[SOLVED] gpg doesn't import secret keys for me any more
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jan 15 21:53:01 CET 2019
On Tue 2019-01-15 12:05:39 -0500, Ineiev wrote:
> On Mon, Jan 14, 2019 at 03:06:22PM -0500, Daniel Kahn Gillmor wrote:
>> fwiw, if you use --batch with --import, there will be no attempt to use
>> pinentry, ever, which should make both commands work without complaint.
>
> Curiously, when I --export-secret-keys with --batch, it still requests
> the password.
right, that's a requirement for most secret keys, because the secret
keys need to be re-encrypted into the OpenPGP-style export format. The
standard locked form of the secret keys stored in
~/.gnupg/private-keys-v1.d is not compatible directly with the OpenPGP
secret key specification, so decryption and re-encryption is needed.
otoh, --batch can work with --import because of a special case, where
GnuPG is willing to (temporarily at least) just store the
OpenPGP-wrapped secret key in private-keys-v1.d/ without converting it
to the standard locked form.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190115/e67307d3/attachment.sig>
More information about the Gnupg-users
mailing list