GnuPG: "decryption failed: secret key not available" error from gpg on Windows

Question

Environment: HP laptop with Windows XP SP2

I had created some encrypted files using GnuPG (gpg) for Windows. Yesterday, my hard disk failed so I had reimage the hard disk. I have now reinstalled gpg and regenerated my keys using the same passphrase as earlier. But, I am now unable to decrypt the files. I get the following error:


C:\sureshr>gpg -a c:\sureshr\work\passwords.gpg
gpg: encrypted with 1024-bit ELG-E key, ID 279AB302, created 2008-07-21
      "Suresh Ramaswamy (AAA) BBB"
gpg: decryption failed: secret key not available

C:\sureshr>gpg --list-keys
C:/Documents and Settings/sureshr/Application Data/gnupg\pubring.gpg
--------------------------------------------------------------------
pub   1024D/80059241 2008-07-21
uid                  Suresh Ramaswamy (AAA) BBB
sub   1024g/279AB302 2008-07-21

AAA = gpg comment
BBB = my email address

I am sure that I am using the correct passphrase. What exactly does this error mean? How do I tell gpg where to find my secret key?

Thanks,

Suresh

score 28 · Answer 1 · answered Nov 02 '11 at 00:45

28

You need to import not only your secret key, but also the corresponding public key, or you'll get this error.

answered Nov 02 '11 at 00:45

aaronsw

4,455
5
31
27

score 23 · Answer 2 · answered Sep 18 '08 at 10:21

23

when reimporting your keys from the old keyring, you need to specify the command:

gpg --allow-secret-key-import --import <keyring>

otherwise it will only import the public keys, not the private keys.

answered Sep 18 '08 at 10:21

workmad3

25,101
4
35
56

2

`--allow-secret-key-import This is an obsolete option and is not used anywhere.` This is an obsolete option starting from gpg 2.1 – Kalpa Gunarathna Nov 21 '17 at 07:18

score 9 · Answer 3 · edited May 23 '17 at 11:46

9

workmad3 is apparently out of date, at least for current gpg, as the --allow-secret-key-import is now obsolete and does nothing.

What happened to me was that I failed to export properly. Just doing gpg --export is not adequate, as it only exports the public keys. When exporting keys, you have to do

gpg --export-secret-keys >keyfile

edited May 23 '17 at 11:46

Community

1
1

answered Sep 27 '09 at 02:46

Randy Fay

91
1
1

score 9 · Answer 4 · answered Sep 18 '08 at 10:06

9

Yes, your secret key appears to be missing. Without it, you will not be able to decrypt the files.

Do you have the key backed up somewhere?

Re-creating the keys, whether you use the same passphrase or not, will not work. Each key pair is unique.

answered Sep 18 '08 at 10:06

David Precious

6,544
1
24
31

score 7 · Answer 5 · answered Sep 06 '11 at 11:36

7

One more cause for the "secret key not available" message: GPG version mismatch.

Practical example: I had been using GPG v1.4. Switching packaging systems, the MacPorts supplied gpg was removed, and revealed another gpg binary in the path, this one version 2.0. For decryption, it was unable to locate the secret key and gave this very error. For encryption, it complained about an unusable public key. However, gpg -k and -K both listed valid keys, which was the cause of major confusion.

answered Sep 06 '11 at 11:36

ata

71
1
1

I encountered this sort of problem where gpg(1) and gpg2 were sharing the same directory ~/.gnupg/ but in my case gpg2 wouldn't see any keys. It turns out that I had been running gpg for so long, I had errant files in the .gnupg directory such as pubring.kbx, dirmngr.conf and a few renamed files ending in .off or .old. Removing these allowed gpg2 to be very happy. Hope this helps someone! – kronenpj Jan 15 '17 at 02:09

score 2 · Answer 6 · answered Nov 13 '09 at 19:10

2

The resolution to this problem for me, was to notify the sender that he did use the Public key that I sent them but rather someone elses. You should see the key that they used. Tell them to use the correct one.

answered Nov 13 '09 at 19:10

Bill

21
1

GnuPG: "decryption failed: secret key not available" error from gpg on Windows

6 Answers6