GPG and Yubikey oddness; cannot decrypt data

gpgnoob · July 14, 2025, 1:47pm

Hello,

I had been using my gpg key for a few years, before getting a yubikey and transferring the key to the card. I may have made some mistakes or not transferred the contents entirely, and now when I want to use the gpg key, I can’t use it to decrypt messages. I’m a noob when it comes to gpg, but am experienced on Linux, so please keep that in mind.

Here’s what I have:

$ gpg --version
gpg (GnuPG) 2.4.7
libgcrypt 1.11.0-unknown
...

$ gpg -K
.../.gnupg/pubring.kbx
-----------------------------
sec#  rsa4096/<fpr2> 2011-xx-xx [SC]
      Key fingerprint = <fpr2>
uid                   [ultimate] id1
uid                   [ultimate] id2
uid                   [ultimate] id3
ssb#  rsa4096/0x<fpr3> 2011-xx-xx [E]
ssb>  rsa4096/0x<fpr4> 2016-xx-xx [A]
ssb>  rsa4096/0x<fpr5> 2016-xx-xx [S]

and

$ gpg --card-status 
Reader ...........: Yubico YubiKey OTP FIDO CCID 00 00
Application ID ...: FF7F00
Application type .: OpenPGP
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 
Name of cardholder: .
Language prefs ...: [not set]
Salutation .......: 
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa4096 rsa2048 rsa4096
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 42
UIF setting ......: Sign=on Decrypt=on Auth=on
Signature key ....: <fpr>
      created ....: 2016-xx-xx 17:54:01
Encryption key....: [none]
Authentication key: <fpr>
      created ....: 2016-xx-xx 17:46:23
General key info..: sub  rsa4096/0x<fpr> 2016-xx-xx <name>
sec#  rsa4096/0x<fpr2>  created: 2011-xx-xx  expires: never     
ssb#  rsa4096/0x<fpr3>  created: 2011-xx-xx  expires: never     
ssb>  rsa4096/0x<fpr4>  created: 2016-xx-xx  expires: never     
                                  card-no: <number>
ssb>  rsa4096/0x<fpr5>  created: 2016-xx-xx  expires: never     
                                  card-no: <number>

(I’ve tried to hide identifying info here)

I’ve forgotten what I did back in 2011 and 2016, but here’s what I gather from that output:

The key was originally created in 2011
In 2016 I got the yubikey and created new signing and auth subkeys and transferred them to the yubikey.
The encryption subkey is still on my local machine

My intention was probably to use the yubikey only for ssh auth to machines, but keep using the local machine for enc/dec, w/o the yubikey.

However, I can’t actually decrypt data using my local machine.

To test that, I tried encrypting something for myself, and that worked:

$ gpg --default-key 0x<fpr2> -r 0x<fpr2> -se -a -o msg.txt

That works – I get a prompt from pinentry-gnome to enter the user password for the yubikey, and then the flashing y sign for touch to finish the encryption.

Decrypting the file, however, does not work.

$ gpg --default-key 0x<fpr2> -d msg.txt
gpg: encrypted with rsa4096 key, ID 0x<fpr3>, created 2011-xx-xx
      <id>
gpg: using "0x<fpr2>" as default secret key for signing
gpg: public key decryption failed: No secret key
gpg: decryption failed: No secret key

(I’m using --default-key just to distinguish between another pub/pvt keypair I’ve created since in my local store. And to reinforce the point, the I’m using is the fpr of the SC key.)

So that’s the first problem: I can’t decrypt messages sent to me, or even created by me.

I tried adding my encryption key to the yubikey, to check if that moves it along, but that fails as well:

gpg> keytocard
gpg: key operation not possible: not an OpenPGP card

which is a very weird, random error – because the --card-status command above confirms it’s OpenPGP and it has the S and A keys stored on the card already.

I know this will not work for the decryption problem, but just to check why things aren’t working on the yubikey for the Encryption key, I tried to generate one on the yubikey itself with --edit-card:

gpg/card> admin
Admin commands are allowed

gpg/card> generate
gpg: key operation not possible: not an OpenPGP card

Yea, I’m at a loss here. My main problem is of course not being able to decrypt messages.

I may have my older, pre-yubikey .gnupg directory or the backup of the secret key somewhere, but I haven’t been able to find that backup (I have old versions of my .gnupg directory, but not sure how to verify which one is pre-yubikey and which one is post-).

Thanks for any help!

ablum · July 18, 2025, 6:49pm

In your gpg -K output you see this line:

ssb#  rsa4096/0x<fpr3> 2011-xx-xx [E]

The # means, that your encryption subkey is not in your keyring, which is why you can’t decrypt. I guess you followed some tutorial like this and for some reason removed both your primary sign/certification (SC) and encryption (E) key.

To find out, if a backup contains the key, you can find out the keygrip of your encryption key with gpg -K --with-keygrip and check the key material file in .gnupg/private-keys-v1.d/<KEYGRIP>.key. It should be present and contain Key: (protected-private-key [...]. Keys on smartcards are only (possibly autogenerated) stubs and contain Key: (shadowed-private-key [...] instead.

Regarding key generation: gpg 2.4.7 had an issue with smartcard key generation, which was fixed in 2.4.8. It’s a bit different, but might be related. If you have a debian based system, you could get it from the new official gnupg repos:

https://gnupg.com/20250714-new-repository.html

gpgnoob · July 19, 2025, 9:55am

Thank you! I tried looking for info on the # and > suffixes but didn’t find much – but looks like I should have paid more attention to the man page. It’s actually listed there.

Thanks, so my E key is actually missing.

I found the backup, and found my E key there. I can now decrypt, so problem #1 is solved.

But I’m still running into the same problem as mentioned above (not an openpgp card) when attempting to transfer the E key to the Yubikey…

m.eik · July 21, 2025, 5:46am

glad you got decryption back again.

does the SC problem persist after upgrading to GnuPG 2.4.8?

gpgnoob · July 28, 2025, 12:34pm

I’m on Fedora where 2.4.8 is not yet available. I will post here when I try that, but the description from @ablum suggested that was about key generation only, not with transferring keys…

(And while I did mention the inability to generate keys on the smartcard, currently-encrypted text for my E subkey will not be decrypted by that new key if I generate it - so my priority is to transfer the existing key rather than gen a new one)

Thank you for guiding me so far!