gpg: decryption failed: No secret key
dirk.gottschalk1980 at googlemail.com
Wed Aug 8 06:14:45 CEST 2018
Am Mittwoch, den 08.08.2018, 00:03 -0400 schrieb Yu:
> WOW! That works.
> To document this, if anyone ever run into this situation:
> > sec# rsa4096/0xC9E7221DAFCE6539 created: 2018-08-07 expires:
> > never
> This is the key I need to delete from the card/yubikey.
> 1. gpg --delete-key 0xC9E7221DAFCE6539
> 2. gpg --card-status should return NONE and gpg --list-keys would
> gpg: no ultimately trusted keys found
> 3. pull out the card
> 4. run gpg --import PUBLIC_KEY_FILE
> 5. insert the card
> 6. gpg --card-status
> 7. now try to encrypt and decrypt (you will be prompted to enter your
> to unlock your card).
> Thank you Dirk!
This is, AFAIK, also somewhere deep inside the docs.
Just to make things clear. The user information, UID and so on, is in
the public part of the key, AFAIK. This means, to map the secret key to
it's ither data, you must have the public key in your keyring. The --
card-status reads the information oin the card and maps the key to the
public part using the Fingerprint, I think.
In my case, when I use one of my cards, where the fetch URL is not set,
I download the keys from the keyserver with "--recv-keys" and then I
read the card with "--card-status". But in general, I prefer the way
using the fetch URL. It's faster to make "--card-edit" and just use
fetch. This comines both funcrions.
52064 Aachen, Germany
GPG: DDCB AF8E 0132 AA54 20AB B864 4081 0B18 1ED8 E838
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part
More information about the Gnupg-users