Mailing List Archive

Re: Re: Add masterkey as subkey to new masterkey
On 4/10/21, 10:18 PM "Ángel" <angel@pgp.16bits.net> wrote:
>
> On 2021-04-10 at 04:08 +0000, Kiara Stankovic wrote:
> >
> > Adding a subkey with keygrip also doesnt work, since the new subkey
> > has a different keyid than the original key.
>
> The solution of https://security.stackexchange.com/a/160847/ should
> work fine. What do you mean with "the new subkey has a different keyid
> than the original key" ? Note you need to use the keygrip, not the
> keyid.
>
> Maybe you could provide the steps you are doing along with its output?

Kiara is right - when importing an existing key using addkey command with
--edit-key --expert options, gpg uses the current time as the key creation
time for the newly imported key, thereby changing its fingerprint/keyid.

To retain the original key-id, just get the key-creation timestamp of the
existing key from its public key packet dump using this command:
$ gpg --export | gpg --list-packet
:public sub key packet:
version 4, algo 1, created 1618147110, expires 0

Then use the following parameters with the --edit-key command when
importing this key:
--expert --faked-system-time="<timestamp>!" --ignore-time-conflict

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users