Problem with adding a name to a key
Thomas Schweikle
tschweikle at gmail.com
Thu Feb 27 15:18:17 CET 2025
On Thu, Feb 27, 2025 at 12:29 PM Ingo Klöcker <kloecker at kde.org> wrote:
> When asking for help you should always start by telling us the version(s)
> of
> the program(s) you are using, i.e. in this case of gnupg (`gpg --version`)
> and
> of Kleopatra (in Help->About Kleopatra).
>
> On Donnerstag, 27. Februar 2025 09:13:05 Thomas Schweikle via Gnupg-users
> wrote:
> > I'm having some problem adding an uid to a key. What I am doing:
> > 1. list all keys
> > 2. select one of the active keys
> > 3. gpg --edit-key <key-id>
> > 4. adduid
> > answer the questions: name, mail6
> > 5. type in keys secret
> >
> > do 2 to 5 for the second key.
> >
> > 6. save
> >
> > Now "gpg --list-secret-keys" lists (shortened):
> > sec ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
> > 565931F52CE768F643389BABA9CA236BDBEC9779
> > uid [ ultimativ ] name <mail6>
> > uid [ ultimativ ] name <mail4>
> > uid [ ultimativ ] name <mail1>
> > uid [ ultimativ ] name <mail2>
> > uid [ ultimativ ] name <mail5>
> > uid [ ultimativ ] name <mail3>
> > ssb cv25519 2020-11-18 [E] [verfällt: 2026-12-31]
> > 97F6060D825C74CA8A7E49CFA0F506A815F9DDAD
> >
> > sec ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
> > 565931F52CE768F643389BABA9CA236BDBEC9779
> > uid [ ultimativ ] name <mail4>
> > uid [ ultimativ ] name <mail1>
> > uid [ ultimativ ] name <mail2>
> > uid [ ultimativ ] name <mail5>
> > uid [ ultimativ ] name <mail3>
> >
> [Last "sec" listing repeated two more times]
>
> > sec brainpoolP512r1 2022-07-13 [SCA] [verfällt: 2026-12-31]
> > ACDFB1AF82CF084B948ECB5D27AE2304B4974851
> > uid [ ultimativ ] name <mail6>
> > uid [ ultimativ ] name <mail1>
> > uid [ ultimativ ] name <mail4>
> > uid [ ultimativ ] name <mail5>
> > uid [ ultimativ ] name <mail2>
> > uid [ ultimativ ] name <mail3>
> > ssb brainpoolP512r1 2022-07-13 [E] [verfällt: 2026-12-31]
> > 0A5D749D75F3D847CEC42CFF737D00DCF417C669
> >
> > sec brainpoolP512r1 2022-07-13 [SCA] [verfällt: 2026-12-31]
> > ACDFB1AF82CF084B948ECB5D27AE2304B4974851
> > uid [ ultimativ ] name <mail1>
> > uid [ ultimativ ] name <mail4>
> > uid [ ultimativ ] name <mail5>
> > uid [ ultimativ ] name <mail2>
> > uid [ ultimativ ] name <mail3>
>
> This looks wrong. Each key should be listed only once.
>
> > The added "mail6" is only seen at two places. Is this ok?
>
> I think that's okay. The other "copies" of your two keys shouldn't even
> exist.
>
> > Or should it show up within every block?
>
> The other "blocks" shouldn't be there in the first place.
>
> > Kleopatra does not show the added "mail6" anywhere. Any ideas?
>
> I suppose you looked in the Certificate Details. My guess is that Kleopatra
> picked up the bogus copies of your keys. You could verify this by looking
> at
> the subkeys for those keys. If only one subkey is listed then Kleopatra
> didn't pick up the correct copy of your key.
>
> > Anything I should do but forgot to do adding a new email address?
>
> What you did looks correct, but your keyring seems to be corrupt. I would
> try
> the following:
> * Make a backup of ~/.gnupg and of everything in this folder.
> * Export the first key (including the secret key) with
> gpg --export-secret-keys 565931F52CE768F643389BABA9CA236BDBEC9779
> >565931F52CE768F643389BABA9CA236BDBEC9779.gpg
> * Delete the first key (including the secret key). This is a destructive
> operation!
> I hope you have created a backup.
> gpg --delete-secret-and-public-keys FINGERPRINT_OF_YOUR_FIRST_KEY
> * List your secret keys to verify that your first key (and all of its bogus
> copies) has been removed from your keyring. Also list the public keys.
> gpg --list-secret-keys 565931F52CE768F643389BABA9CA236BDBEC9779
> and
> gpg --list-keys 565931F52CE768F643389BABA9CA236BDBEC9779
> should both print an error "No secret key" or "No public key".
> * Import the exported key
> gpg --import 565931F52CE768F643389BABA9CA236BDBEC9779.gpg
> * List your secret keys. If everything worked according to my plan you
> should
> now see only one "block" for your first key, i.e. you should see
> > sec ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
> > 565931F52CE768F643389BABA9CA236BDBEC9779
> > uid [ ultimativ ] name <mail6>
> > uid [ ultimativ ] name <mail4>
> > uid [ ultimativ ] name <mail1>
> > uid [ ultimativ ] name <mail2>
> > uid [ ultimativ ] name <mail5>
> > uid [ ultimativ ] name <mail3>
> > ssb cv25519 2020-11-18 [E] [verfällt: 2026-12-31]
> > 97F6060D825C74CA8A7E49CFA0F506A815F9DDAD
>
This worked:
"gpg --list-secret-keys" after importing the exported keys shows:sec
ed25519 2020-11-18 [SC] [verfällt: 2026-12-31]
565931F52CE768F643389BABA9CA236BDBEC9779
uid [vollständig] name <mail6>
uid [vollständig] name <mail4>
uid [vollständig] name <mail1>
uid [vollständig] name <mail2>
uid [vollständig] name <mail5>
uid [vollständig] name <mail3>
ssb cv25519 2020-11-18 [E] [verfällt: 2026-12-31]
97F6060D825C74CA8A7E49CFA0F506A815F9DDAD
sec brainpoolP512r1 2022-07-13 [SCA] [verfällt: 2026-12-31]
ACDFB1AF82CF084B948ECB5D27AE2304B4974851
uid [ ultimativ ] name <mail6>
uid [ ultimativ ] name <mail1>
uid [ ultimativ ] name <mail4>
uid [ ultimativ ] name <mail5>
uid [ ultimativ ] name <mail2>
uid [ ultimativ ] name <mail3>
ssb brainpoolP512r1 2022-07-13 [E] [verfällt: 2026-12-31]
0A5D749D75F3D847CEC42CFF737D00DCF417C669
But now one key is only trusted "vollständig" not "ultimativ".
And since it was asked:
Kleopatra: 3.2.4 (Windows), 5.0.0b103 (Windows), 3.1.4 (Ubuntu 24.04.2)
gpg: 2.2 (Windows), 2.4 (Windows, Ubuntu 24.04.2), 2.5 (Windows, Ubuntu
24.04.2)
libcrypt: 1.11.0 (Windows,Ubuntu 24.04.2)
--
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250227/a7ee43e9/attachment-0001.html>
More information about the Gnupg-users
mailing list