Re: Is it possible to certify (sign) a key using a subkey?

2017-08-16 Thread Robert J. Hansen 
> Why is this behavior? I took a glance at RFC4880 and I could not find a
> requirement that only primary keys are used for certifying, although it
> is very possible that I just missed it.

Does the subkey have the certify capability on it?  If the subkey isn't
marked for certifying, it can't be used to certify.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

help with gnupg

2017-08-16 Thread Bereshka Web and Photo 
Hello, Dear Creators :) 

I will very appreciate if you can help me, because I was surfing a lot in the 
internet looking for an answer, and read tones of forums, but did not find 
solution.

So I installed gnupg 2 , command gpg didn’t work in Terminal. I was confused 
and decided to try Gnupg tools suite, I installed that and created my keys and 
passphrase. Later I knew that I should type gpg2 in Terminal to work with that. 
So I got encrypted message and I tried to decrypt it, but it just didn’t show a 
result, it said that by whom it was encrypted and to whom, that’s all. We 
decided that it might be a problem because go GPG tools suite, maybe it causes 
conflict. So I decided to deinstall GPG Tools. Before to do that I exported my 
public, private, rev certificate, then I deinstalled this software. I located 
all keys to a folder “keys” at my user root folder). Then I imported all keys 
through terminal. To check I do —list-keys and I see my imported key and my 
husband’s key that was imported as well. 


1. The problem is that I can encrypt message and send it to him and that he can 
decrypt it. But when I get encrypted message from him I can’t decrypt it. It 
does’t ask my passphrase. It asked when I had GPG Tools, but even with asked 
passpharase with GPG Tools being installed i didn’t get a decrypted message
Now I don’t have GPG Tools and when I do command gpg2 Enter and insert his 
message I get this 

gpg: public key decryption failed: No pinentry
gpg: decryption failed: No secret key


2. Then, I decided that if there is so much mess with this email, I will create 
keys with other one (ytsa...@mail.ru) , but I still get same error on the step 
of creation

gpg: public key decryption failed: No pinentry
gpg: decryption failed: No secret key


3. Also I found on one forum that file gpg-agent.conf should be edited with 
adding this line - pinentry-program /bereshka/bin/pinentry-qt
but it didn’t help



Below I pasted a piece of the process from my terminal. 


Last login: Tue Aug 15 20:37:38 on ttys000
Air-Anastasia:~ bereshka$ gpg2
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: Go ahead and type your message ...
-BEGIN PGP MESSAGE-

 

hQIMAyhHtjLbTCzXARAAhWskbltRKFWbWrPGLBueMds2exvzIRYA5lFHSKBx1sN/

tPDdBlqUdVTip9PxQJ6dImuHxQFJnakxHdXftW13lZ+ceGglSbzyaOUmojhHg9lu

vUmqzRnx5BbF1TSK8vaY4/Y0KbT9CPNRUveOMz+JvUieEqMX4VTEoSq37e7RbVo2

3VWKQD+zzFfWjVWp5A+qFxOkoP4COjxJiaHFpuGPoaKMRFQ0BWKdcALE0ycsNVbx

yq+hy/qEGxn8LqtHnV5ucqhPodwR9ubpmvjbR5ffR1GasqYwDiGmeDezNZM0+k0L

Wxbvq41CTLwIwNBFp2YcSbnsuDvKgzUMXUBNLE+L9cGoKOX0Eo/gX6KwVdHWzVJj

rxkA44qGuw5wiR3OGGEHcqE5TvQyp14lEItpF6NC1rn2ADGt5f5CHNHaenIFIRHW

rc74KcTssy5teyLvSwgAREpEiI6Yq06c3VGf80wu2vlZgvwtMIf2f3vhUNpvrQNm

l/uLYR/LoznY+6BDvgRXLkVZkNUkGh6dOMSFc3LAg7K5HiMbdLbXXVwq7VigmcsO

YBpBWtJvXUo5eOqu/AOoPryFhF6dE/TurNt8TEG8l3U5A+yyCEDb/oM0T5bbLopO

ZksjQuOinUjvmlyDHVQ1Cfs+y3wiSc+InBHniRvsRxCRNH8kA2oRyzOTG2L8cMLS

wQgB1sguX+Ip4pJTJA/pQXFWJgRxnwKqWUg08mgNKUJfsijPfYNcoFEnDJZTJf97

2XYIDhfBk3GqjY12k999NeL38IEkvtUUtfoT8vThptipKPUvKvdOk0ucK9pySN7N

g9N753S/RqyGQEEfKV8xf9OKPEVnZUBugleyFMWtrcijwuWeSdTLqRlrve8k6dG9

EWfITDgOFKsHfm4tQ57gyfzqMkr9nt7Vop2PVduxiMuqK4qFZaFi8xxSfprcHHOxrYNaeO1XVw9Zxh13HS7vzF6xowPtFvUnCUPU

V0nsbzJL6lK8pJH28rKjUmAplV5aPz49DlzWERfz/gFA4b8q3XSVFnaSTLU5Rmxt

nZXuBDRqKWYOvNM2eM4qCR4/6Jr3fD41O/G2/gnUmm/Y0JOPa/S5k1eQzwvwMrbO

w+TQ27PzsKZaUnMBXU83WM0JnyasZ/O2SSEeva/8Ta8xW4NQCHZ9PVeGP+mPKogx

cpQUHAGXhWXZz6x7DF7k70j7xLRO5+KKNCKhuz1wCIcrBkLOLaF+0nSYnwcEVs1n

TWYm6k0wqQznsf/WUJqE+7wrR4/9Nbp2oCA=

=NaOa

-END PGP MESSAGE-gpg: encrypted with 4096-bit RSA key, ID 
2847B632DB4C2CD7, created 2017-08-13
  "Anastasiia Gudkov "
gpg: public key decryption failed: No pinentry
gpg: decryption failed: No secret key
^C
gpg: signal Interrupt caught ... exiting

Air-Anastasia:~ bereshka$ gpg2 --list-keys
/Users/bereshka/.gnupg/pubring.kbx
--
pub   rsa4096 2017-08-13 [SC] [expires: 2021-08-13]
  047CFFA533E12F033800905EBC1DD3D3F8529607
uid   [ unknown] Anastasiia Gudkov 
sub   rsa4096 2017-08-13 [E] [expires: 2021-08-13]

pub   rsa2048 2017-08-03 [SC] [expires: 2022-08-03]
  E54B5F8534F9AABAE00CD4F1934B6797FB417E72
uid   [ unknown] Dmitry Gudkov 
sub   rsa2048 2017-08-03 [E] [expires: 2022-08-03]

Air-Anastasia:~ bereshka$ gpg2 --gen-key
gpg (GnuPG) 2.1.22; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: Anastasia Gudkov
Email address: ytsa...@mail.ru
You selected this USER-ID:
"Anastasia Gudkov "

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some