Problem with adding a name to a key

Ingo Klöcker kloecker at kde.org
Thu Feb 27 11:13:20 CET 2025 

When asking for help you should always start by telling us the version(s) of
the program(s) you are using, i.e. in this case of gnupg (`gpg --version`) and
of Kleopatra (in Help->About Kleopatra).

On Donnerstag, 27. Februar 2025 09:13:05 Thomas Schweikle via Gnupg-users 
wrote:
> I'm having some problem adding an uid to a key. What I am doing:
> 1. list all keys
> 2. select one of the active keys
> 3. gpg --edit-key <key-id>
> 4. adduid
>    answer the questions: name, mail6
> 5. type in keys secret
> 
> do 2 to 5 for the second key.
> 
> 6. save
> 
>  Now "gpg --list-secret-keys" lists (shortened):
> sec   ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
>       565931F52CE768F643389BABA9CA236BDBEC9779
> uid        [ ultimativ ] name <mail6>
> uid        [ ultimativ ] name <mail4>
> uid        [ ultimativ ] name <mail1>
> uid        [ ultimativ ] name <mail2>
> uid        [ ultimativ ] name <mail5>
> uid        [ ultimativ ] name <mail3>
> ssb   cv25519 2020-11-18 [E] [verfällt: 2026-12-31]
>       97F6060D825C74CA8A7E49CFA0F506A815F9DDAD
> 
> sec   ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
>       565931F52CE768F643389BABA9CA236BDBEC9779
> uid        [ ultimativ ] name <mail4>
> uid        [ ultimativ ] name <mail1>
> uid        [ ultimativ ] name <mail2>
> uid        [ ultimativ ] name <mail5>
> uid        [ ultimativ ] name <mail3>
> 
[Last "sec" listing repeated two more times]

> sec   brainpoolP512r1 2022-07-13 [SCA] [verfällt: 2026-12-31]
>       ACDFB1AF82CF084B948ECB5D27AE2304B4974851
> uid        [ ultimativ ] name <mail6>
> uid        [ ultimativ ] name <mail1>
> uid        [ ultimativ ] name <mail4>
> uid        [ ultimativ ] name <mail5>
> uid        [ ultimativ ] name <mail2>
> uid        [ ultimativ ] name <mail3>
> ssb   brainpoolP512r1 2022-07-13 [E] [verfällt: 2026-12-31]
>       0A5D749D75F3D847CEC42CFF737D00DCF417C669
> 
> sec   brainpoolP512r1 2022-07-13 [SCA] [verfällt: 2026-12-31]
>       ACDFB1AF82CF084B948ECB5D27AE2304B4974851
> uid        [ ultimativ ] name <mail1>
> uid        [ ultimativ ] name <mail4>
> uid        [ ultimativ ] name <mail5>
> uid        [ ultimativ ] name <mail2>
> uid        [ ultimativ ] name <mail3>

This looks wrong. Each key should be listed only once.

> The added "mail6" is only seen at two places. Is this ok?

I think that's okay. The other "copies" of your two keys shouldn't even exist.

> Or should it show up within every block?

The other "blocks" shouldn't be there in the first place.

> Kleopatra does not show the added "mail6" anywhere. Any ideas?

I suppose you looked in the Certificate Details. My guess is that Kleopatra
picked up the bogus copies of your keys. You could verify this by looking at
the subkeys for those keys. If only one subkey is listed then Kleopatra
didn't pick up the correct copy of your key.

> Anything I should do but forgot to do adding a new email address?

What you did looks correct, but your keyring seems to be corrupt. I would try
the following:
* Make a backup of ~/.gnupg and of everything in this folder.
* Export the first key (including the secret key) with
gpg --export-secret-keys 565931F52CE768F643389BABA9CA236BDBEC9779 
>565931F52CE768F643389BABA9CA236BDBEC9779.gpg
* Delete the first key (including the secret key). This is a destructive 
operation!
I hope you have created a backup.
gpg --delete-secret-and-public-keys FINGERPRINT_OF_YOUR_FIRST_KEY
* List your secret keys to verify that your first key (and all of its bogus
copies) has been removed from your keyring. Also list the public keys.
gpg --list-secret-keys 565931F52CE768F643389BABA9CA236BDBEC9779
and
gpg --list-keys 565931F52CE768F643389BABA9CA236BDBEC9779
should both print an error "No secret key" or "No public key".
* Import the exported key
gpg --import 565931F52CE768F643389BABA9CA236BDBEC9779.gpg
* List your secret keys. If everything worked according to my plan you should
now see only one "block" for your first key, i.e. you should see
> sec   ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
>       565931F52CE768F643389BABA9CA236BDBEC9779
> uid        [ ultimativ ] name <mail6>
> uid        [ ultimativ ] name <mail4>
> uid        [ ultimativ ] name <mail1>
> uid        [ ultimativ ] name <mail2>
> uid        [ ultimativ ] name <mail5>
> uid        [ ultimativ ] name <mail3>
> ssb   cv25519 2020-11-18 [E] [verfällt: 2026-12-31]
>       97F6060D825C74CA8A7E49CFA0F506A815F9DDAD

If this worked then repeat this for your second key.

Let me repeat: Before you start make a backup of ~/.gnupg !!!

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250227/acc6b5b7/attachment.sig>

More information about the Gnupg-users mailing list