1.4 KiB
		
	
	
	
			
		
		
	
	| layout | title | date | comments | categories | 
|---|---|---|---|---|
| post | GnuPG 2.1.2 doesn't work with caff | 2015-05-09 01:50:02 +0200 | true | 
Today I signed a GnuPG key using my air-gapped master private key,
and then tried to send the signature to the key owner from
my network-connected workstation using caff.
This failed miserably, with caff unable to find a valid signature,
and gpg --list-secret-keys missing the (stub) private key.
It turns out that I had inadvertently upgraded GnuPG on this workstation
to version 2.1.2, which has a completely revamped secret keys handling:
secret key material is now entirely handled by gpg-agent, and
the --secret-keyring command line option for gpg (which caff
depends on) is now
obsolete.
GnuPG 2.1 apparently also chokes on some legacy keys, and the work-around is to reimport the keyring manually.
caff has been fixed
to support GnuPG 2.1. However this depends on GnuPG 2.1.3 or newer,
which is not in the ports tree yet,
so for the time being I have reverted
to the "stable" 2.0 release: portmaster -o security/gnupg20 gnupg.