Discussion:
How restore backuped /.gnupg/private-keys-v1.d
Ondřej Střeštík
2016-12-09 15:03:42 UTC
Permalink
Hello,

i have reall big problem because i accydently deleted /.gnupg, but still i have backuped /.gnupg/private-keys-v1.d so i have 4 “hashfile" name files with suffix .key
I was really scared, because i thought i lost my private keys but i read here https://www.gnupg.org/faq/whats-new-in-2.1.html
The file secring.gpg is not anymore used to store the secret keys. Merging of secret keys is now supported

So i dont have any file from /.gnupg like secring.gpg, etc. (i saw private-keys-v1.d and i thoug backup this folder is enought - yes i am moron)
- i deleted folder because i had problems with gpg configuration
- i thought i will copy private-keys-v1.d back to the ./gnupg and everything will be ok (like ssh)

Now i am i situation where i can not import “raw” keys and everytime when i try to import private key i will get message like: No valid OpenGPG data found in file.

Please can you help me how can i restore my pivate keys please? I google it around 12 hours and still nothing.

Thank you very much for yours help,
Ondrej Strestik
Werner Koch
2016-12-09 20:06:40 UTC
Permalink
i have reall big problem because i accydently deleted /.gnupg, but still i have backuped /.gnupg/private-keys-v1.d so i have 4 “hashfile" name files with suffix .key
That good. Run gpg once to create a new .gnupg directory (or create it
manually). Then copy the four files to the new private-keys-v1.d
directory and you have restored the secret key material. Now you need
to get a copy of your two (I guess) public keys. They should be on the
keyservers or you have send them to other places, get a copy and gpg
--import them. Better restart the gpg-agent (gpgconf --kill gpg-agent).
That's it.

If you can't find the public keys, there is no real damage because the
nobody sent you encrypted data or nobody else cared to verify your data.
- i thought i will copy private-keys-v1.d back to the ./gnupg and everything will be ok (like ssh)
Partly. All the secrets are restored as I explained above.
Now i am i situation where i can not import “raw” keys and everytime
when i try to import private key i will get message like: No valid
What do you mean by raw key? You are looking for files created with

gpg --export

or

gpg --export --armor

or with any other OpenPGP tool. You can implement such files with

gpg --import

Take care that they are not encrypted (some people do this) and that
they are not gzipped etc. Using the extra option -v is always a good
idea in such cases.



Shalom-Salam,

Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Ondřej Střeštík
2016-12-10 10:33:54 UTC
Permalink
Thank you very much, It worked. Word is beautiful again :-D

Ondrej
Post by Ondřej Střeštík
i have reall big problem because i accydently deleted /.gnupg, but still
i have backuped /.gnupg/private-keys-v1.d so i have 4 “hashfile" name files
with suffix .key
That good. Run gpg once to create a new .gnupg directory (or create it
manually). Then copy the four files to the new private-keys-v1.d
directory and you have restored the secret key material. Now you need
to get a copy of your two (I guess) public keys. They should be on the
keyservers or you have send them to other places, get a copy and gpg
--import them. Better restart the gpg-agent (gpgconf --kill gpg-agent).
That's it.
If you can't find the public keys, there is no real damage because the
nobody sent you encrypted data or nobody else cared to verify your data.
Post by Ondřej Střeštík
- i thought i will copy private-keys-v1.d back to the ./gnupg and
everything will be ok (like ssh)
Partly. All the secrets are restored as I explained above.
Post by Ondřej Střeštík
Now i am i situation where i can not import “raw” keys and everytime
when i try to import private key i will get message like: No valid
What do you mean by raw key? You are looking for files created with
gpg --export
or
gpg --export --armor
or with any other OpenPGP tool. You can implement such files with
gpg --import
Take care that they are not encrypted (some people do this) and that
they are not gzipped etc. Using the extra option -v is always a good
idea in such cases.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Loading...