I get the following whenever I try to update my SSH keys or get my
account details with the "show" command.
( http://www.freedesktop.org/wiki/AccountMaintenance )
On Fri, 31 Aug 2007 21:21:13 +0000
> Your request to the mail gateway is malformed, or an internal
> processing error occured. The information below may help you, or the
> gateway administrator to identify the problem.
> Error: An error occured while performing the LDAP lookup
> ==> Message Error: Key not found
> Please email firstname.lastname@example.org if you have any questions.
My account was created as per bug #11487 and I checked that I attached
the correct GPG key there. I also checked that I can find my key via subkeys.pgp.net.
Does it look like my GPG key missing from fd.o or am I signing my email somehow with a different key? AFAICT I have only one key I can sign with, but I'm not that familiar with GPG.
Oh yeah, my username is 'pq'.
I have tried the "show" command using PGP MIME signature on 29th Aug, 31st Aug, 1st Sep, 5th Sep, 9th Sep, 12th Sep and 17th Sep, every time with the above described result.
Should I just ask some admin to update my SSH keys for me, or file a bug with the new set of SSH keys?
Could someone reset my GPG key to what I submitted in bug #11487?
Or should I do something?
I tried just now, and still "key not found".
Ok, the problem is on my part. I have more than the one default DSA+ElGamal key, and gpg insists on using the latest DSA key for signing messages. Daniels says I should use the ElGamal key.
Unfortunately, I cannot force gpg to use any other subkey than the latest DSA key.
Maybe I can figure out how to do that some day...
Alright, I got it working. Kind of.
I made a backup of my .gnupg/ directory. Deleted the new key pair (DSA+whatever), so that only the original DSA+ElGamal key pair is left. I call this configuration as .gnupg-old. The backed up version is .gnupg-new.
Using .gnupg-old I can send a message and it gets processed properly. To read the answer I have to use .gnupg-new, because the reply is encrypted with the new deleted subkey.
So, I send a message using one subkey (pair), and the reply is encrypted with another subkey (pair). Trying to send a message with the new subkey (pair) results in the previously mentioned "key not found".
Would it be possible for the reply to be encrypted with the *same* subkey pair as the original message?
Maybe that is a problem one magnitude bigger than my problem of getting the right subkey used in signing, which I still do not know how to do.
In gpg, I thought you could set the subkey you wanted as default using:
gpg --edit-key YOURKEY
key x (where x is the key you want)
Or have I been out the gpg game too long?
Akaik, primary is to set the default uid/identity. Not the default subkey
Seems to indicate you can use the "keyid!" syntax to choose a gpg subkey. Ie the ! is important.. though I've not been able to find any other details about it.
Perhaps you could trial a few attempts and see if you can get something working.
Bugzilla Upgrade Mass Bug Change
NEEDSINFO state was removed in Bugzilla 3.x, reopening any bugs previously listed as NEEDSINFO.
Howdy, have you had a chance to try this subkey? thingy?
I tried it now, and the exclamation mark after subkey id really makes the difference. I am able to use the right subkey for signing my "show" request, and I am able to decrypt the reply in sylpheed-claws.
I guess we can close this as not-a-bug.