decrypt : primary key or subkey ?
Bruno Costacurta
pubmb01 at skynet.be
Thu Jun 7 12:31:19 CEST 2007
On Thursday 07 June 2007 10:27:08 David SMITH wrote:
> On Wed, Jun 06, 2007 at 06:53:48PM +0200, Bruno Costacurta wrote:
> > Sorry but indeed I have the secret key for 0x2E604D51 and it's valid (I
> > just installed my gpg keyrings on a new computer and use it for signing).
> > The 0CC897B5 is a subkey and was created automatically with 0x2E604D5
> > creation and never ask specific password.
>
> No, you should have a subkey for both 0x2E604D51 /and/ 0x0CC897B5.
>
> Here are the details of my keys:
>
> bris0085(23)% gpg --list-keys --verbose
> /home/damia/users/dsmith/.gnupg/pubring.gpg
> -------------------------------------------
> pub 1024D/F13192F2 2002-02-12
> uid David Smith (STMicroelectronics) <Dave.Smith at st.com>
> uid David Smith (Home) <David.Smith at ds-electronics.co.uk>
> sub 1024g/FA5EA4A2 2002-02-12 [expired: 2002-08-11]
> sub 1024g/BE299CC1 2002-07-20 [expired: 2003-01-16]
> sub 1024g/C8D6DAB9 2003-01-18 [expired: 2003-07-17]
> sub 1024g/B643FF36 2003-11-09 [expired: 2004-05-07]
> sub 1024g/80454033 2004-05-17 [expired: 2004-11-13]
> sub 1024g/F5FE6DF8 2004-12-07 [expired: 2005-06-05]
> sub 1024g/0DD8A13F 2005-09-05 [expired: 2006-03-04]
> sub 1024g/9249F278 2006-06-20 [expired: 2006-12-17]
> sub 1024g/3712DE29 2006-12-22 [expired: 2006-12-24]
> sub 4096g/42F250C4 2007-01-13 [expires: 2007-07-12]
>
> bris0085(22)% gpg --list-secret-keys
> /home/damia/users/dsmith/.gnupg/secring.gpg
> -------------------------------------------
> sec 1024D/F13192F2 2002-02-12
> uid David Smith (Home) <David.Smith at ds-electronics.co.uk>
> uid David Smith (STMicroelectronics) <Dave.Smith at st.com>
> ssb 1024g/FA5EA4A2 2002-02-12
> ssb 1024g/BE299CC1 2002-07-20
> ssb 1024g/C8D6DAB9 2003-01-18
> ssb 1024g/B643FF36 2003-11-09
> ssb 1024g/80454033 2004-05-17
> ssb 1024g/F5FE6DF8 2004-12-07
> ssb 1024g/0DD8A13F 2005-09-05
> ssb 1024g/9249F278 2006-06-20
>
> Note that my main (signing) key has both public (pub) and secret (sec)
> parts, and each of my subkeys have public (sub) and secret (ssb) parts.
>
> Compare this with yours:
>
> % gpg --list-secret-keys -v 0x2E604D51
> gpg: no secret subkey for public subkey 0CC897B5 - ignoring
> sec 1024D/2E604D51 2006-06-11
> uid Bruno Costacurta <bruno at costacurta.org>
> uid Bruno Costacurta <contract at costacurta.org>
> uid [ revoked] pubmb01 <pubmb01 at skynet.be>
> uid [ revoked] Bruno Costacurta <cob1 at biz.tiscali.be>
> uid [ revoked] pubmb02 <pubmb02 at skynet.be>
> uid Bruno Costacurta <pubmb01 at skynet.be>
>
>
> You seem to have managed to lose the secret part of your subkey, either
> through a bug or data corruption, or through human error.
>
> Unless you can find the secret part of your subkey again, the public
> part is worthless, and should be revoked by publishing a revocation
> certificate. This does, of course, assume that you generated a
> revocation certificate before you lost the secret part....
Hello David,
(note: I'm able to revoke this subkey (done but not sent to keyserver yet)).
The problem is that subkey comes alone and automatically when keypair is
generated (and related keyring created).
During creation there is only one password required which is linked to the
primary key. My secret key and related password are OK.
Where in this process is the secret part (and related password) of subkey
specified ?
How to specify correct attributes for subkey like encrypt & decrypt ?
Bye,
Bruno
--
PGP key ID: 0x2e604d51
Key : http://www.costacurta.org/keys/bruno_costacurta_pgp_key.html
Key fingerprint = 713F 7956 9441 7DEF 58ED 1951 7E07 569B 2E60 4D51
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20070607/c8116dc6/attachment-0001.pgp
More information about the Gnupg-users
mailing list