Using Yubikey only to encrypt/sign

Andrew Gallagher andrewg at
Mon Feb 18 21:51:07 CET 2019

> On 18 Feb 2019, at 20:35, Farhan Khan <farhan at> wrote:
> Hey Andrew,
> I was given the message "gpg: decryption failed: No secret key". I ran this:
> mv .gnupg .gnupg.bak
> gpg --card-status
> cat encrypted_message | gpg --decrypt
> This gave me the warning message:
> gpg: encrypted with 2048-bit RSA key, ID BF0F750DB428FFFF, created 2019-02-18
>      "Farhan Khan <farhan at>"
> gpg: public key decryption failed: Invalid ID
> gpg: decryption failed: No secret key
> When I run gpg --list-secret-keys, I see the serial number listed for my card.
> I suspect this is a gpg-agent issue?

Would you mind posting the results of `gpg --list-secret-keys`? With the yubikey plugged in. It shouldn’t contain anything too sensitive. You may have the decryption key in the wrong slot. 


More information about the Gnupg-users mailing list