Where does enigmail store the keys?
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
Thunderbird 68.1.1 did not update enigmail automatically with the update of version 60.x to 68.x. I had to update enigmail to version 2.1.2 via Add-ons > update from file.
My keys from the old enigmail version were NOT taken over.
Where does enigmail store the keys so I can import them.
Thanks for help
ibinado
(Translated from German with "DeepL")
Hi Johann, Enigmail does NOT store any keys not does it perform crypto operations. Enigmail is merely the glue between Thunderbird and GnuPG. So, if you didn't change anything to GnuPG, your keys are still there (but maybe inaccessible due to errors).AddOns are updated automatically, but to reasons unknown to me, it took up to three TB starts to update all AddOns on my machines. Do you have a working Enigmail again now? In your same (Windows, MacOS or Linux) profile? (Please state on what OS your are so one can guide you better.) Only your keys "gone"? Or other TB settings missing also? Olav
Hello Olav,
Thanks for the post.
— I have W10 Pro 1903
— Enigmail is running; settings are basic settings, but correspond approximately to my old
settings.
— Enigmail lacks my keys, which would be importable if I only knew where they are (in gpg4win).
— the TB settings have all been applied as usual. Everything fits there.
Johann
(Translated from German with "DeepL")
Gnupg stores the keys in %appdata%\GnuPG
Is gpg4win updated to the latest version? You sticked to standard install parameter w/o changing paths in gpg4win, GnuPG cpg.conf or Enigmail, did you?!
Open a CMD prompt, do a "gpg --list-keys". If keys are present there but not in Enigmail key manager, enable expert mode in enigmail, go to TB menu, EM, Debugging, and check the first lines for errors/warnings.
@Olav
Yes GnuPG and gpg4win actual, no path is alternated, but %appdata%\GnuPG\private-keys-v1.d is empty.
enigmail > Manage keyshas 5 entries:
– Andre Heinecke (Release Signing Key)
– David Shaw (GnuPG Release Signing Key)
– NIBE Yukata (GnuPG Release Key) gniibe@fsij.org
– Werner Koch (dist sig)
– Werner Koch (Release Signing Key)
I will probably use my revocation keys and then have to generate new keys.
Enigmail never directly modifies anything in %appdata%\GnuPG, always through GnuPG. And in definitely does not delete keys without user request. Either your keys still reside in %appdata%\GnuPG/secring.gpg (a GnuPG 1.4 -> 2.x Migration issue) or something else was fiddling with your Keys. This is definitely not caused by Enigmail. Did you try gpg --list-keys? Is there an old GnuPG 1.4 on your system? What files exist in %appdata%\GnuPG? Did you change your WINDOWS user name/account since Enigmail worked fine WITH your keys? Is there a Windows UPGRADE profile backup?
Hi,
- %appdata%\GnuPG/secring.gpg is not available
- gpg --list-keys ONLY lists the 5 keys mentioned:
Andre Heinecke, David Shaw, NIBE Yukata, Werner Koch,
Werner Koch
- an old GnuPG 1.4 is not available to my knowledge
- in %appdata%\GnuPG I find the following content:
-> private-keys-v1.d (folder = empty)
-> gpg-agent.conf
-> pubring.kb_
-> pubring.kbx
-> pubring.kbx.lock
-> random_seed
-> S.gpg-agent
-> trustdb.gpg
-> trustdb.gpg.lock
- I haven't changed my WINDOWS user name or account since I use Enigmail.
- Where can I find the Windows UPGRADE profile backup?
Translated with www.DeepL.com/Translator
If Olav is right, and there was an upgrade from Gnupg 2.0 to 2.2, then the old files should still be around. Is there no secring.gpg file?
That looks like a NEW GnuPG profile without migration from 1.4. That's fine if you once started with Gpg4win versions that installed GnuPG 2.x. If so, it's weird that your keys are missing. If you use Gpg4win/ GnuPG for MANY years, then it might be a sign that your' looking at the wrong place. I use Linux, but AFAIK, Windows doesn't delete or backup profile folders on upgrades, so I was referring to YOUR backup ;-/ If I were you, I'd search my harddisks and Backups for GnuPG directories and .gpg files. Sorry I can't help you further: Revoking and regenerating might be your only option if your search doesn't reveal any files.
I want to emphasize that this is not an Enigmail or Enigmail Upgrade issue since Enigmail doesn't access these file directly.
@Patrick
No, there is no secring.gpg file anywhere.
@Olav
I found only two distsigkey.gpg files. There are the five keys incloded, already mentioned.
... and as for my backups: I don't have SO OLD backups anymore, because for space reasons, the 6th full backup automatically deletes the oldest version. Therefore I only have four old backups and one current backup. By the way, I make incremental backups.