gpg: signing failed: Bad secret key
Leo Coogan
leocoogan at mailfence.com
Wed Jan 24 22:05:53 CET 2024
Here's the command run on my fedora machine:
```
> gpg -K --list-options show-unusable-subkeys
/home/lcoogan/.gnupg/pubring.kbx
--------------------------------
sec ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
uid [ultimate] Leo Coogan (Personal)
<leocoogan at existential.beauty>
uid [ultimate] Leo Coogan (Personal GPG key)
<leocoogan at mailfence.com>
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
```
and on my nixos machine:
```
> gpg -K --list-options show-unusable-subkeys
gpg: enabled compatibility flags:
gpg: using pgp trust model
/home/lcoogan/.gnupg/pubring.kbx
--------------------------------
sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
uid [ultimate] Leo Coogan (Personal)
<leocoogan at existential.beauty>
uid [ultimate] Leo Coogan (Personal GPG key)
<leocoogan at mailfence.com>
ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
```
It looks like there's only that non-functioning signing subkey. Huh. Do
I need to create a new signing subkey?
On 1/24/24 12:37, Werner Koch wrote:
> On Tue, 23 Jan 2024 12:38, Leo Coogan said:
>
>> sec# ed25519 2023-03-03 [SC] [expires: 2025-03-02]
>> C0156FFBE02B4E03F7792EB53D7F617CDE5C9A9B
>> Keygrip = 38953FFD2BD558606473A90A6EDD5B26F03FA3CB
> You don't have a signing key. Ther primary key has been taken offline
> ('#') and can thus not be used for signing.
>
>> ssb cv25519 2023-03-03 [E] [expires: 2025-03-02]
>> 143454E3276F11C51D01B35363D14EA6FDB00D9F
>> Keygrip = 02EE4AA6089E9DEF7792F548C01FFD8C05F1EC21
> The subkey is not capable of signing (by usage flags and algorithm).
>
> Did you had another signing subkey and that one expired?
> Add
>
> --list-options show-unusable-subkeys
>
> to the listing command to check.
>
>
> Salam-Shalom,
>
> Werner
>
More information about the Gnupg-users
mailing list