[ale] gpg keyring backup / restore

Jeremy T. Bouse jeremy.bouse at undergrid.net
Tue Jul 21 21:25:56 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greg,

	I've not used kgpg before but I'm assuming it uses gpg under the hood.
Have you attempted to just run 'gpg -K' and see what it says? As
Brandone mentioned as well, it could be that the permissions and
ownership of the secring.gpg are messed up. Also check the ~/.gnupg
directory itself. GPG is rather particular about it's perms and
ownership for security sake.

	For me ~/.gnupg is chmod 700 and owned by my UID:GID. The
[pub,sec]ring.gpg files are chmod 600 and again owned by my UID:GID. The
trustdb.gpg is chmod 640.

Greg Freemyer wrote:
> Jeremy,
> 
> My tar file will restore and recreates the .gnupg directory as it was
> a week ago.
> 
> The problem is that kgpg does not seem to recognize the files and in
> turn shows me an empty set of keys.  ie. Somehow it seems to know to
> ignore these restored keyrings.
> 
> I'm hoping there is a way to tell kgpg to use the various keyrings I backed up.
> 
> Greg
> 
> On Tue, Jul 21, 2009 at 6:58 PM, Jeremy T.
> Bouse<jeremy.bouse at undergrid.net> wrote:
> Greg Freemyer wrote:
>>>> All,
>>>>
>>>> I have a tar backup of my .gnupg directory.
>>>>
>>>> Not sure how, but that directory seems to have become corrupt and gpg
>>>> is not showing any keys.
>>>>
>>>> I hoped (assumed) I could just restore the tar file and all would be good.
>>>>
>>>> Seems not to be true.
>>>>
>>>> Is there a work around?  In particular, I did not export my private
>>>> key and back it up as an ascii file, so ...
>>>>
>>>> Thanks
>>>> Greg
>        I'm afraid that if your existing .gnupg directory contents are corrupt
> and the tarball you created is unable to restore it sounds like you're
> GPG key is lost to the big bit bucket in the sky and you'll have to
> generate a new key. There's no way to regenerate the private key which
> is why it's so important to make a backup.
> 
> I've been told that I'm a little bit anal about my GPG key security. You
> can read my GPG key policy (http://undergrid.net/legal/gpg) if you want
> to decide for yourself.
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
>>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iF0EARECAB0FAkpmaqIWGGhrcDovL3N1YmtleXMucGdwLm5ldAAKCRCagQNPdb5V
Oe0TAKCA9WH5FlVU0d0YgnhnvPdBXoJXHgCgm7CFTNCttXT3F/TIQ41zbK9en8w=
=jtdi
-----END PGP SIGNATURE-----


More information about the Ale mailing list