Re: Problems with key available in v1.4.19 but not v2.1.5
The 2.1 branch deprecates all pgp v2 keys. My guess is that your old key was one of those. See https://gnupg.org/faq/whats-new-in-2.1.html#nopgp2 for details. On Fri, Jul 17, 2015, 4:53 PM Philip Neukom pneu...@gmail.com wrote: Hello all. I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. I am stuck after searching for an answer so thought I'd ask for some guidance from the list. I have reviewed the Docs, Mini Guide and HowTos. I apologize in advance for the rather lengthy email but I figured I had to put as much info so you may see what I've tried. I moved my keys pubring.gpg, secring.pgp and trustdb.gpg to a new Mac over the past week. I downloaded and installed MacGPG for the GUI. I only installed the GPG Keychain, GPG Services and MacGPG. When I opened the GPG Keychain, all the keys were on the screen for a brief moment and then the list shrunk and many keys disappeared in addition to my personal public and secret keys. ??? So panic set in and I restored my pubring and secring from backup and deleted the install of MacGPG. I thought maybe there was a problem with MacGPG so best to go back to command line Gnupg. I installed 2.1.5 from source and found none of my keys in the pubring and secring. What??? So I downloaded and installed 1.4.19, restored the pubring and secring from backup again and found my public and secret keys are now listed. This time I generated a revoke just in case and to test the install. 1.4.19 works fine. Now I re-ran 2.1.5 and tried to find my keys. Again they've gone missing. [# gpg2 --list-keys] None of my keys (pub and sec) are available in 2.1.5. Re-running [gpg --list-keys] with 1.4.19 and my keys are still there. Why would v1.4.19 show my pub and sec keys but v2.1.5 wouldn't? I presume this is something very basic but I'm stumped. I thought v1.x and v2.x keys were interoperable?? Thanks in advance for any guidance, Philip. PS I'm on digest mode so would appreciate if you could cc me directly on any reply. Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
On 17.07.2015 19:36, Robert J. Hansen wrote: I'd suggest generating a new certificate -- after 20 years you're due for one. :) Thank you, Robert. I'll revoke the old one and create a new. I'll need to do some reading of the docs but just curious if there is there a way to move the trust rating from the old cert to the newly created one other than ask those who signed to resign? Thanks again, Philip. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
Thank you, Juan. I didn't see your helpful comments until I read the digest this morning. I appreciate everyone's help. Philip. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 18.07.15 16:11, Philip Neukom wrote: On 17.07.2015 19:36, Robert J. Hansen wrote: I'd suggest generating a new certificate -- after 20 years you're due for one. :) Thank you, Robert. I'll revoke the old one and create a new. I'll need to do some reading of the docs but just curious if there is there a way to move the trust rating from the old cert to the newly created one other than ask those who signed to resign? You can sign the new cert with your old one, but I'm not sure if that trust chain holds if you revoke your old cert. Also, more and more people will not be able to hold your old cert in their keyring when they migrate to use gpg2 modern (2.1.x). Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCgAGBQJVqmz8AAoJEDrb+m0Aoeb+uBYP/00BK6CZ7sjZ8wb/K5EuntRw 50xeM1QD5a9n4CiPmOCtOF7ty4SVK36FBygNutGOQYiY6nzf5x8mlfgaHO0kdFrR +O2KcHBGlTTYpZF5u797cNAu8UVSBqsrUxAJcn/02kpvmNay+/TikOFI7EMRH9D1 gwEkqzt6hVrsT7dYNYugnY5A8zRu1Qdhixm7dWdaAaCUvqoJqtnCpnRZvasZToTF ka5NuzabVI1/gM2jPBFA3a/C41WlGlea5SnZKhYxVgNdn7DXBes0rQx0IYurumdo Hw+1qhXmWzaJIOW+/ojhklvpexsh75t44Rtjj8yCxR6HR+78JjJAqCGlUf77yGT4 dw/FE+RvwpQFvrjm2/erpqt4qRSlbYsYYGn1y6EkS4jQKmpvkBjHOuf3vIwEYe9a fGqJ8LJVo24JzLKJs+xsBLYDHNb2cunK/EV66IPiN+1YAB/9Hz/PybxT7mxKLT+/ MViYpHle9/bCwXxPLKB6qa4MqSsS4GniCsaxZ95/7ZAUNhITSGPfdkU575mXWGmt 4LRmRo/oXXCdlkYJR1U25FLA8KnfcRYOyqfA716kvCpcwvR/sbtd40aXsddsAp1N Y+MRhhklYs5PlgE7ho4FsvuXNtZi2bo7thCV7dE/1MmRP22XVkdF6qZ492okvIuP PnlJ1PkcoW1AcqoI6uj5 =ImLA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
Pre-2.1: Public keys are in pubring.gpg and secret keys are in secring.gpg Post-2.1: Public keys are in pubring.kbx and secret keys are in the directory private-keys-v1.d[1]. Normally they should transition the Pre-2.1 keyrings to 2.1.X the first time you use it or at least use pubring.gpg. But if you wanna force-transition the public keyring, as shown in the information about GnuPG2.1[2], you should do this commands: $ cd ~/.gnupg $ gpg --export-ownertrust otrust.lst $ mv pubring.gpg publickeys $ gpg2 --import-options import-local-sigs --import publickeys $ gpg2 --import-ownertrust otrust.lst $ mv publickeys pubring.gpg Second one exports the trust database, then renames pubring.gpg to publickeys, next two ones import the trust database to GnuPG 2.1 and the public keys from the rename GnuPG pre-2.1 keyring. Last command renames it back to pubring.gpg so that it can be used by GnuPG 1.x and 2.0.x versions. As for the secret keyring, I don't know but I suppose you can always do: $ gpg --export-secret-keys | gpg2 --import As you have 1.4.19 and 2.1.5, `gpg` would be used for GnuPG 1.4.19 and `gpg2` for GnuPG 2.1.5. After you have done that, any change in either GnuPG pre-2.1 or post-2.1 keyrings won't be update into the other. [1]: https://www.gnupg.org/faq/whats-new-in-2.1.html#nosecring [2]: https://www.gnupg.org/faq/whats-new-in-2.1.html#keybox On 2015/07/17 at 21:48, Philip Neukom wrote: Hello all. I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. I am stuck after searching for an answer so thought I'd ask for some guidance from the list. I have reviewed the Docs, Mini Guide and HowTos. I apologize in advance for the rather lengthy email but I figured I had to put as much info so you may see what I've tried. I moved my keys pubring.gpg, secring.pgp and trustdb.gpg to a new Mac over the past week. I downloaded and installed MacGPG for the GUI. I only installed the GPG Keychain, GPG Services and MacGPG. When I opened the GPG Keychain, all the keys were on the screen for a brief moment and then the list shrunk and many keys disappeared in addition to my personal public and secret keys. ??? So panic set in and I restored my pubring and secring from backup and deleted the install of MacGPG. I thought maybe there was a problem with MacGPG so best to go back to command line Gnupg. I installed 2.1.5 from source and found none of my keys in the pubring and secring. What??? So I downloaded and installed 1.4.19, restored the pubring and secring from backup again and found my public and secret keys are now listed. This time I generated a revoke just in case and to test the install. 1.4.19 works fine. Now I re-ran 2.1.5 and tried to find my keys. Again they've gone missing. [# gpg2 --list-keys] None of my keys (pub and sec) are available in 2.1.5. Re-running [gpg --list-keys] with 1.4.19 and my keys are still there. Why would v1.4.19 show my pub and sec keys but v2.1.5 wouldn't? I presume this is something very basic but I'm stumped. I thought v1.x and v2.x keys were interoperable?? Thanks in advance for any guidance, Philip. PS I'm on digest mode so would appreciate if you could cc me directly on any reply. Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Juan Miguel Navarro Martínez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9BC6 B3CF signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. You're using a key generated with PGP 2, which conforms to RFC1991. This is an *old* *old* standard, and has been pretty much completely replaced by RFC4880. Older versions of GnuPG supported RFC1991. Current versions of GnuPG have much less in the way of support for RFC1991. I'd suggest generating a new certificate -- after 20 years you're due for one. :) Why would v1.4.19 show my pub and sec keys but v2.1.5 wouldn't? I presume this is something very basic but I'm stumped. I thought v1.x and v2.x keys were interoperable?? RFC4880 keys are interoperable between versions. RFC1991 keys *aren't*. RFC1991 has an unfortunate dependency on the MD5 hash algorithm, and MD5 is pretty much completely broken for cryptographic purposes. Since MD5 is broken, current versions of GnuPG refuse to process MD5 data... which means RFC1991 support is severely curtailed. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
On 17-07-2015 21:48, Philip Neukom wrote: I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. Then it's a v2 key, and unfortunately GnuPG dropped support for v2 keys. But fortunately you can install a copy of GnuPG 1.4.x alongside 2.1 to use that key. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Problems with key available in v1.4.19 but not v2.1.5
Hello all. I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. I am stuck after searching for an answer so thought I'd ask for some guidance from the list. I have reviewed the Docs, Mini Guide and HowTos. I apologize in advance for the rather lengthy email but I figured I had to put as much info so you may see what I've tried. I moved my keys pubring.gpg, secring.pgp and trustdb.gpg to a new Mac over the past week. I downloaded and installed MacGPG for the GUI. I only installed the GPG Keychain, GPG Services and MacGPG. When I opened the GPG Keychain, all the keys were on the screen for a brief moment and then the list shrunk and many keys disappeared in addition to my personal public and secret keys. ??? So panic set in and I restored my pubring and secring from backup and deleted the install of MacGPG. I thought maybe there was a problem with MacGPG so best to go back to command line Gnupg. I installed 2.1.5 from source and found none of my keys in the pubring and secring. What??? So I downloaded and installed 1.4.19, restored the pubring and secring from backup again and found my public and secret keys are now listed. This time I generated a revoke just in case and to test the install. 1.4.19 works fine. Now I re-ran 2.1.5 and tried to find my keys. Again they've gone missing. [# gpg2 --list-keys] None of my keys (pub and sec) are available in 2.1.5. Re-running [gpg --list-keys] with 1.4.19 and my keys are still there. Why would v1.4.19 show my pub and sec keys but v2.1.5 wouldn't? I presume this is something very basic but I'm stumped. I thought v1.x and v2.x keys were interoperable?? Thanks in advance for any guidance, Philip. PS I'm on digest mode so would appreciate if you could cc me directly on any reply. Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Problems with key available in v1.4.19 but not v2.1.5
PS: Of course, on the commands in the other email, cd ~/.gnupg implies that gnupg directory is in your home. If it is in another place, you'll have to use that path for the `cd` command instead. On 2015/07/17 at 21:48, Philip Neukom wrote: Hello all. I'm having some problems with my key that was created a long time ago (1994) but updated with new emails over the years. I am stuck after searching for an answer so thought I'd ask for some guidance from the list. I have reviewed the Docs, Mini Guide and HowTos. I apologize in advance for the rather lengthy email but I figured I had to put as much info so you may see what I've tried. I moved my keys pubring.gpg, secring.pgp and trustdb.gpg to a new Mac over the past week. I downloaded and installed MacGPG for the GUI. I only installed the GPG Keychain, GPG Services and MacGPG. When I opened the GPG Keychain, all the keys were on the screen for a brief moment and then the list shrunk and many keys disappeared in addition to my personal public and secret keys. ??? So panic set in and I restored my pubring and secring from backup and deleted the install of MacGPG. I thought maybe there was a problem with MacGPG so best to go back to command line Gnupg. I installed 2.1.5 from source and found none of my keys in the pubring and secring. What??? So I downloaded and installed 1.4.19, restored the pubring and secring from backup again and found my public and secret keys are now listed. This time I generated a revoke just in case and to test the install. 1.4.19 works fine. Now I re-ran 2.1.5 and tried to find my keys. Again they've gone missing. [# gpg2 --list-keys] None of my keys (pub and sec) are available in 2.1.5. Re-running [gpg --list-keys] with 1.4.19 and my keys are still there. Why would v1.4.19 show my pub and sec keys but v2.1.5 wouldn't? I presume this is something very basic but I'm stumped. I thought v1.x and v2.x keys were interoperable?? Thanks in advance for any guidance, Philip. PS I'm on digest mode so would appreciate if you could cc me directly on any reply. Thanks. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Juan Miguel Navarro Martínez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9BC6 B3CF signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users