[pkg-gnupg-maint] Bug#795639: assword fails with "Decryption error: Decryption failed"

Russ Allbery rra at debian.org
Sun Aug 16 00:55:43 UTC 2015 

Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:

> does this succeed with gpg2 --decrypt as well, or just gpg --decrypt?

Aha.  Here's a problem:

mithrandir:~/private/db$ gpg2 --decrypt personal
gpg: error reading keyblock: Legacy key
gpg: keydb_get_keyblock failed: Legacy key
gpg: encrypted with RSA key, ID 7CE29A76E9769486
gpg: decryption failed: No secret key

I have no idea what that means, and Google was not particularly
enlightening.

> do you see files listed when you look at the GnuPG 2.1 secret key storage:

>    ls -l ~/.gnupg/private-keys-v1.d/*.key

Yes.

> what about checking to see the date that GnuPG 2.1 did the keyring
> migration:

>    ls -l ~/.gnupg/.gpg-v21-migrated

> ?

Looks like this afernoon just when this problem started.

> Depending on the output of the above, maybe you can try importing your
> secret keyring again:

>  gpg2 --import < ~/.gnupg/secring.gpg

> (this should have been imported automatically for you upon your first
> use of gpg 2.1 after the upgrade)

I get a lot more "legacy key" errors, and this weird error that I don't
understand:

gpg: key D15D313882004173: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: keydb_get_keyblock failed: Legacy key
gpg: key D15D313882004173: failed to re-lookup public key

That key definitely has a self-signature.  It's the same key I use for
Debian.

mithrandir:~/private/db$ gpg -kv D15D313882004173
pub   4096R/D15D313882004173 2009-05-29 [expires: 2017-09-17]
uid               [ultimate] Russ Allbery <eagle at eyrie.org>
uid               [ultimate] Russ Allbery <rra at stanford.edu>
uid               [ultimate] Russ Allbery <rra at debian.org>
uid               [ revoked] Russ Allbery <eagle at windlord.stanford.edu>
uid               [ultimate] Russ Allbery <rra at cs.stanford.edu>
sub   4096R/7CE29A76E9769486 2009-05-29 [expires: 2017-09-17]
sub   2048R/7D80315C5736DE75 2010-09-17 [expires: 2016-03-20]

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

More information about the pkg-gnupg-maint mailing list