Dealing with duplicate keys
Ludovic Courtès
ludo at gnu.org
Fri Oct 23 14:25:43 CEST 2020
Hi Werner,
Werner Koch <wk at gnupg.org> skribis:
> On Wed, 21 Oct 2020 23:52, Ludovic Courtès said:
>
>> For some reason (perhaps a bug in a previous version of GnuPG I used
>> long ago?), my public key ring had come to contain my own public key
>> twice, with the same fingerprint and all.
>
> Should not happen because we use on Unix a copy-to-temp/update/rename
> strategy. There are bugs of course and so there is no guarantee that it
> does not happen.
I’ve been carrying this keyring for years, so it could be that there was
once a bug that led to this inconsistency.
> Eventually this will go away because 2.3 will come with the optional
> keyboxd daemon which uses sqlite and keeps a unique index on the
> primary key's fingerprint. It will also makes things faster and more
> robust related to changes when running several gpg processes.
> Drawback is that we have yet another format to store keys.
Nice.
>> To recover from it, I deleted my public key with ‘--delete-key’ twice,
>> ‘--delete-secret-key’ once for the corresponding secret key, and then
>> re-imported both the public key and the secret key, which I had
>> previously exported. Now everything is back to normal.
>
> That is sound fix. I am not aware of other reports but ppl might not
> have considered this a bug.
>
> kbxutil --find-dups pubring.kbx
>
> should print a list of duplicate records. Take care: kbxutil is more of
> a debugging aid than a real tool.
Interesting! Good news: I don’t have other duplicate keys.
> While you spoke about easypg: I often have problems with it and it would
> be nice if we could find a maintainer for it. With the Emacs' new FFI a
> move to GPGME might also be an idea.
Yeah. EPG seems to be actively maintained though; this recent change I
mentioned is what led me to discover this issue.
Thanks for your feedback!
Ludo’.
More information about the Gnupg-users
mailing list