How to use an "offline" primary key

Peter Lebbing peter at
Mon Jan 4 12:53:21 CET 2010

Sven Radde wrote:
> I thought that I would simply 'include' the primary key by adding
> "--secret-keyring secring2.gpg" whenever I need it for these kinds of
> operations, but GnuPG complains about missing parts of the secret key
> regardless of whether this option is present of not.

AFAIK, GnuPG will take the first version of the key it finds. The first version
of the key (primary and subkeys) is in your default keyring, with only a stub

You could try something like
--no-default-keyrings --secret-keyring secring2.gpg --public-keyring
pubring2.gpg --secret-keyring secring.gpg --public-keyring pubring.gpg

where secring.gpg/pubring.gpg are your default keyrings.

By exchanging the order of the keyrings, hopefully this will mean it looks for
the key in secring2.gpg first, where the primary key is included too.

I haven't tried it myself, though.

Good luck,


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at
(new, larger key created on Nov 12, 2009)

More information about the Gnupg-users mailing list