Un-revoking a key pair
dshaw at jabberwocky.com
Fri Apr 6 16:48:17 CEST 2007
On Fri, Apr 06, 2007 at 01:22:52AM -0500, John B wrote:
> Hi gang,
> Somehow the other night I accidently imported a revoking thing for
> my main secret and public key pair when I was using kgpg. Kgpg tells
> me I need to un-revoke it in the manual editor, so, could someone
> tell me a quick and easy way to do so, please? Is it possible to
Yes it is possible. The first thing is that you must not distribute
the keys while they are in this revoked state: do not send them to
anyone, and absolutely do not send them to a keyserver.
Here's how to unrevoke. It's a very manual process. Be safe: make a
backup before you do stuff like this.
1) Export the public key into a file.
gpg --export (thekey) > mykey.gpg
2) Split it into parts:
This breaks the key into multiple files with names like
3) Figure out which packet is the revocation. It's likely to be
"000002-002.sig", but make sure with:
gpg --list-packets 000002-002.sig
That will show information about the packet. If the sigclass is
set to 0x20, that's the revocation. Delete that file.
4) Put the key back together again:
cat 0000* > myfixedkey.gpg
5) Remove the old key:
gpg --expert --delete-key (thekey)
You need --expert here so GPG will let you delete the public key
when a private key is still around.
6) Import the new key:
gpg --import myfixedkey.gpg
More information about the Gnupg-users