Reprepro export could not find signing key
Solution 1:
I had the same problem, and after much frustration finally tracked down what was going on.
The reprepro
tool uses gpgme, which is based on gnupg2
. A recent release of that changed how the secret key ring is handled: https://www.gnupg.org/faq/whats-new-in-2.1.html
gpg used to keep the public key pairs in two files:
pubring.gpg
andsecring.gpg
... With GnuPG 2.1 this changed ... To ease the migration to the no-secring method, gpg detects the presence of asecring.gpg
and converts the keys on-the-fly to the the key store of gpg-agent (this is theprivate-keys-v1.d
directory below the GnuPG home directory (~/.gnupg
)). This is done only once and an existingsecring.gpg
is then not anymore touched by gpg. This allows co-existence of older GnuPG versions with GnuPG 2.1. However, any change to the private keys using the new gpg will not show up when using pre-2.1 versions of GnuPG and vice versa.
Thus, if you create a new key with gpg, gpg2 won't see it, and vice versa.
Quick fix that worked for me:
gpg --export-secret-keys | gpg2 --import -
And if you need to go the other way, of course:
gpg2 --export-secret-keys | gpg --import -
Depending on your setup, you may also want/need to add --export-secret-subkeys
After doing the above, reprepro
worked properly with my new key.
Solution 2:
For me the issue was that I generated keys as user and ran reprepro as root.
What happened was that keys that I generate "without sudo
" are added to my local pubring.gpg
. When I run sudo reprepro ...
I run it as root and therefore it tries to find the key in root's pubring.gpg
and obviously does not find one.
The solution was to run all gpg
commands as root (eq. sudo -i
and then gpg --gen-key
). Make sure when you run sudo gpg --list-keys
you see your desired keys and the line /root/.gnupg/pubring.gpg
.
Hope that helps!