Unable to import Private Key

Guy Wyers guy.wyers at gmail.com
Sat Dec 31 11:22:35 CET 2016

Hey guys,

Interesting development: I rebuilt my whole setup, generated a new keypair
etc. and am now in the process of creating another copy of the secret key
for safekeeping and back-up purposes.

And lo and behold: the problem reappeared, so I'm now in a position to
reproduce the problem. The export command I'm using produces again a
truncated result. By that I mean that the export I'm doing right now again
produces a file that only contains part of the data, just like the old
"*.asc" export that was unusable. I can see this by looking at the size of
the exported file and also by doing:

 $ gpg --list-packets secret-key.asc

which gives:

# off=0 ctb=9d tag=7 hlen=3 plen=966
:secret sub key packet:
        version 4, algo 1, created 1482831890, expires 0
        pkey[0]: [2048 bits]
        pkey[1]: [17 bits]
        iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt:
        protect count: 851968 (154)
        protect IV:  f1 59 85 06 71 0a 90 df 65 88 e9 c7 a7 2f 9a 61
        skey[2]: [v4 protected]
        keyid: 9305D7AA9D2311A4
# off=969 ctb=89 tag=2 hlen=3 plen=287
:signature packet: algo 1, keyid 16F92AB569F91A22
        version 4, created 1482831890, md5len 0, sigclass 0x18
        digest algo 8, begin of digest 90 08
        hashed subpkt 2 len 4 (sig created 2016-12-27)
        hashed subpkt 27 len 1 (key flags: 0C)
        subpkt 16 len 8 (issuer key ID 16F92AB569F91A22)
        data: [2046 bits]

The command used to build this export was the following (executed with the
-vv option to get all the info):

  $ gpg2 -vv -ao secret-key.asc --export-secret-keys <my email address>

gpg: writing to 'secret-key.asc'
gpg: key 69F91A22: asking agent for the secret parts
gpg: key 69F91A22: error receiving key from agent: End of file - skipped
gpg: key 69F91A22/9D2311A4: asking agent for the secret parts

It asks twice for the passphrase during this process and then produces this
"truncated" file.

Any ideas?



On Tue, Dec 27, 2016 at 11:29 AM, Damien Goutte-Gattat <
dgouttegattat at incenp.org> wrote:

> On 12/27/2016 11:16 AM, MFPA wrote:
>> The --export-secret-subkeys command will do what it says on the tin.
> That option would still generate a secret key packet for the primary key,
> it's just that this packet would not actually contain any key material.
> Here, what has been generated is a file containing only a secret subkey
> packet (and the associated binding signature). That's not the result of
> using --export-secret-subkeys.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20161231/8495b82c/attachment.html>

More information about the Gnupg-users mailing list