Un-revoking a key pair
yochanon at localnet.com
Fri Apr 6 19:55:11 CEST 2007
On 06 April 07 09:48, David Shaw wrote:
> On Fri, Apr 06, 2007 at 01:22:52AM -0500, John B wrote:
> > Hi gang,
> > Somehow the other night I accidently imported a revoking thing for
> > my main secret and public key pair when I was using kgpg. Kgpg tells
> > me I need to un-revoke it in the manual editor, so, could someone
> > tell me a quick and easy way to do so, please? Is it possible to
> > un-revoke?
> Yes it is possible. The first thing is that you must not distribute
> the keys while they are in this revoked state: do not send them to
> anyone, and absolutely do not send them to a keyserver.
> Here's how to unrevoke. It's a very manual process. Be safe: make a
> backup before you do stuff like this.
> 1) Export the public key into a file.
> gpg --export (thekey) > mykey.gpg
> 2) Split it into parts:
> gpgsplit mykey.gpg
> This breaks the key into multiple files with names like
> 3) Figure out which packet is the revocation. It's likely to be
> "000002-002.sig", but make sure with:
> gpg --list-packets 000002-002.sig
> That will show information about the packet. If the sigclass is
> set to 0x20, that's the revocation. Delete that file.
> 4) Put the key back together again:
> cat 0000* > myfixedkey.gpg
> 5) Remove the old key:
> gpg --expert --delete-key (thekey)
> You need --expert here so GPG will let you delete the public key
> when a private key is still around.
> 6) Import the new key:
> gpg --import myfixedkey.gpg
Thanks to David, Peter, and Adam for the info on doing this. It looks like
the easiest thing to do is go ahead and send out the revoked key info to
keyservers and just make a new key though, especially since kgpg is acting up
so badly and not seeing /home/me/.gnupg for some reason. Maybe I'll be able
to figure it out before I create a new keypair though.
More information about the Gnupg-users