AW: How to fix "ERROR key_generate 3355453" / "GENKEY' failed: IPC call has been cancelled"

Peter Lebbing peter at digitalbrains.com
Mon Sep 3 19:25:10 CEST 2018


On 03/09/18 18:56, Fiedler Roman wrote:
> With gpg1 a similar command should have verified, that the signature
> is exactly from the single public key stored in "key.pub".

This has never been a supported use of gpg, it just happened to work
because GnuPG 1.4 happened to use a bunch of exported OpenPGP
certificates as the format of its public keyring. This was an
implementation detail which enabled you to do this. Just because you can
use the rear side of a screwdriver to hammer in a small nail doesn't
mean you're meant to do carpentry that way ;-). In GnuPG, the homedir is
pretty much not part of the interface, it is internal with some
exceptions like .conf-files and being able to retrieve revocation
certificates from it. The keyring format has changed and GnuPG also
expects a lot of other different things in its homedir. So it no longer
works.

It could be that recently an option was added to check a signature by a
certificate in a file, but in general you need to import a certificate
before you can do verifications. I didn't see the new option in the few
announcements I read. Either it was discussed and not done or discussed
and implemented, can't recall.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180903/30612d8a/attachment.sig>


More information about the Gnupg-users mailing list