Error signing code of Conduct

Asked by JL on 2018-05-23

I followed the instructions:

"Sign the Ubuntu code of Conduct

To sign the code of conduct:

    Download the file to your own computer and read it carefully to ensure you agree to it.
    In a terminal, run the command:

        gpg --clearsign UbuntuCodeofConduct-2.0.txt

    (or whatever filename you gave to the code). This will create a file with a name like UbuntuCodeofConduct-2.0.txt.asc."

 and recieved the message:

"xyz@xyz-HP-Pavilion-Sleekbook-15:~$ gpg --clearsign UbuntuCodeofConduct-2.0.txt
gpg: no default secret key: secret key not available
gpg: UbuntuCodeofConduct-2.0.txt: clearsign failed: secret key not available"

(I have OpenPGP keys.)
Do I need something more or are there other problem? Do I need SSH keys too?

Question information

Language:
English Edit question
Status:
Needs information
For:
Launchpad itself Edit question
Assignee:
No assignee Edit question
Last query:
2018-06-14
Last reply:
2018-06-14
JL (jl2414) said : #2

Thank you for taking time to help me...

On my User Information here on Launchpad clicking on my "Signed Ubuntu Code of Conduct:" appears "No".

Clicking on it appears the information box under the first step:

("1. Register an OpenPGP key.")
"It appears you have already done this. The key 06168FE928540FCA247B112346F1FA35286DB6BC is registered on your account. You can skip to the next step if you are not intending on signing with a different key."

But as you can see in the main page of "User information" under the "OpenPGP keys:" you will find the above mentioned key.

I can't still understand the problem why it appears that I have NOT signed the Ubuntu Code of Conduct.

Thank you one again for your help.

Manfred Hampl (m-hampl) said : #3

There are several different steps involved, among other creating the key and uploading it to Launchpad, but also signing the UbuntuCodeofConduct-2.0.txt file with your key.

The error message "gpg: no default secret key: secret key not available" seems to indicate, that the "gpg ..." command did not know which signature to use and so the step of signing the file failed.

What output do you receive for the command
gpg --default-key 286DB6BC --clearsign UbuntuCodeofConduct-2.0.txt
or for the command
GPGKEY=286DB6BC gpg --clearsign UbuntuCodeofConduct-2.0.txt

JL (jl2414) said : #4

Here is the output:

gpg --default-key 286DB6BC --clearsign UbuntuCodeofConduct-2.0.txt
gpg: no default secret key: secret key not available
gpg: UbuntuCodeofConduct-2.0.txt: clearsign failed: secret key not available

GPGKEY=286DB6BC gpg --clearsign UbuntuCodeofConduct-2.0.txt
gpg: no default secret key: secret key not available
gpg: UbuntuCodeofConduct-2.0.txt: clearsign failed: secret key not available

On my User info overview it appears that I have a OpenPGP key, that’s what makes me confused.

Thanks again...

Manfred Hampl (m-hampl) said : #5

You have to differentiate between your local system and the launchpad servers.

You need your key information (including the secret key) locally to be able to sign a file.
The launchpad servers need the public part of your key to be able to verify the contents.

It seems that the public key has successfully been uploaded to Launchpad.

The error message about signing the CoC file is something happening locally on your machine.
Apparently you have not stored your secret key in the default keyring which is used during "gpg …" activities.

If you list the keys in your key store with the commands
gpg --list-keys
and
gpg --list-secret-keys
do you see your cryptographic key being listed (no need to copy/paste the output)?

JL (jl2414) said : #6

Thank you very much,

When I run the:
gpg --list-keys
and
gpg --list-secret-keys
commands in the Terminal there are no output what so ever. Makes me confused, because I have 2 keys.

I run Ubuntu 16.04 on my conmputer and I keep my GnuPG keys:
Passwords and Keys: GnuPG keys (holdig the pointer over it shows: GnuPG: default keyring directory)

I just tried to import another OpenPGP key into Launchpad, but with the same result.

Runned the command:
gpg --clearsign UbuntuCodeofConduct-2.0.txt

Output:
gpg: no default secret key: secret key not available
gpg: UbuntuCodeofConduct-2.0.txt: clearsign failed: secret key not available

I still don't know what's missing...

Thank again you for your help.

Manfred Hampl (m-hampl) said : #7

The cause for your problem seems to be that your gpg key is not stored in the standard keyring file.

How did you create your GPG key?

Did you delete the .gnupg subdirectory of your home directory (where the default keyring should be stored)?

Can you help with this problem?

Provide an answer of your own, or ask JL for more information if necessary.

To post a message you must log in.