Open j3pic opened 4 years ago
I had similar problem that git-crypt didn't try my gpg key to unlock the repo. But the repro is slightly more complicated
Repro Have 2 git-crypt environments (prod and staging) Have 2 gpg key pairs (both yubikey)
Use gpg keychain app, check that both gpg key entries have sec/pub
Plug in my staging yubikey key ONLY
Result Looks like it ONLY attempt to unlock using my production gpg secret key as it thinks I have access to its secret key. But what I wanted is use staging gpg key to unlock
Workaround
In gpg key chain, delete secret key for production gpg key pair and ensure it shows pub
Then I can unlock the vault with staging yubikey/gpg key
My workflow:
The result:
I found the key that was generated by
git-crypt add-gpg-user
and was able to manually decrypt it withgpg --decrypt < .git-crypt/keys/default/0/FOOBAR.gpg
, where FOOBAR.gpg is the name of the file that was generated. This gave me the symmetric key that is supposed to be automatically handled by the tool.The following workaround is therefore possible: