On Thu 2017-02-23 10:55:24 -0500, Michal Hocko <msts...@gmail.com> wrote: > On Sun, Feb 12, 2017 at 06:47:15PM -0500, Daniel Kahn Gillmor wrote: > [...] >> If this report is strictly about the yubikey smartcard, we should >> reassign it to scdaemon. Does "git tag -S" work for you when you are >> *not* using a smartcard? > > Well I am not using any smartcards. I just have my private keyring on an > USB flash disk and > ~/.gnupg/secring.gpg -> /mnt/security/.gnupg/secring.gpg > > but that shouldn't matter, right?
gpg 2.1 does not store or use secret keys in the same way as 1.4. In
particular, secring.gpg is no longer used, and secret key material is
stored in ~/.gnupg/private-keys-v1.d/
if you want to continue to use your USB flash disk, i recommend (when
the USB disk is inserted and mounted):
if [ -d ~/.gnupg/private-keys-v1.d ]; then
mv ~/.gnupg/private-keys-v1.d /mnt/security/.gnupg/
else
mkdir -m 0700 /mnt/security/.gnupg/private-keys-v1.d
fi
ln -s /mnt/security/.gnupg/private-keys-v1.d ~/.gnupg/private-keys-v1.d
if [ -L ~/.gnupg/secring.gpg ]; thne
rm ~/.gnupg/secring.gpg
fi
gpg --batch --import < /mnt/security/.gnupg/secring.gpg
Once this is done and you're sure you have access to the secret keys you
want, you can also delete /mnt/security/.gnupg/secring.gpg.
hope this helps,
--dkg
signature.asc
Description: PGP signature
