Allow me to step back to the beginning. We need to move off of our CentOS v7x platform ASAP, on which the most recent GnuPG is v2.0.22. Yes, I know that this is ancient; but, management does not want to rely on roll-our-own executables.
What I did was: 1. Zip up the .gnupg/ directory on the old system; 2. Unzip it on the new system; 3. Verify the /bin/gpg is on the new system; 4. Successfully tested decryption; and 5. Tried testing encryption. Sadly, Step 5 (encryption testing) is where the troubles began: a. gpg: DBG: Oops: keyid_from_fingerprint: no pubkey; fpr: ... b. gpg: key 0000000000000000 occurs more than once in the trustdb c. gpg: 079A71E548C19BC0: There is no assurance this key belongs to the named user d. gpg: TEST.txt: sign+encrypt failed: Unusable public key Ought we do something on the legacy (v2.0.22) host before copying to the new host? Please, HELP! We need to transition yesterday ... ~ Mike On Tue, Oct 8, 2024 at 11:18 AM Werner Koch <w...@gnupg.org> wrote: > On Fri, 4 Oct 2024 12:45, Mike Schleif said: > > > gpg (GnuPG) 2.3.3 > > > BEFORE taking your actions: > > > > -rw-r--r--. 1 root root 0 Oct 3 10:45 .gpg-v21-migrated > > Which means that you already migtated from 2.0 or 1.4 to 2.1 or later. > That is the private keys are now stored in separate file below the > > > drwx------. 2 root root 4096 Oct 3 10:45 private-keys-v1.d > > directory. > > > -rw-------. 1 root root 273017 Jul 22 15:03 pubring.gpg > > -rw-------. 1 root root 273017 Jul 22 15:03 pubring.gpg~ > > -rw-------. 1 root root 600 Oct 3 11:03 random_seed > > -rw-------. 1 root root 5726 Jul 10 2017 secring.gpg > > Take care - that secring.gpg is only used by older gpg versions. > > > NOTE: NO .kbx files. > > Right, you still use the pubring.gpg - not a real problem but no so > common. Something with the migration didn't worked out. The > pubring.gpg can't be used for gpgsm (S/MIME) and thus a pubring.kbx > should have been created during the migration. > > > [ROOT@russell ~/.gnupg ] # /bin/gpg --import < exported.gpg > > . . . > > gpg: Total number processed: 189 > > gpg: w/o user IDs: 1 > > gpg: imported: 188 > > gpg: public key of ultimately trusted key 0000000000000000 not found > > Your trustdb has an ultimately trusted PGP-2 key. gpg can't disaply the > fingerprint anymore and thus you see the zeroes. > > > gpg: marginals needed: 3 completes needed: 1 trust model: classic > > gpg: depth: 0 valid: 82 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 82u > > gpg: next trustdb check due at 2033-09-13 > > You should > > gpg --edit-key YOURKEY > > and enter "trust" to set your key back to ultimately trusted. This will > given you back the WoT. > > > gpg: key 0000000000000000 occurs more than once in the trustdb > > You have several PGP-2 keys in your trustdb. > > > Salam-Shalom, > > Werner > > -- > The pioneers of a warless world are the youth that > refuse military service. - A. Einstein > -- If ever I can be of service to you; contact me at once. I wish for you a truly extraordinary day ... -- Best Regards, Mike Schleif 612-235-6060 https://mikeschleif.net http://mdsresource.net http://www.linkedin.com/in/schleif http://facebook.com/MDSResource http://twitter.com/mikeschleif
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
