gpg throws out my secret keys after upgrade to 18.04
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnupg2 (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
I recently upgraded a server from 16.04 to 18.04 and gpg has started throwing out my secret keys. I even tried deleting the .gnupg directory and re-importing or just copying the secring from another working system, and it still throws out the secret keys.
Working system:
C:\Users\
gpg (GnuPG) 2.0.28 (Gpg4win 2.2.5)
C:\Users\
C:/Users/
-------
sec# 2048R/A70FB705 2011-12-13
uid Phillip Susi <email address hidden>
uid Phillip Susi <email address hidden>
ssb 2048R/51FEF1C9 2011-12-13
ssb 2048R/FA9EEEF9 2011-12-14
ssb 2048R/3348AAF0 2013-11-26
ssb 2048R/BDCC7F92 2013-11-26
ssb 2048R/9C8E5E51 2014-10-29
ssb 2048R/93A02CCD 2014-10-29
ssb 2048R/5CBBA516 2015-10-05
ssb 2048R/10850B71 2015-10-05
ssb 2048R/6100FE84 2017-01-06
ssb 2048R/0F60068B 2017-01-06
Broken system:
psusi@devserv:~$ gpg --version
gpg: WARNING: unsafe permissions on homedir '/home/
gpg (GnuPG) 2.2.4
psusi@devserv:~$ gpg -K
gpg: WARNING: unsafe permissions on homedir '/home/
/home/psusi/
-------
sec# rsa2048 2011-12-13 [SCA]
1B49F9339
uid [ultimate] Phillip Susi <email address hidden>
uid [ultimate] Phillip Susi <email address hidden>
what are the permissions of /home/psusi ? and /home/psusi/.gnupg ?
it is not safe if .gnupg; or the directory that contains it; are group|other writable.
new gpg uses keybox, whilst old gpg uses pub/secring.gpg. whenever new gpg was first executed against this .gnupg the old secring got auto converted to a keybox and from that point on the secrings & keybox no longer maintained in sync.
Please check .gnupg/ private- keys-v1. d/* folder and if that contains expected subkeys. If not try to use old gpg to export the subkeys; and re-import them with a new gpg, such that they migrate into the keybox structure.