cbcoutinho
commented
6 years ago I think you're trying to upload your public key - keybase wants you to upload your private key
Open davidgu opened 6 years ago
cbcoutinho
commented
6 years ago I think you're trying to upload your public key - keybase wants you to upload your private key
dabura667
commented
6 years ago keybase pgp select --no-import is what you're looking for.
davidgu
commented
6 years ago Using keybase pgp select --no-import disables keybase features that require your private key.
I solved the problem by piping the key in with keybase pgp import however it seems like something about the select function is broken for certain configurations.
ThierryIT
commented
6 years ago keybase pgp import -i "path_to-your-subkeys"
ThierryIT
commented
6 years ago On 04/04/2018 07:13, David Hagar wrote:
I can import to keybase, but it doesn't upload my private key, which seems to be a bit of an issue?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/keybase/client/issues/11054#issuecomment-378474834, or mute the thread https://github.com/notifications/unsubscribe-auth/Aed9SjFnoFP6qNndGFbKBg0EFzY2IX8Sks5tlEhvgaJpZM4S6A8u.
Why do you need your ptivate key ? There is no need of this private key. Use subkeys instead.
-- Cordialement, Thierry GPG Key: 0xF9B2FB92 e-mail : lenaigst@maelenn.org Keybase: thierryit
neverfox
commented
6 years ago I think you're trying to upload your public key
No, this is an issue arising from removing the main signing/certification key after exporting it offline and creating subkeys for day-to-day signing and encryption.
neverfox
commented
6 years ago @davidgu I think that's exactly right. pgp select doesn't seem to be able to gracefully handle the (best) practice of offlining the main key and relying purely on subkeys, whereas import can if pointed to a file created from --export-private-subkeys. In theory, select should be just sugar for import and have the same capability set.
jefftemplon
commented
6 years ago These error messages scared the heck out of me ... everything I've ever learned about key security says you never give anybody your private key. I went ahead and did it, figuring if it was bad (and I checked with some experts, who didn't really know the answer either) then I could just revoke the whole key. Suggest that some more explanation is made / other language used ... "upload your private key" sounds almost as bad as giving some "cloud mail service" your gmail credentials.
vaer-k
commented
6 years ago I'm still learning about gpg. This is what worked successfully for me:
gpg --export-secret-keys | keybase pgp import
ThierryIT
commented
6 years ago The problem is not to import our own PGP key ... But to import our PGP key with the master offline.
ghost
commented
6 years ago keybase pgp select --no-import works perfectly.
Aiosa
commented
4 years ago keybase pgp select --no-import is no longer valid command
DiagonalArg
commented
4 years ago I also have my master signing key offline. with only subkeys available to my machine running keybase. I gather keybase pgp select will allow me to sign my public subkeys into the keybase sigchain, without importing the secret keys to the local keybase keychain. (--no-import no longer needed.)
Is there a way to associate my public master signing key with my keybase identity? If I understand it properly, that would necessitate my being given a challenge text that I could take to the offline machine to sign and return to keybase.
DiagonalArg
commented
4 years ago I've posted my question/request, here: https://github.com/keybase/client/issues/23986
Attempting to use
keybase pgp selectresults in the following error message:ERROR Key MY_KEY_ID_HERE has private part stubbed - cannot import to Keybase keychain.