Open todb-r7 opened 2 years ago
Welp, this is still an issue. And now I'm increasingly convinced that long-term PGP keys are dumb to have.
Okay so I seem to have solved this, finally. I'll copy this up to the description. How to fix:
In the keybase command line, which means you've downloaded the Keybase desktop application and done all the provisioning, probably with your saved paper key.
keybase pgp list # To get the KEYBASE_PGP_ID
keybase pgp drop KEYBASE_PGP_ID
That seems to do the trick with deleting your expired key.
Next, create a new key and add it with the usual gpg
shenanigans. But look out for issue #4025, so once you create a new PGP key, you need to follow the instructions in https://github.com/keybase/keybase-issues/issues/4025#issuecomment-853933127 and delete the AEAD preferences (whatever those are).
Now you're back in the PGP business. And if you're like me, you hate yourself for it.
Keeping this issue open because this really wants to be fixed on the website side, too. You shouldn't have to go through this just to delete an expired PGP key.
Update: Solved, kinda. See below, https://github.com/keybase/keybase-issues/issues/4077#issuecomment-1104421318
Oops, I let a key expire. I thought I updated it, but I wanged it up by not updating the subkey. I was able to update the expiration (but notably, only with the keybase app, and not in-browser and not with curl | bash).
My current public key is https://keybase.io/todb/pgp_keys.asc?fingerprint=59ef1b30a8fa5a7440ebc08908b5b91dc85943fe
GPG interprets this (correctly):
But now, I don't think I can do anything private-keyish on Keybase, including "Delete Private Key":
I also can't sign messages in the web ui, I get an error,
Error: no valid primary key self-signature or key(s) have expired
.So, right now, I'm out of the private-key-on-keybase business, so kinda stuck in the worst of both worlds -- Keybase has my private key (and can trivially unexpire it and sell it to the Mafia), but I cannot use it conveniently on Keybase. :(
I imagine I'll have to reset my proofs and generate up a new keypair. What would be better would be either: