Signing your own modules - gpg: [stdin]: clearsign failed: No secret key

FreePBX Development
,
1

Hi all,

I’m following Sangoma Documentation and doing this:

[root@freepbx devtools]# ./sign.php /var/www/html/admin/modules/sentrypeer --local 3045F169
Installing to local signing directory
Signing with 3045F169
Generating file list…
Signing /etc/freepbx.secure/sentrypeer.sig…gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

Done
Tagging module for local signing…gpg: no default secret key: No secret key
gpg: [stdin]: clearsign failed: No secret key

Done
[root@freepbx devtools]# ll /var/www/html/admin/modules/sentrypeer/module.sig
-rw-r–r-- 1 root root 0 Feb 26 20:20 /var/www/html/admin/modules/sentrypeer/module.sig
[root@freepbx devtools]# cat /var/www/html/admin/modules/sentrypeer/module.sig
[root@freepbx devtools]# cat /etc/freepbx.secure/sentrypeer.sig
[root@freepbx devtools]# ll /etc/freepbx.secure/sentrypeer.sig
-rw-r–r-- 1 root root 0 Feb 26 20:20 /etc/freepbx.secure/sentrypeer.sig

but if I look at the gpg commands getting run and test myself it works (I note you’re fwriting to an open file handle to adding your own text inside that .sig file though):

gpg --default-key 3045F169 --clearsign
gpg: using “3045F169” as default secret key for signing
sdfsdfsdf
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

sdfsdfsdf
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQThQMT7NT02jeoJsameibM6MEXxaQUCY/u/nAAKCRCeibM6MEXx
aQOwAP4gXLhoy5TRUy5vedJVu9GrfkLrticOKH1ASzX5E0KwlAEA9jUV5jiU/cvG
0U4wIQuKM5f8q5Un+izEMWQW3iUhtwc=
=OKRv
-----END PGP SIGNATURE-----

I have a passphrase set and when I test on the CLI I get this pinentry ncurses:


                                      ┌────────────────────────────────────────────────────────────────┐
                                      │ Please enter the passphrase to unlock the OpenPGP secret key:  │
                                      │ "Gavin Henry <[email protected]>"                          │
                                      │ 255-bit EDDSA key, ID XXX3045F169,                        │
                                      │ created 2022-01-02.                                            │
                                      │                                                                │
                                      │                                                                │
                                      │ Passphrase: *_________________________________________________ │
                                      │                                                                │
                                      │         <OK>                                    <Cancel>       │
                                      └────────────────────────────────────────────────────────────────┘

even if I edit that key and remove the passphrase I get the same error.

Any ideas? Create new key just signing? Or is it best to use my personal one as I want to fill out this next - Sangoma Documentation

Thanks.

2

All sorted:

[root@freepbx devtools]# ./sign.php /var/www/html/admin/modules/sentrypeer --local 3045F169
Installing to local signing directory
Signing with 3045F169
Generating file list…
Signing /etc/freepbx.secure/sentrypeer.sig…gpg: using “3045F169” as default secret key for signing

Done
Tagging module for local signing…gpg: using “3045F169” as default secret key for signing

Done

I had upgraded from gpg 2.0 to 2.2 on CentOS 2 as my keys are ed25519 and my gpg was in /opt/gnupg22 via custom RPMs. I’d only updated my own gpg aliases, but the global /usr/bin/gpg symlinks etc.

3

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.