[pkg-gnupg-maint] Bug#568375: Bug#568375: gnupg-agent: does not work with `git tag -s`
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Feb 23 16:22:32 UTC 2017
On Thu 2017-02-23 10:55:24 -0500, Michal Hocko <mstsxfx at gmail.com> wrote:
> On Sun, Feb 12, 2017 at 06:47:15PM -0500, Daniel Kahn Gillmor wrote:
> [...]
>> If this report is strictly about the yubikey smartcard, we should
>> reassign it to scdaemon. Does "git tag -S" work for you when you are
>> *not* using a smartcard?
>
> Well I am not using any smartcards. I just have my private keyring on an
> USB flash disk and
> ~/.gnupg/secring.gpg -> /mnt/security/.gnupg/secring.gpg
>
> but that shouldn't matter, right?
gpg 2.1 does not store or use secret keys in the same way as 1.4. In
particular, secring.gpg is no longer used, and secret key material is
stored in ~/.gnupg/private-keys-v1.d/
if you want to continue to use your USB flash disk, i recommend (when
the USB disk is inserted and mounted):
if [ -d ~/.gnupg/private-keys-v1.d ]; then
mv ~/.gnupg/private-keys-v1.d /mnt/security/.gnupg/
else
mkdir -m 0700 /mnt/security/.gnupg/private-keys-v1.d
fi
ln -s /mnt/security/.gnupg/private-keys-v1.d ~/.gnupg/private-keys-v1.d
if [ -L ~/.gnupg/secring.gpg ]; thne
rm ~/.gnupg/secring.gpg
fi
gpg --batch --import < /mnt/security/.gnupg/secring.gpg
Once this is done and you're sure you have access to the secret keys you
want, you can also delete /mnt/security/.gnupg/secring.gpg.
hope this helps,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170223/4fcbf37f/attachment.sig>
More information about the pkg-gnupg-maint
mailing list