signing failed with master key when I have stronger subkeys

Peter Lebbing peter at digitalbrains.com
Fri Aug 14 16:06:56 CEST 2015


On 14/08/15 14:45, Dongsheng Song wrote:
> D:\>gpg  -u "7547A8A9\!" --clearsign relay.txt
> gpg: skipped "7547A8A9\!": No secret key
> gpg: relay.txt: clearsign failed: No secret key

I think the escape of the exclamation mark might not be correct for Windows
shell usage.

> D:\>gpg  -u "7547A8A9!" --clearsign relay.txt
> gpg: skipped "7547A8A9!": Unusable secret key
> gpg: relay.txt: clearsign failed: Unusable secret key

This would probably be the correct form for Windows. But: is that subkey
actually encryption capable or is it an encryption subkey?

What about

D:\>gpg -u "46D397FF!" --clearsign relay.txt

?

You can see what your (sub)keys are capable of as follows:

D:\>gpg --edit-key 46D397FF
[...]
pub [...] usage: SC
sub [...] usage: S
sub [...] usage: E

The primary key can sign and certify, the first subkey can sign and the second
can encrypt.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list