Strange problem: Passphrase only seldom accepted
Wed Jul 23 10:20:01 2003
I discovered a strange problem with a GnuPG-Key: The passphrase is
only seldom recognised as the correkt passphrase by GnuPG. Although
I'm quite sure, that I typed exactly the right one (at last in most
The key was generated with GnuPG 1.0.6 (Linux, Debian woody), GnuPG
was updated to 1.2.2 (inofficial Debian package from Adrian Bunk).
Convertion script (1.0.6 to later format) was executed. I also tried
1.2.2 from www.gnupg.org later without success.
I tried several (particulary strange) things (always with "gpg
--clearsign [file]") without lasting success:
a) Copied a three days old backup: Worked for a few minutes. Then
I got an invalid passphrase again - with the same passphrase as
a few minutes before.
b) Deleted random_seed -> passphrase ok. Some time later:
passphrase bad. Deleted random_seed and trustdb.gpg -> passphrase
ok for some minutes (don't remember whether I tried clearsigning
one or more times, sorry). I think, this was the strange thing
c) Importet my secret and public key on an other host without
an existing ~/.gnupg directory. clearsigning worked - but only
for some time. GnuPG is 1.2.2 from Adrian Bunk.
d) Wrote the passphrase into a file to avoid typing errors. Then I
tried "gpg --passphrase-fd 0 --clearsign [file] < passphrase.txt"
without success. With a new testkey this procedure worked.
e) The "Passphrase Agent" is not in use. (Option "use-agent"
in gpg.conf is disabled. I had an old "options"-File, which I
replaced by an new and unchanged generated gpg.conf.)
f) Imported and tested the key on 5 hosts to avoid hardware
failures. 3xDebian woody with GnuPG 1.2.2 from Adrian Bunk,
2xSUN Solaris with GnuPG 1.2.2 from www.gnupg.org
I have generated a completely new key, which is working fine. And it's
not as bad as it could be, if I "lost" the problem-key, but if
someone got an idea, in what direction I could do some research, I
would be glad.
Many thanks for any possible hint,
 I exported the keys with "gpg --armour --export [KeyID] >
pubkey" and "gpg --armour --export-secret-keys [KeyID] > seckey",
then imported with "gpg --import pubkey seckey"
 I do have a revocation certificate and had not many signatures.