[pkg-gnupg-maint] Bug#806531: gnupg2: old DSA 1024 key is not useable
Sandro Knauß
bugs at sandroknauss.de
Sat Nov 28 14:56:05 UTC 2015
Package: gnupg2
Version: 2.1.9-1
Severity: important
Hey,
I have an old DSA 2014 key and used that key a lot, so I have a lot of mails encrypted with that key, at least I want to read my old mails. Btw. the key is also available at sks-keyservers.net.
I attached some output of gpg(2) --list-(secret-)keys. The failing part is gpg2 --list-secret-keys.
Also decrypt/encrypt a file on the cmdline with that key without any positive outcome. I can use other keys that are RSA 4096.
The migration from 1->2 was made:
* I stopped gpg-agent
* copied the keys from an old location
* start gpg-agent again.
I tried also to manually reimport the secrect key again but that didn't fixed it.
Reagrds,
sandro
--
% hkt export-pubkeys '3D4D B440 897F 43A0 F911 7884 858C 390F 7703 B4E4' | hokey lint
[...]
Key has potential validity: good
Key has fingerprint: 3D4D B440 897F 43A0 F911 7884 858C 390F 7703 B4E4
Checking to see if key is OpenPGPv4: V4
Checking to see if key is RSA or DSA (>= 2048-bit): DSA 1024
Checking user-ID- and user-attribute-related items:
Sandro Knauß <mail at sandroknauss.de>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA1,SHA256,RIPEMD160]
Key expiration times:
[10y5m26d85509s = Wed Nov 16 22:30:58 UTC 2016]
Key usage flags:
[ sign-data key
, certify-keys key ]
Sandro Knauß <sandro.knauss at uni-goettingen.de>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA1,SHA256,RIPEMD160]
Key expiration times:
[10y5m26d85509s = Wed Nov 16 22:30:58 UTC 2016]
Key usage flags:
[ sign-data key
, certify-keys key ]
Sandro Knauss (university) <sandro.knauss at uni-bremen.de>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA1,RIPEMD160]
Key expiration times:
[10y5m26d85509s = Wed Nov 16 22:30:58 UTC 2016]
Key usage flags:
[ sign-data key
, certify-keys key ]
Sandro Knauß <mail at sandroknauss.de>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA512,SHA384,SHA256,SHA224]
Key expiration times:
[10y5m26d85509s = Wed Nov 16 22:30:58 UTC 2016]
Key usage flags:
[ sign-data key
, certify-keys key ]
<uat:[jpeg:6984:c88f956eff4a]>:
Self-sig hash algorithms: [SHA512]
Preferred hash algorithms:
[SHA1,SHA256,RIPEMD160]
Key expiration times:
[10y5m26d85509s = Wed Nov 16 22:30:58 UTC 2016]
Key usage flags:
[ sign-data key
, certify-keys key ]
gnupg1:
% LANG=C gpg --list-keys --fingerprint 0x7703b4e4
pub 1024D/7703B4E4 2006-05-22 [expires: 2016-11-16]
Key fingerprint = 3D4D B440 897F 43A0 F911 7884 858C 390F 7703 B4E4
uid Sandro Knauß <mail at sandroknauss.de>
uid Sandro Knauß <mail at sandroknauss.de>
uid [jpeg image of size 6984]
uid Sandro Knau\xdf\x20<mail at sandroknauss.de>
uid Sandro Knauß <sandro.knauss at uni-goettingen.de>
uid Sandro Knau\xdf\x20<sandro.knauss at stud.uni-goettingen.de>
uid Sandro Knauss (university) <sandro.knauss at uni-bremen.de>
sub 4096g/8177A399 2014-11-17 [expires: 2016-11-16]
% LANG=C gpg --list-secret-keys --fingerprint 0x7703b4e4
sec 1024D/7703B4E4 2006-05-22 [expires: 2016-11-16]
Key fingerprint = 3D4D B440 897F 43A0 F911 7884 858C 390F 7703 B4E4
uid Sandro Knauß <mail at sandroknauss.de>
uid Sandro Knauß <mail at sandroknauss.de>
uid [jpeg image of size 6984]
uid Sandro Knau\xdf\x20<mail at sandroknauss.de>
uid Sandro Knauß <sandro.knauss at uni-goettingen.de>
uid Sandro Knau\xdf\x20<sandro.knauss at stud.uni-goettingen.de>
uid Sandro Knauss (university) <sandro.knauss at uni-bremen.de>
ssb 2048g/32E11209 2006-05-22 [expires: 2010-12-30]
ssb 4096g/FA67CC17 2010-12-26 [expires: 2011-12-26]
ssb 4096g/5D1C1EDA 2011-11-30 [expires: 2012-11-29]
ssb 4096g/6F650D51 2012-11-21 [expires: 2013-11-21]
ssb 4096g/74E1B06B 2013-11-19 [expires: 2014-11-19]
ssb 4096g/8177A399 2014-11-17 [expires: 2016-11-16]
and gnupg2:
% LANG=C gpg2 --list-keys --fingerprint 0x7703b4e4
gpg: keyserver option 'no-try-dns-srv' is unknown
pub dsa1024/7703B4E4 2006-05-22 [expires: 2016-11-16]
Key fingerprint = 3D4D B440 897F 43A0 F911 7884 858C 390F 7703 B4E4
uid [ultimate] Sandro Knauß <mail at sandroknauss.de>
uid [ultimate] Sandro Knauß <mail at sandroknauss.de>
uid [ultimate] [jpeg image of size 6984]
uid [ultimate] Sandro Knau\xdf\x20<mail at sandroknauss.de>
uid [ultimate] Sandro Knauß <sandro.knauss at uni-goettingen.de>
uid [ultimate] Sandro Knau\xdf\x20<sandro.knauss at stud.uni-goettingen.de>
uid [ultimate] Sandro Knauss (university) <sandro.knauss at uni-bremen.de>
sub elg4096/8177A399 2014-11-17 [expires: 2016-11-16]
% LANG=C gpg2 --list-secret-keys --fingerprint 0x7703b4e4
gpg: keyserver option 'no-try-dns-srv' is unknown
gpg: error reading key: No secret key
-- System Information:
Debian Release: stretch/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnupg2 depends on:
ii dpkg 1.18.3
ii gnupg-agent 2.1.9-1
ii install-info 6.0.0.dfsg.1-3
ii libassuan0 2.4.0-1
ii libbz2-1.0 1.0.6-8
ii libc6 2.19-22
ii libgcrypt20 1.6.4-3
ii libgpg-error0 1.20-1
ii libksba8 1.3.3-1
ii libreadline6 6.3-8+b3
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages gnupg2 recommends:
ii dirmngr 2.1.9-1
Versions of packages gnupg2 suggests:
pn gnupg-doc <none>
ii parcimonie 0.9-3
pn xloadimage <none>
-- no debconf information
More information about the pkg-gnupg-maint
mailing list