New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How do I indoctrinate an new user when using a pubring.kbx
file?
#184
Comments
The newest version of gpg uses a new filename and format for pubring. Sadly this breaks blackbox. Until there's a patch, please install the older gpg. The gpg2 docs say that if the old filename exists gpg2 will continue to use it, so this won't affect old repos. This change caught me off guard. |
It seems that a patch has already been merged a while ago #82 The issues being that it seems that you cannot import keybox keyrings like with the old format. I do not know what would be the way to do so. |
Another way to work around that issue would be to create manually the pubring.gpg before, then gpg2 would fallback into compatibility mode, and use this file. But it is not future proof as we don't know for how long the pubring.gpg file format will be supported by gpg |
We do know how long the old format will be supported but it's not long. From the project homepage for GPG (https://www.gnupg.org/):
|
After some playing around and a bit of reading I think I may have the right combination of commands to import new keys from Blackbox into the local keybox if using GPG 2.1+
The trick is to This mailing list email has some good insights into the different mechanisms for importing/exporting between keyrings and keyboxes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790665;msg=7 |
Please try this again. I believe this was fixed in 4bc9704 |
I ran into this today with the latest version of blackbox on Ubuntu LTS 16.04 while adding a new admin Solved the issue as follows. Importing the key (thanks @Binarytales!):
To re-encrypt the files, I had to prefix
|
over at git-secret, a RFC on "A stable and forwards compatible public key storage format" was merged recently https://github.com/sobolevn/git-secret/pull/207/files |
Ran into this and @Binarytales solutions works on macOS X with
|
A better form of the workaround is:
|
Thanks a lot for your solution |
My problem was elsewhere and it looks like the source already does this. Why is this not closed? |
I've managed to add myself to a blackbox repo that is using the old GPG using this
I am not sure if |
Yes, using GPG=gpg is fully supported. All blackbox tools use $GPG if it is set, otherwise it defaults to gpg. |
My system is using GPG2.1 which uses a new Keybox file format
pubring.kbx
.So I can't run
gpg --import keyrings/live/pubring.gpg
.And if I try
gpg --import keyrings/live/pubring.kbx
it doesn't work.Even though
gpg --homedir=keyrings/live --list-keys
shows the keys I expect.It turns out that
--import
doesn't work with thekbx
format.How are users of Blackbox dealing with this? Is there an alternative mechanism for importing keys or should I downgrade/start-over in a way that ensures the older
.gpg
file format is used?The text was updated successfully, but these errors were encountered: