thomas
/
labnotes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
labnotes/_source/_posts/2015-05-09-gnupg-2-dot-1-2-...

1.4 KiB
Raw Permalink Blame History

layout title date comments categories
post GnuPG 2.1.2 doesn't work with caff 2015-05-09 01:50:02 +0200 true

Today I signed a GnuPG key using my air-gapped master private key, and then tried to send the signature to the key owner from my network-connected workstation using caff. This failed miserably, with caff unable to find a valid signature, and gpg --list-secret-keys missing the (stub) private key.

It turns out that I had inadvertently upgraded GnuPG on this workstation to version 2.1.2, which has a completely revamped secret keys handling: secret key material is now entirely handled by gpg-agent, and the --secret-keyring command line option for gpg (which caff depends on) is now obsolete.

GnuPG 2.1 apparently also chokes on some legacy keys, and the work-around is to reimport the keyring manually.

caff has been fixed to support GnuPG 2.1. However this depends on GnuPG 2.1.3 or newer, which is not in the ports tree yet, so for the time being I have reverted to the "stable" 2.0 release: portmaster -o security/gnupg20 gnupg.