tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/62743-empty-gpg-keychain-losing-newly-created-private-keysGPGTools: Discussion 2017-11-13T23:02:02Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/440270392017-11-13T15:10:41Z2017-11-13T15:10:43ZEmpty GPG Keychain / losing newly created private keys<div><p>Hello everyone,</p>
<p><strong>Affected tools:</strong><br>
- GPG Keychain<br>
- version: latest</p>
<p><strong>Steps leading to the problem:</strong><br>
I created a public/private key for my new email address and uploaded them to the keyserver. So far so good.</p>
<p><strong>Problem:</strong><br>
Before I attempted to export (backup) the keys, however, I tried to add a new identity to the keys and upload to keyserver again. Problem is, the upload actually failed and since that moment, GPG Keychain was empty (didn't display ANY key) - whatever I did and despite the <code>~/.gnupg</code> folder still seemed very much alright. Once that happened, I should have been smarter, leave everything as it is and write this support ticket. But seeing that the <code>~/.gnupg</code> folder still obviously contained all my private keys and believing that they are only encrypted using the passphrase, I copied them over (including most of the other files), deleted the folder and proceeded to re-install GPG Suite. To my surprise, the keys couldn't be imported again because there's apparently another encryption layer involved.</p>
<p>I attached an exerpt from <code>system.log</code> (translated to english), which I believe is related to the above error.</p>
<p><strong>Summary:</strong><br>
So, I still have the private key but it is encrypted using GPG Suite and I don't know how to decrypt it - given the circumstances above, is there a way to do it manually? I would have revoked the public key on the servers and be done with it but I need the private key to do that. Passphrase is not a problem of course :).</p>
<p><strong>What did you expect instead:</strong><br>
Well, leaving aside the failed upload (probably problems with my Wi-Fi) and my stupidity, I think I would expect GPG Keychain to keep its integrity. But first and foremost, after encountering this issue, I think that GPG Suite should definitely offer to export the private key RIGHT AFTER generating it, before doing ANYTHING else (especially uploading to keyserver), and with a stern warning.</p></div>Jiritag:gpgtools.tenderapp.com,2011-11-04:Comment/440270392017-11-13T20:07:17Z2017-11-13T20:07:18ZEmpty GPG Keychain / losing newly created private keys<div><p>Update: I finally noticed there was a revocation certificate among the copied files (thank you GPG Suite!) and thus, my issue is resolved. For more information:<br>
<a href="https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/how-to-revoke-a-key-or-user-id">https://gpgtools.tenderapp.com/kb/gpg-keychain-faq/how-to-revoke-a-...</a></p>
<p>Nevertheless, I think the expected behaviour still stands :).</p></div>Jiritag:gpgtools.tenderapp.com,2011-11-04:Comment/440270392017-11-13T23:01:19Z2017-11-13T23:01:19ZEmpty GPG Keychain / losing newly created private keys<div><p>Hi Jiri,</p>
<p>welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.</p>
<p>Glad to hear, you were able to resolve the situation already.</p>
<p>We have a ticket to add a backup mechanism for rev certs + sec/pub keys. Once that exists it would be indeed be a good idea, to add a step to the setup wizard. I connected this discussion with the existing ticket. That means, should this discussion get closed, it will be re-opened as soon as the ticket is closed. That way you'll stay in the loop and get notified as soon as we have news. Feel free to open a new discussions should you run into further problems or need assistance.</p>
<p>I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.</p>
<p>Best, steve</p></div>Steve