Unable to import Private Key
dgouttegattat at incenp.org
Mon Dec 26 22:21:37 CET 2016
On 12/26/2016 06:52 PM, Guy Wyers wrote:
> - Can I somehow recover from this? I guess that, at least theoretically,
> the public should be "derivable" from the private key?
The problem here is not that you are missing the public key (the public
key *is* derivable from the private key, and GnuPG would automatically
extract the public key upon importing the private key).
The problem is that you are missing the secret *primary* key to which
this secret subkey should be attached.
If you do not have a backup of that primary key, I am not sure you will
be able to recover.
At least with GnuPG 2.1, it should be possible to re-attach the subkey
to a new primary key (because GnuPG 2.1 allows to "create" a key from a
pre-existing key if you know its keygrip), *but* the newly re-attached
key would still have a different key creation time and thus a different
key ID... meaning that it could not be used to decrypt messages
encrypted to the original key.
> - How did I end up with this truncated export? As far as I remember -even
> if it was long long time ago- I followed the standard instructions for
> "storing my private key in a safe place".M
As far as I know, the only way to export a subkey only is to explicitly
specify that subkey by its key ID with an appended '!', as in the
$ gpg2 --output backup.gpg --export-secret-keys '0xDECAFBAD!'
Otherwise, GnuPG will always export the primary key and all its subkeys.
What are those "standard instructions" you are referring to? If you were
instructed to backup only your secret subkey instead of your entire
private keyring, I am afraid you have been badly misled.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users