out-of-key UIDs [was: ADK's]

Andrew Gallagher andrewg at andrewg.com
Thu May 4 10:52:54 CEST 2023

On 4 May 2023, at 06:46, Ineiev <ineiev at gnu.org> wrote:
> On Mon, May 01, 2023 at 03:16:12PM +0100, Andrew Gallagher wrote:
>> On 1 May 2023, at 12:40, Ineiev via Gnupg-users <gnupg-users at gnupg.org> wrote:
>>> now, I generate a key
>>> for yu at guan.edu locally and add 0123456789ABCDEF as an ADK (BTW,
>>> will GnuPG complain if the only encryption-capable subkey is ADK?
>> Or you could just use an alias…?
> I don't think I fully understand what you mean.
> $ gpg --group fnord at test.eu=BD9D4DEE7B2FF1CBEF2EE0C4E0ACD3E0CBE7874A --list-keys fnord at test.eu
> gpg: error reading key: No public key
> $ gpg --list-keys BD9D4DEE7B2FF1CBEF2EE0C4E0ACD3E0CBE7874A | head -n1
> pub   rsa2048 2014-10-21 [SC] [expires: 2024-10-17]
> $ gpg --version | head -n2
> gpg (GnuPG) 2.2.41
> libgcrypt 1.8.10

—list-keys doesn’t expand groups. Try this instead:

andrewg at serenity % gpg --group fnord at test.eu=BD9D4DEE7B2FF1CBEF2EE0C4E0ACD3E0CBE7874A -r fnord at test.eu -e < /etc/shells > shells.gpg
gpg: 0x40F9B9601900E974: There is no assurance this key belongs to the named user

sub  rsa2048/0x40F9B9601900E974 2014-10-21 Ineiev (fencepost) <ineiev at gnu.org>
 Primary key fingerprint: BD9D 4DEE 7B2F F1CB EF2E  E0C4 E0AC D3E0 CBE7 874A
      Subkey fingerprint: F495 D912 C380 C534 23CD  6B7C 40F9 B960 1900 E974

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
andrewg at serenity % gpg --list-packets shells.gpg
gpg: encrypted with rsa2048 key, ID 0x40F9B9601900E974, created 2014-10-21
      "Ineiev (fencepost) <ineiev at gnu.org>"
gpg: problem with fast path key listing: IPC parameter error - ignored
gpg: public key decryption failed: No secret key
gpg: decryption failed: No secret key
# off=0 ctb=85 tag=1 hlen=3 plen=268
:pubkey enc packet: version 3, algo 1, keyid 40F9B9601900E974
	data: [2047 bits]
# off=271 ctb=d2 tag=18 hlen=2 plen=187 new-ctb
:encrypted data packet:
	length: 187
	mdc_method: 2
andrewg at serenity %


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230504/806346d2/attachment-0001.sig>

More information about the Gnupg-users mailing list