Client: Cannot import my pgp key

gpg --list-keys should show the fingerprint of the keys in your keychain.
Then keybase pgp select fingerprint to import it.

Did you try that ?

keyboard ?

keybase sorry

Error GPG error: exit status 2

Sorry to hear that, it worked like a charm for me :( gpg --list-keys do show the right version of your key though ?

Try gpg -K and make sure you have the private keys on your keychain. If the key is listed with a * before it, that means “you don’t have this private key”

Hi,
My private gpg key is not in my PC. I am, as it should be, only working with subkeys ... So does it means that it is not possible to import subkeys if there is no private key ?
Thx

This isn’t a very commonly requested feature and we probably are not going to get around to implementing it. But the client is open source and we accepts PRs!

Thx for this information.

Actually on second thought his might be supported (I haven’t tried importing a secret key with offline master). The import failure might also be due to a gpg configuration failure. Check your log and see if any errors were output.

Cc @zapu who would know for sure.

I have a colleague who is using his personal key with an offline master too ...
He is under Linux ... I have asked him how did he do ...
Thx

Did you ise the fingerprint of the subkey or the fingerprint of the master key?

From subkey:

I have first revoke my keybase pgp key.
And:

C:\Users\tst\AppData\Local\Keybase>keybase pgp select 4B084B7D2345540C82E493702FA49B909E26E4B6

• ERROR GPG error: exit status 2

C:\Users\tst\AppData\Local\Keybase>keybase pgp select 4B084B7D2345540C82E493702FA49B909E26E4B6 --multi

• ERROR GPG error: exit status 2

C:\Users\tst\AppData\Local\Keybase>keybase pgp select 4B084B7D2345540C82E493702FA49B909E26E4B6 --no-import

• ERROR GPG error: exit status 2

I have forgotten to tell you that I have moved my personal subkeys to my Yubico key.
So it might be a problem ...
What I am going to do, is to create a new Keybase account with my second personal pgp key (no offline master key, no Yubico key) and try to do it ....

Thx

Working with my second pgp key.

Yeah... yubikeys and offline keys don’t play well with keybase.

@ThierryIT can you try the failing pgp select commands again and do keybase log send ?

Importing a key with offline master key should work. Yubikey was tested as well but maybe there are other bugs. Thanks in advance!

ID: 1cbcd667e9190f3586dc7b1c (without Yubikey)
ID: 1a51cd2e703b7a61e1007d1c (with Yubikey inserted)
Thx

yubikeys DO work with kb, you just need to use gpg-agent and yubikey ( I have same thing with gpg-agent -- ssh ( on fedora linux tho)

Any news ?
Thx

@linux-modder you said

yubikeys DO work with kb, you just need to use gpg-agent and yubikey ( I have same thing with gpg-agent -- ssh ( on fedora linux tho)

but I dont see any details on what exactly this means, and how we can implement this "fix" ? Details would be appreciated

-John

Just got this to work while using subkeys on Fedora 27 as described here
After following the standard steps for subkeys what you need to do is
gpg --export-secret-key --armor > secret
(also you can mount in memory and export to there if it makes you feel better)
cat secret | keybase pgp import
Enter your secret key passphrase when the prompt pops up, then you should be good to go

Heu ... Seems that you need to use your master key ...
Mine is offline and it seems to be a problem.

@ThierryIT offline as in the pure sense or a hardware token meaning offline?

If you use:

gpg edit-key {keyid} 
toggle 
gpg --export-secret-key --armor >  secret 
cat secret | keybase pgp import  

A Master key IS NOT needed.

I have followed this link: https://intelligentsysadmin.wordpress.com/2018/02/27/keybase-and-gnupg-and-yubikey-oh-my/

And it is working !!

I would like to pinpoint that keybase pgp select --no-import no longer works...

Hey @Aiosa i'll be happy to look but can you bring me up to speed on what exactly are you trying to do and the steps that fail? Thanks

Hello, well I just tried to upload my public key to keybase from PGP, while having the private parts stored on a smartcard. I was unable to import them because the private part was -obviously- missing. So I was looking for a solution because the keybase app could not see my keys. I came across this command, but it was outdated. Thus I just clarified the discussion for possible future explorers.

Finally I got keybase pgp select working after successfully issuing gpg --list-secret-keys -- it seems the keys were invisible even to PGP client so I had to replug the card. Seems keybase no longer requires a private key part to be present.
You could help me how to use the private key though. PGP can see my private keys but keybase fails with "no secret keys awailable" error. I am well aware this question is out of topic :( Thank you!

Glad you managed to get your key selected.

The way things work right now, you won't be able to use the private key, though. Keybase client is not able to communicate with the smart card to do PGP operations. What's preferred here is to use Keybase as a key directory, so people can discover your key or send you messages, but use gpg to decrypt or sign.