-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encryption failed due to invalid key error. #117
Comments
Unless something has changed recently, the only thing that is requires i the public key you want to sign with has to be on the keyring. This is a - I think - I reasonable assumption, since, if you were at the KSP, your key should be on the keyring. GPG will automatically pull a private key from the secret keyring that matches the signing key you're using - assuming the public key for said public key is available. Also - I need to do a release... there's a ton of fixes on master that aren't in 2.2.3. :) |
Oh, slight correction to the above. In the default mode, since it sends a mime-encrypted email, you also need to have the public key of your encryption key on that keyring, if they are different (they aren't for most people). If you have separate subkeys for this and I can imagine a world in which you get yourself into trouble this way. The encryption step probably does not need the |
Now I'm running with version
I'm not doing anything non-trivial AFAIK, just trying to sign using an ordinary key that is both for signing and encryption. The ultimate command that's failing is:
(edit) |
ah, thanks for tracking that down. I will try to figure out how to raise this to the user! |
This error appears for every single UID:
"Encryption failed due to invalid key error. User may not have an encryption subkey or it may be expired."
Debug mode reveals that
--no-default-keyring
is passed both in the initial extraction and in the signing command:I thought that because my private key is on a different keyring than the keyring supplied as a parameter, it's being omitted from the temporary keyring and thus out of reach. So I ran:
It imported okay but that did not change anything. I also have no problems clear-signing something using the staging key that
pius
makes:gpg --no-default-keyring --keyring /tmp/pius_keyring.gpg --local-user "$my_signing_key" --clearsign "$arbitrary_file"
version
The text was updated successfully, but these errors were encountered: