Strange problem: Passphrase only seldom accepted

Sebastian Inacker
Wed Jul 23 10:20:01 2003


My problem:

I discovered a strange problem with a GnuPG-Key: The passphrase is
only seldom recognised as the correkt passphrase by GnuPG. Although
I'm quite sure, that I typed exactly the right one (at last in most


The key was generated with GnuPG 1.0.6 (Linux, Debian woody), GnuPG
was updated to 1.2.2 (inofficial Debian package from Adrian Bunk).
Convertion script (1.0.6 to later format) was executed. I also tried
1.2.2 from later without success.

I tried several (particulary strange) things (always with "gpg
--clearsign [file]") without lasting success:

  a) Copied a three days old backup: Worked for a few minutes. Then
  I got an invalid passphrase again - with the same passphrase as
  a few minutes before.

  b) Deleted random_seed -> passphrase ok. Some time later:
  passphrase bad. Deleted random_seed and trustdb.gpg -> passphrase
  ok for some minutes (don't remember whether I tried clearsigning
  one or more times, sorry). I think, this was the strange thing
  I tried.

  c) Importet my secret and public key on an other host[1] without
  an existing ~/.gnupg directory. clearsigning worked - but only
  for some time. GnuPG is 1.2.2 from Adrian Bunk.

  d) Wrote the passphrase into a file to avoid typing errors. Then I
  tried "gpg --passphrase-fd 0 --clearsign [file] < passphrase.txt"
  without success. With a new testkey this procedure worked.

  e) The "Passphrase Agent" is not in use. (Option "use-agent"
  in gpg.conf is disabled. I had an old "options"-File, which I
  replaced by an new and unchanged generated gpg.conf.)

  f) Imported and tested the key on 5 hosts to avoid hardware
  failures.  3xDebian woody with GnuPG 1.2.2 from Adrian Bunk,
  2xSUN Solaris with GnuPG 1.2.2 from

I have generated a completely new key, which is working fine. And it's
not as bad as it could be, if I "lost" the problem-key[2], but if
someone got an idea, in what direction I could do some research, I
would be glad.

Many thanks for any possible hint,

[1] I exported the keys with "gpg --armour --export [KeyID] >
pubkey" and "gpg --armour --export-secret-keys [KeyID] > seckey",
then imported with "gpg --import pubkey seckey"

[2] I do have a revocation certificate and had not many signatures.