Trouble Finding GPG Key

[bmccary]

Ubuntu 18.04 appears to use an unfortunate combination of keychain and GPG versions.

1. keychain 2.8.2
2. gpg 2.2.4

Specifically, keychain could not find my GPG keys and repeatedly responded:

$ keychain --agents gpg DEADBEEF

 * keychain 2.8.2 ~ http://www.funtoo.org
 * Starting gpg-agent...
 * Warning: can't find DEADBEEF; skipping

Apparently, keychain 2.8.2 was written against a gpg version which printed stuff a little differently than gpg 2.2.4. Looking through the git blame for the part of the keychain script which looks for GPG keys, this problem appears to have been fixed around keychain 2.8.4.

To be clear: this issue applies to a historic version of keychain still in widespread use, not the current version of keychain.

A workaround to get keychain 2.8.2 and gpg 2.2.4 to play nice is to add the following line to ~/.gnupg/gpg.conf:

keyid-format LONG

In my view, the solution to this issue has two parts:

1. Please nudge Ubuntu's keychain package maintainers (if possible, I don't know how that works).
2. Please add a note somewhere on the keychain homepage about the keyid-format workaround.

At least now a google search might lead to this issue.

[ghost]

Another thing to point out: if you are using the latest version of keychain, you can specify gpg2 with --gpg2.

[virgilwashere]

Another thing to point out: if you are using the latest version of keychain, you can specify gpg2 with --gpg2.

And my gpg keygrip needed to follow directly:

--gpg2 DEADBEEF.

keychain 2.8.5

Ubuntu 18.04.1 LTS has this gpg (GnuPG) 2.2.4 package. It uses the enable-extended-key-format option in gpg-agent.conf

[dailyherold]

I'm having the same issue on my laptop, but I have the newest version of Keychain. Can't yet figure out if the problem is a bug or my config.

Ubuntu 19.04 Keychain 2.8.5 GnuPG 2.2.12

Command in my .zprofile is: keychain --eval --gpg2 BLAHBLAHBLAH --inherit any ssh_key

I've tried keyid-format LONG in my ~/.gnupg/gpg-agent.conf file (gpg.conf as well) but no luck. Found http://blog.siphos.be/2016/10/gnupg-private-key-suddenly-missing/ which seemed similar to me but turns out he was using an ID from a sub key, which I am not. Not much online that I can find about figuring this out so let me know how I can help debug further!

This is the output of my key which I'm using to grab the key ID (from pub line):

❯ gpg --keyid-format long --list-keys email@myemail.com
pub   rsa4096/BLAHBLAHBLAH 2019-07-18 [SC]
      RANDOMRANDOMRANDOMRANDOMBLAHBLAHBLAH
uid                 [ unknown] John Paul Herold <email@myemail.com>
sub   rsa2048/ABCDEFGHIJ 2019-07-18 [E] [expires: 2027-07-16]
sub   rsa2048/KLMNOPQRS 2019-07-18 [SA] [expires: 2027-07-16]```

[aleksihakli]

The Keychain documentation on Funtoo wiki now has the relevant documentation on configuring the correct key ID format on e.g. Ubuntu 18.04 LTS:

[Konfekt]

If problems getting gpg-agent to work with keychain persist, then sshstart could be a viable alternative. Edit: In my case, the cause was an unset variable $GNUPGHOME (though ~/.gnupg symlinked to it) in a cronjob.

[KaeLL]

To whom it may concert, try specifying --agents "gpg,ssh". It worked for me.

[mrl5]

hello @bmccary - if you'd like to report a bug kindly use https://bugs.funtoo.org/

you can also reach us on Discord - for more info check https://www.funtoo.org/Welcome