private subkeys are never deleted on non-master instances
Closed, InvalidPublic
Actions

Assigned To

None

Authored By

	marklundeberg
	Feb 3 2018, 3:52 AM

Description

I am interested to set up a high-security key of the type recommended by many people. Namely, to set up an offline 'master' key for certification only, and only export subkeys to my work machine. However, I noticed that there is no natural way to delete the private keys on the work machine, after they are imported. Even using '--delete-secret-and-public-key', which one presumes should nuke everything, actually leaves behind the private key without warning the user.

Steps to reproduce (I am using 2.1.15 on Ubuntu):

<generate key on offline machine>
gpg --export-secret-subkeys XXX > child.gpg

<import child.gpg on work machine>
ls -l .gnupg/private-keys-v1.d/
<observe recently created file corresponding to the subkey>
gpg --delete-secret-and-public-key XXX
ls -l .gnupg/private-keys-v1.d/
<observe that the subkey file is still there!!>

Details

Version: 2.1.15

Event Timeline

marklundeberg created this task.Feb 3 2018, 3:52 AM

2.1.15 is a pretty old version. Please help us and try to replicate this with a 2.2 version and also give a log of the --delete-secret-and-public-key and --list-secret-key commands.

• werner added projects: gnupg (gpg22), OpenPGP.Feb 6 2018, 6:30 PM

• werner triaged this task as Low priority.Feb 22 2018, 10:33 AM

• werner added a project: Info Needed.

No info received.

private subkeys are never deleted on non-master instancesClosed, InvalidPublicActions

Description

Details

Event Timeline

private subkeys are never deleted on non-master instances
Closed, InvalidPublic
Actions