weird gpg error

bluethundr · 02-07-2014, 10:40 PM

Hey all,

I run a mac at home and wanted to be able to access my gpg keypair from a remtote Linux host (centos 6.5). So apparently I made a mistake by rsync'ing my .gnupg directory from my home on the mac to the remote host.

Because even tho I can list keys on the remote host:

Code:

[root@monitor:~/creds/scalr] #gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   1024D/F186197B 2010-11-30
uid                  Tim Dunphy <bluethundr@somewhere.com>
uid                  Tim Dunphy <bluethundr@somewhere.com>
uid                  Tim Dunphy <tdunphy@somewhere.com>
uid                  Tim Dunphy (MLB Work e-mail) <tim.dunphy@somewhere.com>
sub   2048g/B712B288 2010-11-30

pub   2048R/C059E8CD 2010-11-30 [revoked: 2012-12-27]
uid                  Tim Dunphy <bluethundr@somewhere.com>

pub   4096R/4BD6EC30 2010-07-10 [expired: 2012-07-09]
uid                  Puppet Labs Release Key (Puppet Labs Release Key) <info@puppetlabs.com>

pub   4096R/6F60D626 2012-12-27 [revoked: 2012-12-27]
uid                  Tim Dunphy <bluethundr@somewhere.com>

I cannot decrypt or encrypt messages. When I try to decrypt this is the error I get:

Code:

[root@monitor:~/creds/scalr] #gpg -d scalr-creds.asc

You need a passphrase to unlock the secret key for
user: "Tim Dunphy <bluethundr@somewhere.com>"
2048-bit ELG key, ID B712B288, created 2010-11-30 (main key ID F186197B)

can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory
gpg-agent[16157]: can't connect server: `ERR 67109133 can't exec `/usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac': No such file or directory'
gpg-agent[16157]: can't connect to the PIN entry module: IPC connect call failed
gpg-agent[16157]: command get_passphrase failed: No pinentry
gpg: problem with the agent: No pinentry
gpg: encrypted with 2048-bit ELG key, ID B712B288, created 2010-11-30
      "Tim Dunphy <bluethundr@somewhere.com>"
gpg: public key decryption failed: General error
gpg: decryption failed: No secret key

As you can see, the error is referring to a Macintosh directory. Which must have something to do with the fact that the keypair I was trying to use was generated on a mac.

I've even tried starting fresh on that host by rm -rf'ing the .gnupg directory in my home directory. But it's no luck even after I create a fresh keypair. I get the same message when I try to encrypt or decrypt.

Here are listings of my .gnupg directory in case this might shed any clues as to why this is happening:

Code:

[root@monitor:~/creds/scalr] #ls -ld ~/.gnupg
drwxr-xr-x 3 root root 4096 Feb  7 23:30 /root/.gnupg


[root@monitor:~/creds/scalr] #ls -l ~/.gnupg/
total 52
-rw-r--r-- 1 root root  107 Feb  2 11:59 gpg-agent.conf
-rw-r--r-- 1 root root 9087 Feb  2 11:59 gpg.conf
drwxr-xr-x 2 root root 4096 Feb  2 11:59 private-keys-v1.d
-rw-r--r-- 1 root root 8260 Feb  2 11:59 pubring.gpg
-rw-r--r-- 1 root root  600 Feb  2 11:59 random_seed
-rw-r--r-- 1 root root 9355 Feb  2 11:59 secring.gpg
-rw-r--r-- 1 root root 1480 Feb  2 12:00 trustdb.gpg

Any help here would be _definitely_ appreciated.

Thanks!

anomie · 02-10-2014, 01:04 PM

Question: is an acceptable solution for you to export the keys / ownertrust from your Mac to the Linux server?

If so, on the Mac:

Code:

$ gpg --export > key.here
$ gpg --export-secret-keys > secret-key.here
$ gpg --export-ownertrust > trust-db.here

Transfer the files to the Linux server.

Then, on the Linux server (after taking a backup, if needed, and then removing the ~/.gnupg directory):

Code:

$ gpg --import key.here
$ gpg --import secret-key.here
$ gpg --import-ownertrust trust-db.here