git-annex/doc/bugs/GPG_subkeys.mdwn
2017-11-17 17:49:16 +00:00

30 lines
1.9 KiB
Markdown

### Please describe the problem.
Despite the very fast, much appreciated, and excellent response to my initial question [here](http://git-annex.branchable.com/encryption/#comment-cb9c20121e570f80fcd799c1619ced69), I still can't get encryption working with subkeys.
I have a few different machines, each with its own subkey and each configured with the master key stripped out. I'm hoping to be able to encrypt and decrypt from the same special remotes with each of them.
The issue is that git-annex consistently tries to encrypt with the master key, which is not available, and so encryption and the `initremote` fail.
I'm submitting a bug report but I should say that I'm not sure this is the intended (or documented) way to use GPG subkeys and it may not be a git-annex concern. The [Debian Wiki](https://wiki.debian.org/Subkeys) does say that it won't work but the [password store](https://lists.zx2c4.com/pipermail/password-store/2014-September/001131.html) project has implemented it.
Side note: this is not working in gcrypt either.
### What steps will reproduce the problem?
I've tried the following in a few different combinations, with both short and long KEYIDs, and with or without the appended '!' that's supposed to tell gpg which key to use for encryption:
`git annex initremote cloud type=S3 encryption=hybrid keyid=EFEFEFE host=storage.googleapis.com port=80`
In each case I get the same error:
`gpg: decryption failed: No secret key`
`git-annex: user error (/usr/local/bin/gpg ["--quiet","--trust-model","always","--decrypt"] exited 2)`
`failed`
### What version of git-annex are you using? On what operating system?
`git-annex version: 6.20171109`
OS X 10.10.5
### Please provide any additional information below.
### Have you had any luck using git-annex before? (Sometimes we get tired of reading bug reports all day and a lil' positive end note does wonders)
I love git annex. Thank you for your work on it.