-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error with key? #5788
Comments
I'm having similar issues in #5804 when trying to log in without keybase explicitly storing my pgp private key. Also finding the documentation around the scenario very scant, which seems strange for a typical scenario (not allowing third-party server to have my private key). |
@sintrenton seems like you hit a bug. Interfacing with GPG across all platforms and across all versions of GPG and across all types of keys has proven immensely onerous for a small company like ours, but also affects very few people, since we have most of the common cases working. Something about your case isn't common but it remains to be seen what that is. @yelper can you provide a log via |
@sintrenton try this:
Maybe that might work. |
@maxtaco No, but I think I found the problem, when I got the error message. I wasn't aware of that the keybase app looks for my private key on this machine If you have any other suggestions, feel free to comment here. I'll post after testing and see how it goes. |
Well that's partially solved. I managed to log in with keybase, then got the following
I tried both options, both gave me the same reply.
Created a new log that may clarify: d9a077329ece599aae79bc1c |
Same issue here. Still not solved apparently. Is keybase dead? |
@bartmcleod fwiw, the thread in #5804 helped me get moving again. |
@yelper Which parts exactly, there is quite a lot in there. What triggers me is that I had an old command line version installed and I wouldn't even know how to uninstall it. |
I get 1002 too. Older GnuPG software (which is really the only one people should be using) sometimes produces buggy keys when extending expiry dates (something that probably nobody should ever be using). That could be the reason behind this. GnuPG versions in question are It also could have something to do with subkeys (which, again, probably nobody should ever be using). |
@akater we'd need some more info to debug it. Maybe a |
It could be that my key with extended expired date did not propagate to keybase. Or maybe I did not even reupload the extended-expiry-date key to public keyservers until today (this looks unlikely). Anyway, the message is not very specific in that it does not mention that there's a matching key with expired date:
Here, I'm not going to use subkeys in the future and believe it was my mistake to use them (or expiry dates) initially. It introduces lots of complexity while benefits are hard to evaluate and might be non-existent. |
I also created a Keybase account in the early days using my own "legacy" PGP key, and I had this problem, too, when trying to use the Keybase app. Here is what I did to fix it. The Keybase app on my Mac is now fully functional, and I have since successfully linked the iOS Keybase app on my iPhone to my Keybase account, as well. I'm not sure exactly which step(s) resolved the issue as I did them all at once, but each of them is easy enough to perform. Note that my PGP key has multiple subkeys with expirations, plus several different email addresses, to boot.
After a few seconds, the |
my log id: 0797dd5025a3145f7108781c
The site documentation gives no clue how to wrk with keys, when I try to log in through CLI, I get
ERROR Bad key found: no private key material or GPGKey
Logging in through web site works.
I see my key, ABCDEF1234567890 with "edit" next to it. Edit allows me to upload a new public key (it is updated elsewhere). FPR is unchanged. I provide my keybase passphrase.
Error: No signing key found
OK, so I don't have one, only a public key that was uploaded when I created this account long ago?
That must have worked once upon a time since I have verified myself on Twitter, Github, Bitcoin, Reddit, etc? Or do you not need to sign when verifying yourself on these?
So, how do I handle private keys on the website? Or signing keys? Or upload private keys, though I really am not too keen on that, no offense? The documentation gives no guidance whatsoever, and I find no link, no button, no menu choice that give me any clue how to proceed.
On my "personal page", I have a button "Action required":
Install Keybase (files waiting from xxxxx [unknown person])
Reset your keys & start from scratch
Edit your account/settings
I have installed the Keybase app three times now, no difference.
Start from scratch: I rather ditch keybase.io (while a good idea), and go back to clean PGP that I have used for almost 20 years.
Edit settings:
Change password: No thanks
Devices: If you install Keybase on any computers, those installs will show up here.
No device shown, restarted PC 4 times
the other three; not relevant, for the moment.
The text was updated successfully, but these errors were encountered: