2 local user-ids, 2 distinct key pairs but only 1 user-id can sign.

M.B.Jr. marcio.barbado at gmail.com
Wed Aug 19 02:15:02 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Erik and Charly,
thanks to you, I realized the problem was all about the argument I was
giving the "--local-user" option.

I was using the uid name (not a system account username) whereas I
should have used the key id.

Well, now it worked =)



On Tue, Aug 18, 2009 at 3:56 PM, Erik Lotspeich<erik at lotspeich.org> wrote:
> I have two key pairs: one for my personal e-mail and one for work, so I
> am in a similar situation as you are.
>
> I switch between the two with the "--default-key" option to GPG and give
> it my key ID as an argument (you can set this in your gpg.conf too).
>
> Even after looking at the man page, I'm not entirely clear what "name"
> the "--local-user" option is after (e.g. is it a name of a local user on
> the system, or is it the uid name on the key).
>
> Regards,
>
> Erik
>
> M.B.Jr. wrote:
>> Hi list,
>> this is my first message here.
>>
>> Firstly, thank you Werner Koch and collaborators for such a superb software.
>>
>> More than an enthusiast on cryptography, I am a Brazilian citizen,
>> concerned with the privacy and authenticity "components" involved in
>> information exchange transactions (not only in digital format).
>> Mainly, I'm concerned with the proper degree into which privacy and
>> authenticity can contribute to a fair relationship between society and
>> government.
>>
>> Digressions left aside, I've been using GnuPG for a while both in
>> Linux distros and in Windows XP, without facing big issues. Until now.
>> Let me depict the situation.
>>
>> OS: Windows XP Home SP3.
>> GnuPG version: 1.4.7
>>
>> I have already generated a GnuPG key pair with ELG-E and DSA and
>> everything was working fine.
>> I was able then to sign files, simply with (e.g.):
>>
>>
>> (1) gpg --clearsign "myfile.txt"
>>
>>
>> by the time I generated a second key pair (again with ELG-E and DSA)
>> to a new, distinct "user-id", this problem took place.
>>
>> Now, I want to sign some stuff with the new local user id's private
>> key, and I try the command (e.g.):
>>
>>
>> (2) gpg --local-user "[NEW_ID_NAME]" --clearsign "somefile.txt"
>>
>>
>> and it prompts me NOT for a passphrase, nor does it even create an
>> empty "asc" file.
>> Instead, it only returns the message:
>>
>> usage: gpg [options] [filename]
>>
>> So far, I can only sign files with (1), using the first private key my
>> GnuPG installation generated, which represents sort of a
>> default-and-only usable "user-id".
>>
>> Is it expected? Am I missing something? Is it possible to sign files
>> with my second "user-id"?
>>


Thank you very much,



- --
Marcio Barbado, Jr.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFKi0NThIh3kh+NgOcRAiYqAJ9EoZhxqXmf/CWurxfBQ3WPdkg0vQCdEE4m
OEfsumdFF+sMnxtKNv4n+kA=
=g3Xa
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list