> gpg: decryption failed: No secret key > I tried gpg --import but still doesn't help. If the output of that shows you have no secret key for GnuPG to use, then you need to create one: ... no default secret key: No secret key gpg: [stdin]: clearsign failed: No secret key – Entitize Dec 9 '16 at 16:38 @Entitize That seems to indicate gpg doesn’t think you have any keys to use for signing. I am using a Yubikey as a smart card. In order to do things properly, the GPG key generation process needs to be performed on an air-gapped system (live CD, etc.) GPG shows that the secret key is not available, but there is a signing key … The below steps will go through the creation of the GPG keys and how to transfer them to the YubiKey. In order to re-create them, run the following command for each smart card: gpg --card-status YubiKey no … !> If you don’t have a key selected, keytocard will move the master key. 3. failed to solve with frontend xxx: rpc error: code = Unknown desc = (…) out: `exit status 2: gpg: decryption failed: No secret key` 0. To send a file securely, you encrypt it with your private key and the recipient’s public key. gpg: decryption failed: No secret key. Fixing GPG Yubikey integration on macOS Big Sur ... gpg: decryption failed: No secret key This sent me into a wild rage, and after spending far too much time trying to debug with no results, I switched tactics; remove GPGTools and install gpg myself. keytocard without a key selected to move your master key into the Signing slot of your Yubikey. You're mixing two very different encryption concepts here: Symmetrically encrypting data using a passphrase (a shared key) that both parties will need to have, and using asymmetric encryption to encrypt a (symmetric and usually … Which is entirely as expected, as the file was encrypted using firstname.lastname@example.org's public key.John will obviously need his private key in order to decrypt it. To decrypt the file, they need their private key and your public key. GPG relies on the idea of two encryption keys per person. disconnected from all networks. I was trying to implement client side encryption of files backed up to AWS S3 using Duplicity, with keys on my Yubikey Neo created on an air gapped installation.It worked with local PGP keys, but I didn’t get it to decrypt using my PGP key on the Yubikey The public key can decrypt something that was encrypted using the private key. gpg: no default secret key: No secret key. 2) Decrypting. A reader has contacted me about running into some problems when following this tutorial. I have also tried reinstalling GPG4Win, again, to no avail. Possible problems. GPG decryption without passphrase, working on local but fails on IIS and hosted environment. I am trying to add local signatures to a few of the public keys I have in my keyring, but using gpg --lsign-key fails with the message "no secret key" despite the fact that gpg --sign works. Air-Gapped Key Generation. Related. Useful commands here: help, for common commands; list to show your key, key N, to select a subkey where N is the index number of the key starting with 1, and keytocard to move the selected key to the card. gpg --decrypt to-decrypt.asc > decrypted.txt gpg: decryption failed: No secret key. Please note: printing public keys and the command gpg --card-status correctly work and print data. gpg: plain.txt: sign+encrypt failed: No secret key. gpg --import < ~/.gnupg/pubring.gpg Missing a secret key (smart card / USB token edition) Unfortunately GnuPG 2.2 doesn't migrate your smart card key stubs, when migrating from GnuPG 2.0. 2. For the record, I … In this walkthrough a live CD of Ubuntu 16.04 desktop is used. Essentially, since importing my keys onto my smartcard (YubiKey), I am able to encrypt data, but not to decrypt it again. This is the key I need to delete from the card/yubikey. Each person has a private key and a public key. I have tried deleting my public key from my keyring and reimporting it, which had no effect.