Strange problem: Passphrase only seldom accepted

Sebastian Inacker inacker@gmx.de
Wed Jul 23 10:20:01 2003 

Hello.

My problem:

I discovered a strange problem with a GnuPG-Key: The passphrase is
only seldom recognised as the correkt passphrase by GnuPG. Although
I'm quite sure, that I typed exactly the right one (at last in most
cases).

Description:

The key was generated with GnuPG 1.0.6 (Linux, Debian woody), GnuPG
was updated to 1.2.2 (inofficial Debian package from Adrian Bunk).
Convertion script (1.0.6 to later format) was executed. I also tried
1.2.2 from www.gnupg.org later without success.

I tried several (particulary strange) things (always with "gpg
--clearsign [file]") without lasting success:

  a) Copied a three days old backup: Worked for a few minutes. Then
  I got an invalid passphrase again - with the same passphrase as
  a few minutes before.

  b) Deleted random_seed -> passphrase ok. Some time later:
  passphrase bad. Deleted random_seed and trustdb.gpg -> passphrase
  ok for some minutes (don't remember whether I tried clearsigning
  one or more times, sorry). I think, this was the strange thing
  I tried.

  c) Importet my secret and public key on an other host[1] without
  an existing ~/.gnupg directory. clearsigning worked - but only
  for some time. GnuPG is 1.2.2 from Adrian Bunk.

  d) Wrote the passphrase into a file to avoid typing errors. Then I
  tried "gpg --passphrase-fd 0 --clearsign [file] < passphrase.txt"
  without success. With a new testkey this procedure worked.

  e) The "Passphrase Agent" is not in use. (Option "use-agent"
  in gpg.conf is disabled. I had an old "options"-File, which I
  replaced by an new and unchanged generated gpg.conf.)

  f) Imported and tested the key on 5 hosts to avoid hardware
  failures.  3xDebian woody with GnuPG 1.2.2 from Adrian Bunk,
  2xSUN Solaris with GnuPG 1.2.2 from www.gnupg.org

I have generated a completely new key, which is working fine. And it's
not as bad as it could be, if I "lost" the problem-key[2], but if
someone got an idea, in what direction I could do some research, I
would be glad.

Many thanks for any possible hint,
Sebastian

[1] I exported the keys with "gpg --armour --export [KeyID] >
pubkey" and "gpg --armour --export-secret-keys [KeyID] > seckey",
then imported with "gpg --import pubkey seckey"

[2] I do have a revocation certificate and had not many signatures.