Mailing List Archive

gpg: There is no assurance this key belongs to the named user
Hello,

I wanted to insert a new password into my password store, but I can't do
so anymore. It says:

$ pass insert -m web/test3
Enter contents of web/test3 and press Ctrl+D when finished:

gpg: 61F1ECB625C9A6C3: There is no assurance this key belongs to the named user
gpg: [stdin]: encryption failed: Unusable public key
Password encryption aborted.

I can decrypt fine anything in the password store:

$ gpg2 -d ~/.password-store/web/test2.gpg
gpg: encrypted with 4096-bit RSA key, ID 61F1ECB625C9A6C3, created 2017-05-14
"Matthias Apitz (GnuPG CCID) <guru@unixarea.de>"
4711
0815

but encryption seems to be the problem:

$ gpg2 -ea -r "Matthias Apitz (GnuPG CCID) <guru@unixarea.de>" file
gpg: 61F1ECB625C9A6C3: There is no assurance this key belongs to the named user

sub rsa4096/61F1ECB625C9A6C3 2017-05-14 Matthias Apitz (GnuPG CCID) <guru@unixarea.de>
Primary key fingerprint: 5E69 FBAC 1618 562C B3CB FBC1 47CC F7E4 76FE 9D11
Subkey fingerprint: EB62 00DA 13A1 9E80 679B 1A13 61F1 ECB6 25C9 A6C3

It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N)

What might be the problem in my $GNUPGHOME:

$ ls -l $GNUPGHOME
total 456
srwx------ 1 guru wheel 0 Oct 21 18:16 S.gpg-agent
srwx------ 1 guru wheel 0 Oct 21 18:16 S.gpg-agent.browser
srwx------ 1 guru wheel 0 Oct 21 18:16 S.gpg-agent.extra
srwx------ 1 guru wheel 0 Oct 21 18:16 S.gpg-agent.ssh
srwx------ 1 guru wheel 0 Oct 21 18:16 S.scdaemon
drwx------ 2 guru wheel 1024 Sep 21 10:08 crls.d
-rw------- 1 guru wheel 2649 May 12 2017 dirmngr.conf
-rw-r--r-- 1 guru wheel 95 Jan 1 2019 gpg-agent.conf
-rw------- 1 guru wheel 5191 May 12 2017 gpg.conf
drwx------ 2 guru wheel 512 May 14 2017 openpgp-revocs.d
drwx------ 2 guru wheel 512 May 14 2017 private-keys-v1.d
-rw------- 1 guru wheel 38835 Oct 11 14:02 pubring.gpg
-rw------- 1 guru wheel 38835 Oct 11 14:02 pubring.gpg~
-rw------- 1 guru wheel 159155 Sep 30 16:46 pubring.kbx
-rw------- 1 guru wheel 157316 Sep 21 10:07 pubring.kbx~
-rw------- 1 guru wheel 600 Oct 5 16:57 random_seed
-rw-r--r-- 1 guru wheel 7 Oct 21 19:01 reader_0.status
-rwxr-xr-x 1 guru wheel 3386 Mar 15 2018 scd-event
-rw-r--r-- 1 guru wheel 123 Jan 5 2019 scdaemon.conf
-rw-r--r-- 1 guru wheel 141 Mar 13 2018 scdaemon.conf.away
-rw------- 1 guru wheel 0 Dec 28 2017 secring.gpg
-r-------- 1 guru wheel 1865 May 14 2017 sk_61F1ECB625C9A6C3.gpg
-rw-r----- 1 guru wheel 676 May 15 2017 sshcontrol
-rw------- 1 guru wheel 1280 Oct 11 14:02 trustdb.gpg
-rw-r----- 1 guru wheel 1900 Jul 22 21:52 trustlist.txt

I have enough older backups of this part of my $HOME, but would like to
understand what is missing or damaged, and how it happened, and how to
fix it.

Thanks

matthias


--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

3. Oktober! Wir gratulieren! Der Berliner Fernsehturm wird 50
aus: https://www.jungewelt.de/2019/10-02/index.php
Re: gpg: There is no assurance this key belongs to the named user [ In reply to ]
El día lunes, octubre 21, 2019 a las 07:32:48p. m. +0200, Matthias Apitz escribió:

>
> Hello,
>
> I wanted to insert a new password into my password store, but I can't do
> so anymore. It says:
>
> $ pass insert -m web/test3
> Enter contents of web/test3 and press Ctrl+D when finished:
>
> gpg: 61F1ECB625C9A6C3: There is no assurance this key belongs to the named user
> gpg: [stdin]: encryption failed: Unusable public key
> Password encryption aborted.

The culprit was this file:

$ ls -l ~/.gnupg-ccid/trustdb*
-rw------- 1 guru wheel 1280 23 may. 2017 /home/guru/.gnupg-ccid/trustdb.gpg
-rw------- 1 guru wheel 1280 11 oct. 14:02 /home/guru/.gnupg-ccid/trustdb.gpg.20191011

after renaming it and restoring the previous version (not modified for
ages) of trustdb.gpg all is fine again. What caused the change on
October 11 remains unclear so far.

matthias


--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

3. Oktober! Wir gratulieren! Der Berliner Fernsehturm wird 50
aus: https://www.jungewelt.de/2019/10-02/index.php

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg: There is no assurance this key belongs to the named user [ In reply to ]
El día lunes, octubre 21, 2019 a las 08:38:04p. m. +0200, Matthias Apitz escribió:

> El día lunes, octubre 21, 2019 a las 07:32:48p. m. +0200, Matthias Apitz escribió:
>
> >
> > Hello,
> >
> > I wanted to insert a new password into my password store, but I can't do
> > so anymore. It says:
> >
> > $ pass insert -m web/test3
> > Enter contents of web/test3 and press Ctrl+D when finished:
> >
> > gpg: 61F1ECB625C9A6C3: There is no assurance this key belongs to the named user
> > gpg: [stdin]: encryption failed: Unusable public key
> > Password encryption aborted.
>
> The culprit was this file:
>
> $ ls -l ~/.gnupg-ccid/trustdb*
> -rw------- 1 guru wheel 1280 23 may. 2017 /home/guru/.gnupg-ccid/trustdb.gpg
> -rw------- 1 guru wheel 1280 11 oct. 14:02 /home/guru/.gnupg-ccid/trustdb.gpg.20191011
>
> after renaming it and restoring the previous version (not modified for
> ages) of trustdb.gpg all is fine again. What caused the change on
> October 11 remains unclear so far.

I exported both files which gives the same export:

$ ls -l trustdb.gp*
-rw------- 1 guru wheel 1280 23 may. 2017 trustdb.gpg
-rw------- 1 guru wheel 1280 11 oct. 14:02 trustdb.gpg.20191011
$ diff trustdb.gp*
Binary files trustdb.gpg and trustdb.gpg.20191011 differ
$ gpg2 --trustdb-name trustdb.gpg.20191011 --export-ownertrust
# List of assigned trustvalues, created Tue Oct 22 20:14:22 2019 CEST
# (Use "gpg --import-ownertrust" to restore them)
5E69FBAC1618562CB3CBFBC147CCF7E476FE9D11:6:

$ gpg2 --export-ownertrust
# List of assigned trustvalues, created Tue Oct 22 20:14:27 2019 CEST
# (Use "gpg --import-ownertrust" to restore them)
5E69FBAC1618562CB3CBFBC147CCF7E476FE9D11:6:

What does this mean? Why gpg2 was unwilling to use the file
trustdb.gpg.20191011?

matthias

--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

3. Oktober! Wir gratulieren! Der Berliner Fernsehturm wird 50
aus: https://www.jungewelt.de/2019/10-02/index.php
Re: gpg: There is no assurance this key belongs to the named user [ In reply to ]
El día martes, octubre 22, 2019 a las 08:18:36p. m. +0200, Matthias Apitz escribió:

> El día lunes, octubre 21, 2019 a las 08:38:04p. m. +0200, Matthias Apitz escribió:
>
> > El día lunes, octubre 21, 2019 a las 07:32:48p. m. +0200, Matthias Apitz escribió:
> >
> > >
> > > Hello,
> > >
> > > I wanted to insert a new password into my password store, but I can't do
> > > so anymore. It says:
> > >
> > > $ pass insert -m web/test3
> > > Enter contents of web/test3 and press Ctrl+D when finished:
> > >
> > > gpg: 61F1ECB625C9A6C3: There is no assurance this key belongs to the named user
> > > gpg: [stdin]: encryption failed: Unusable public key
> > > Password encryption aborted.
> >
> > The culprit was this file:
> >
> > $ ls -l ~/.gnupg-ccid/trustdb*
> > -rw------- 1 guru wheel 1280 23 may. 2017 /home/guru/.gnupg-ccid/trustdb.gpg
> > -rw------- 1 guru wheel 1280 11 oct. 14:02 /home/guru/.gnupg-ccid/trustdb.gpg.20191011
> >
> > after renaming it and restoring the previous version (not modified for
> > ages) of trustdb.gpg all is fine again. What caused the change on
> > October 11 remains unclear so far.
>
> I exported both files which gives the same export:
>
> $ ls -l trustdb.gp*
> -rw------- 1 guru wheel 1280 23 may. 2017 trustdb.gpg
> -rw------- 1 guru wheel 1280 11 oct. 14:02 trustdb.gpg.20191011
> $ diff trustdb.gp*
> Binary files trustdb.gpg and trustdb.gpg.20191011 differ
> $ gpg2 --trustdb-name trustdb.gpg.20191011 --export-ownertrust
> # List of assigned trustvalues, created Tue Oct 22 20:14:22 2019 CEST
> # (Use "gpg --import-ownertrust" to restore them)
> 5E69FBAC1618562CB3CBFBC147CCF7E476FE9D11:6:
>
> $ gpg2 --export-ownertrust
> # List of assigned trustvalues, created Tue Oct 22 20:14:27 2019 CEST
> # (Use "gpg --import-ownertrust" to restore them)
> 5E69FBAC1618562CB3CBFBC147CCF7E476FE9D11:6:
>
> What does this mean? Why gpg2 was unwilling to use the file
> trustdb.gpg.20191011?

Is this a FAQ or otherwise stupid question, or what's the reason that
nobody wants to give me some hint about this? Thanks

matthias


--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users