gpg: skipped "<BrianJRohan@gmail.com>": unusable secret key gpg: [stdin]: clearsign failed: unusable secret key

[Brian Rohan]

Hi there, and thank you in advance for your help. I am very, very new to GnuPG / PGP. My only foray was in 1999 when I also tried Linux (Redhat) for about 2 months. Now I have been running Kubuntu for about a year (currently 12.10), and I just installed gpg from the repos (version 1.4.11). I also installed Thunderbird (17.0.4)from the repos today as well, and Enigmail (2:1.4.6-0ubuntu0.12.10.1 (quantal-updates)). I created a pair of keys (RSA 2048), and uploaded the public key to a couple of servers. I tried to create a basic email non-html but when I try to send I get the error message in the Subject. I then went to the OpenPGP dropdown and ran the wizard. I kept all of the defaults, even letting it set my default email settings. When it got to the keys, it said it couldn't find any, and to browse to my ring, which I did. On the next screen where is asks me to select an existing key, there are no keys to select even though it says it has detected that I already have an OpenPGP key.

Short of chosing to create a new one which I prefer not to do I am lost as to what to do. Any suggestions would be helpful. To expedite I can also use IRC to chat, or GoogleTalk

[Brian Rohan]

Here are 2 screenshots

[Brian Rohan]

And the 2nd

[Brian Rohan]

Well heck. When I tried to encrypt the email, it says that it is invalid, in exploring the key Manager it says it has been revoked :-(. I am wondering how this happened. I created a new key pair, all seems okay. Sorry for the mess on the boards!

[Ludwig Hügelschäfer]

Nothing to be sorry for. I found 2 keys from 99 with your name on it (0xDB0A247E and 0x4ECB3603)on the server. Both seem to be not revoked. If you have revoked them locally (by accident or not), you should tell the world that you're not using them any more and upload them to the keyserver network. This transfers the revocation signature to the server, so everybody can see it and nobody will attempt to use them any more.

HTH

Ludwig

[Brian Rohan]

Thank you for the info Ludwig. I no longer have the private key for those. How do I revoke them? My understanding so far is that you have to have the private key in order to create the revocation certificate.

[Ludwig Hügelschäfer]

I might have misunderstood. I did read your message as you were trying to use the old key(s) from 99, but found them revoked. In this case you should upload the old public key(s), to let the world know they shouldn't be used any more.

If you accidentially revoked new keys, never used to encrypt valuable things and not yet uploaded, simply delete them from your keyring.

[Brian Rohan]

Oh sorry. I didn't really know of the old keys in 99, I knew I had done some things with PGP back then but not to what extent. It's good to know that I did revoke them. I had made new keys yesterday morning, and uploaded the public. a few hours later I had installed Thunderbird, Enigmail, and tried to use my new keys which didn't work. After delving in, I discovered I had somehow revoked my new keys made the same day (probably as I was trying to work with the CLI to create a revoke cert to save for later. Late last night I created a new key pair, and all works well now. I also think now that all is right as far as my keys, I only have 1 public key that is active out in the world.