Mailing List Archive

Subkeys export to Security Token fails: Secret key available.
Hi,
I had to reset my blocked Yubikey.
Then I started with setting up the key again; all worked fine including
"key attributes".

After this I tried to export the PGP keys to the token, however this
fails with error message:
gpg: KEYTOCARD failed: Unusable secret key

I don't understand how to fix this issue, and I don't understand what's
causing this issue.
When I execute "gpg --expert --edit-key 0x<key id> I can see this:
Secret key available.

pub rsa4096/Secret subkey is available.

pub rsa4096/<key id>
created: 2020-01-06 expires: 2021-01-05 Nutzung: C
Trust: unbekannt Validity: unbekannt
ssb rsa4096/<key id>
created: 2020-01-06 expires: 2021-01-05 Nutzung: A
Card number:0006 <card id>
ssb rsa4096/<key id>
created: 2020-01-06 expires: 2021-01-05 Nutzung: S
Card number:0006 <card id>
ssb rsa4096/<key id>
created: 2020-01-06 expires: 2021-01-05 Nutzung: E
Card number:0006 <card id>

All subkeys are marked as Stub which is correct because the keys have
been exported before.
However now the keys don't exist anymore on the keycard.

Can you please advise how to fix this issue?

THX

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subkeys export to Security Token fails: Secret key available. [ In reply to ]
On 2020-08-07 at 08:33 +0200, Thomas Schneider wrote:
> All subkeys are marked as Stub which is correct because the keys have
> been exported before.
> However now the keys don't exist anymore on the keycard.
>
> Can you please advise how to fix this issue?
>
> THX

You had some "full" keys (public+private part). Then "moved" them to the
Yubikey, so the private part was now in the yubikey, and locally you
left just a stub saying "go look at yubikey #1234 for this key".

Do you have a backup of the full, original key?


Cheers

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subkeys export to Security Token fails: Secret key available. [ In reply to ]
I have a backup of any key.

Am 8. August 2020 02:05:44 MESZ schrieb "Ángel" <angel@pgp.16bits.net>:
>On 2020-08-07 at 08:33 +0200, Thomas Schneider wrote:
>> All subkeys are marked as Stub which is correct because the keys have
>> been exported before.
>> However now the keys don't exist anymore on the keycard.
>>
>> Can you please advise how to fix this issue?
>>
>> THX
>
>You had some "full" keys (public+private part). Then "moved" them to
>the
>Yubikey, so the private part was now in the yubikey, and locally you
>left just a stub saying "go look at yubikey #1234 for this key".
>
>Do you have a backup of the full, original key?
>
>
>Cheers
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users@gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Re: Subkeys export to Security Token fails: Secret key available. [ In reply to ]
> Am 8. August 2020 02:05:44 MESZ schrieb "?ngel":
> You had some "full" keys (public+private part). Then "moved" them to the
> Yubikey, so the private part was now in the yubikey, and locally you
> left just a stub saying "go look at yubikey #1234 for this key".
>
> Do you have a backup of the full, original key?
>
>
> Cheers

On 2020-08-08 at 09:52 +0200, Thomas via Gnupg-users wrote:
> I have a backup of any key.

Then just restore the full key (either on your normal keyring or on a
temporary one, GNUPGHOME is your friend) and start again from that. It
should work that time.

Best regards

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users