Page MenuHome GnuPG

"gpg: key generation failed: Unknown elliptic curve" from "Key-Type: default"
Open, NormalPublic


This is yet another regression reported in Debian: Creating a key using a parameter file with the key type set to "default" results in an error message "gpg: key generation failed: Unknown elliptic curve". This works for gpg22, though.

Full test script can be found at (beware, URL is not stable). It boils down to:

cat > key-batch << EOF
Key-Type: default
Subkey-Type: default
Name-Real: test case
Expire-Date: 0

gpg --batch --generate-key key-batch

Tested on current HEAD (a660e1060 aka gnupg-2.3.1-47-ga660e1060).

Changing "Key-Type" to e.g. "RSA" make the operation pass.

Event Timeline

Ha! This would have affected Kleopatra if we followed werners suggestion to use default. But in Kleo I decided that I needed to show my users what the default is so we do not use default in this case.

Setting a curve type (which shouldn't be necessary) like "Curve-Type: ed25519" doesn't help either. While this makes the check in gpg pass, the gpg-agent process re-checks the parameter set and rejects it with the same error message.

Workaround for the test in Debian: Set key type to RSA.

werner triaged this task as Normal priority.May 25 2021, 8:37 AM
werner added a subscriber: werner.

You should anyway use --quick-gen-key.