[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: WARNING! unknown gpg corruption

On Thu, May 09, 2002 at 10:43:50PM +0200, martin f krafft wrote:
> hi debian-folk,

> i am issuing a warning which might be purely prophylactic, but
> i figure it's better than not to mention it. it's about GPG and about
> something along the lines of keyring corruption through normal usage.
> so read this before you continue using your woody GPG to verify signed
> email!

> i don't have many details, let me explain to you what happened
> (fortunately i had my keyring backed up):

> throughout this day, i was happily signing my mail with gnupg 1.0.6-3,
> the last message i successfully signed was sent 22:16 hours GMT, which
> was about 20 minutes ago.

> when i tried to send an email about 10 minutes ago, the signing failed
> with the following errors:

>   gpg: key A8FA196E: secret key without public key - skipped
>   gpg: key 3290879A: secret key without public key - skipped
>   gpg: key 330C4A75: secret key without public key - skipped
>   gpg: no default secret key: secret key not available
>   gpg: signing failed: secret key not available

> (the three are all keys i use).

> oh my, i said, and ran to the console to check:

> fishbowl:~> gpg --list-key 330c4a75
> gpg: error reading key: public key not found
> fishbowl:~> gpg --list-keys
> fishbowl:~> gpg --list-sigs
> fishbowl:~>

> and i had at least 1000 public keys in my keyring, and at least 30
> signatures on my 330c4a75 key. they are all gone, the keyring is not
> usable anymore, neither public nor private.

Hmm, those keys aren't also available (with signatures) from the public
keyserver?  Your secret keyring is probably not corrupted; if you've
been publishing the signatures on your own key at regular intervals, you 
should be able to restore everything from wwwkeys.xx.pgp.net.

Steve Langasek
postmodern programmer

Attachment: pgphpRMuJKCW2.pgp
Description: PGP signature

Reply to: