0

When I create a keypair with gpg, then it stores the secret key inside of

~/.gnupg/private-keys-v1.d

It stores the public-key inside of a keyring-file - I can name it or it uses the default-location.

If I have a look (--list-public-keys and --list-secret-keys) at my public and secret-keys I can see what pair matches. The 40 character string/hash in the output is the same for both.

The file of the secret-key is different to this string. It is also 40 chars long, but different.

How do I find out what secret-key file matches my public-key??

Using gpg 2.2.40 on Debian 12.

Improve this question
2
  • Do you want to export the secret key and the public key? In that case you can use the options --export and --export-secret-keys to export the key pair that you have already identified. You find more details in the manual man gpg.
    – sudodus
    Commented Apr 9 at 14:15
  • If you are not sure, you can test if the keys match by encrypting or signing with the secret key and try to decrypt or verify with the public key. If it works, then the keys match.
    – sudodus
    Commented Apr 9 at 14:21

1 Answer 1

Reset to default
0

Use gpg --list-secret-keys --with-keygrip.

This path stores private keys for several different protocols (PGP, SSH, S/MIME), so it cannot use the PGP fingerprint; instead the 40-character name is the hash of the raw public key (as in, not including the PGP certificate metadata) in libgcrypt s-exp format.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .