So I have a gpg key generated per the tutorial here:
https://developers.yubico.com/yubikey-ksm/Generate_KSM_Key.htmlHowever gpg does not request my passphrase when I try to generate KSM keys via:
Code:
ykksm-gen-keys --urandom 1 5 | gpg -a --encrypt -r XXXXXXXX -s > keys.txt
The output ends as follows:
Code:
gpg: cancelled by user
gpg: no default secret key: Operation cancelled
gpg: [stdin]: sign+encrypt failed: Operation cancelled
I found a possible workaround by using the following:
Code:
gpg -r XXXXXXXX--output keys.txt.gpg --encrypt keys.txt
But then the importer gives me a similar error, expecting a passphrase to unlock the secret key and it never prompting for one:
Code:
[GNUPG:] ENC_TO XXXXXXXXXXXXXXXX 1 0
[GNUPG:] USERID_HINT XXXXXXXXXXXXXXXX YK-KSM Import Key
[GNUPG:] NEED_PASSPHRASE XXXXXXXXXXXXXXXX YYYYYYYYYYYYYYYYYYY 1 0
gpg: cancelled by user
[GNUPG:] MISSING_PASSPHRASE
gpg: encrypted with 2048-bit RSA key, ID ZZZZZZZZZ, created 2017-03-19
"YK-KSM Import Key"
gpg: public key decryption failed: Operation cancelled
[GNUPG:] ERROR pkdecrypt_failed 99
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_FAILED
gpg: decryption failed: No secret key
[GNUPG:] END_DECRYPTION
encrypted to: XXXXXXXXXXXXXXXX
signed by:
Input not signed? at /usr/bin/ykksm-import line 122.
I realize this may be a specific issue with gpg2 configuration in CentOS 7, but thought someone else may have run into this issue too. Any help is greatly appreciated.
Login
FAQ
Search
