<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p style="margin-top:0;margin-bottom:0">The issue is solved by using gpg2. </p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">Didn't work with: <span>gpg (GnuPG) 1.4.20</span></p>
<p style="margin-top:0;margin-bottom:0"><span>Works with: <span>gpg (GnuPG) 2.1.11</span></span></p>
<p style="margin-top:0;margin-bottom:0"><span><span><br>
</span></span></p>
<p style="margin-top:0;margin-bottom:0"><span><span>Thanks and sorry for the spam</span></span></p>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Dima Stopel<br>
<b>Sent:</b> Thursday, May 10, 2018 9:43:07 PM<br>
<b>To:</b> gnupg-users@gnupg.org<br>
<b>Subject:</b> Setting up two identical Yubikeys - specific error </font>
<div> </div>
</div>
<meta content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none">
<!--
p
{margin-top:0;
margin-bottom:0}
-->
</style>
<div dir="ltr">
<div id="x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; font-family:Calibri,Helvetica,sans-serif">
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif">Hi all </span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif">My goal is to set up two Yubikeys (YK1 and YK2) with the same GPG keys (one to use daily and one for backup). Following this (<a href="https://gist.github.com/ageis/14adc308087859e199912b4c79c4aaa4" class="x_OWAAutoLink" id="LPlnk123196">https://gist.github.com/ageis/14adc308087859e199912b4c79c4aaa4</a>)
tutorial I created a signing key and two subkeys, one for encryption and one for authorization. </span><br>
</p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif">Keys were moved to YKs successfully and I backed up everything including stubs for both YKs. </span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif"><br>
</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-family:Arial,Helvetica,sans-serif">Stubs were exported using: </span><span style="font-family:Arial,Helvetica,sans-serif; font-size:12pt">gpg --armor --output stubs.asc --export-secret-keys <longid></span><span style="font-family:Arial,Helvetica,sans-serif"></span></p>
<div><br>
</div>
<div>Then I did the following: </div>
<div><br>
</div>
<div>1. Import public key and stubs(YK1) on another computer: gpg --import public.asc stubs1.asc</div>
<div>2. Encrypt a message with the public key: gpg -e -r <span style="font-family:Arial,Helvetica,sans-serif; font-size:16px"><longid> file.txt</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">3. Decrypt the message with: gpg -d file.txt.gpg</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">4. Being asked to insert YK1 and insert PIN</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">5. Decryption went successfully</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px"><br>
</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">Then I wanted to test YK2 and I used the same file.txt.gpg, as I used before (didn't encrypt a new one). So I did the following:</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px"><br>
</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">1. Delete private stubs: </span><span style="font-family:Arial,Helvetica,sans-serif">gpg --delete-secret-keys <longid></span></div>
<div><font face="Arial, Helvetica, sans-serif">2. Import stubs (YK2): gpg --import stubs2.asc</font></div>
<div><font face="Arial, Helvetica, sans-serif">3. <span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">Decrypt the message with: gpg -d file.txt.gpg</span></font></div>
<div><font face="Arial, Helvetica, sans-serif">4. <span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">Being asked to insert *YK2* and insert PIN</span></font></div>
<div><font face="Arial, Helvetica, sans-serif"><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px"></span>5. While I insert PIN I see the error below (I am sure the PIN is correct):</font></div>
<div><font face="Arial, Helvetica, sans-serif"><br>
</font></div>
<div><font face="Arial, Helvetica, sans-serif">
<div><span style="font-family:Consolas,Courier,monospace">$ gpg -d text.txt.gpg </span></div>
<div><br>
</div>
<div><span style="font-family:Consolas,Courier,monospace">Please enter the PIN</span></div>
<div><span style="font-family:Consolas,Courier,monospace">gpg: verify CHV2 failed: invalid passphrase</span></div>
<div><span style="font-family:Consolas,Courier,monospace">gpg: encrypted with 2048-bit RSA key, ID 701E4F69, created 2018-05-10</span></div>
<div><span style="font-family:Consolas,Courier,monospace"> "Dima Stopel <dima@stopel.org>"</span></div>
<div><span style="font-family:Consolas,Courier,monospace">gpg: public key decryption failed: invalid passphrase</span></div>
<div><span style="font-family:Consolas,Courier,monospace">gpg: decryption failed: secret key not available</span></div>
<div><br>
</div>
What am I doing wrong? </font></div>
<div><font face="Arial, Helvetica, sans-serif"><br>
</font></div>
<div><font face="Arial, Helvetica, sans-serif">Thanks<br>
</font><span style="font-family:Arial,Helvetica,sans-serif"></span><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px">
<div><br>
</div>
</span></div>
<div><span style="font-family:Arial,Helvetica,sans-serif; font-size:16px"><br>
</span></div>
<p></p>
</div>
</div>
</body>
</html>