirm this
> with empirical evidence (without backing out those updates, which I'm
> reluctant to do), I believe my GnuPG stuff stopped working around the
> time of these updates.
> 
> One symptom, which I can't find any data on, is the following: when I
> attempt to locally sign a key (e.g., Werner Koch's), I get the an error
> message I haven't seen before. Here's the way it goes:
> 
> $gpg --lsign Werner
> 
> pub  1024D/57548DCD  created: 1998-07-07 expires: 2002-12-29 trust: -/-
> (1). Werner Koch (gnupg sig) <dd9jn@gnu.org>
> 
> 
> pub  1024D/57548DCD  created: 1998-07-07 expires: 2002-12-29 trust: -/-
>  Primary key fingerprint: 6BD9 050F D8FC 941B 4341  2DCC 68B7 AB89 5754
> 8DCD
> 
>      Werner Koch (gnupg sig) <dd9jn@gnu.org>
> 
> This key is due to expire on 2002-12-29.
> Do you want your signature to expire at the same time? (Y/n) 
> How carefully have you verified the key you are about to sign actually
> belongs
> to the person named above?  If you don't know what to answer, enter "0".
> 
>    (0) I will not answer. (default)
>    (1) I have not checked at all.
>    (2) I have done casual checking.
>    (3) I have done very careful checking.
> 
> Your selection? 
> Are you really sure that you want to sign this key
> with your key: "Harry A. Sutton <Harry.Sutton@hp.com>"
> 
> The signature will be marked as non-exportable.
> 
> Really sign? y
> gpg: secret key parts are not available
> gpg: signing failed: general error
> 
> 
> 
> It's that "secret key parts are not available" thing that's throwing me.
> Can anyone point me to a solution?
> 
> Thanks,
> 
> 	/Harry
> 
>