![]() Can I really only have one encryption subkey? If not, do I have to keep all of the secret subkeys on every machine? Mode b (62), created 1458172973, name="",īut, of course, this is because it's now encrypting with 0690427c. Gpg: encrypted with 2048-bit RSA key, ID 0690427C, created Gpg: gpg-agent is not available in this session You need a passphrase to unlock the secret key forĢ048-bit RSA key, ID 0690427C, created (main key ID 35E40FA7) Gpg: no secret subkey for public subkey 5A8F548A - ignoring Gpg: no secret subkey for public subkey AEE9FB5F - ignoring :pubkey enc packet: version 3, algo 1, keyid 60A3F13E0690427C Gpg: RSA/AES256 encrypted for: "0690427C keybase.io/jeremytwfortune " Gpg: using subkey 0690427C instead of primary key 35E40FA7 When I revoke the newer encryption keys, everything works as expected. Gpg: decryption failed: secret key not available Gpg: encrypted with 2112-bit RSA key, ID 9B5BAC36, created :pubkey enc packet: version 3, algo 1, keyid 743409AA9B5BAC36 Gpg: RSA/AES256 encrypted for: "9B5BAC36 keybase.io/jeremytwfortune " Gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model Gpg: 1 keys processed (0 validity counts cleared) Gpg: key 35E40FA7: accepted as trusted key Gpg: using subkey 9B5BAC36 instead of primary key 35E40FA7 $ echo -e "\nAn encrypted message." | gpg -vver 35e40fa7 | gpg -vvd This would seem fine since it's a subkey, but when decrypting, gpg is still only looking for exactly that private key. ![]() ![]() When I encrypt a message to myself, the newest encryption key (9b5bac36) is used. I have multiple subkeys for signing and encryption.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |