Oh, the joys of life... I see myself forced to do a key migration.
No, no — Don't worry! My key didn't land in any hostile party's hands. And I still kinda-sorta-have access to it.
Let me explain. I was quite a happy user of a Yubikey, kindly given to me in mid-2018. As the recommendation goes, I backed up my master key's secret material to an offline media, and kept the relevant subkeys in the Yubikey; I love knowing my computer does not have access to the private keys although it can use them — The Yubikey provides just the needed interfaces for them. And here they are:
$ gpg --list-secret-keys /home/gwolf/.gnupg/pubring.gpg ------------------------------ sec# rsa4096/0x673A03E4C1DB921F 2009-07-09 [SC] [expires: 2020-12-19] Key fingerprint = AB41 C1C6 8AFD 668C A045 EBF8 673A 03E4 C1DB 921F uid [ultimate] Gunnar Eyal Wolf Iszaevich uid [ultimate] Gunnar Eyal Wolf Iszaevich uid [ultimate] Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) ssb> rsa4096/0x92853D8CF7F6543F 2009-07-09 [E] [expires: 2020-12-19] ssb> rsa4096/0x80382A731F474556 2018-07-31 [E] [expires: 2020-12-19] ssb> rsa4096/0xA5F64FDEB981CD8C 2018-07-31 [S] [expires: 2020-12-19] ssb> rsa4096/0x49DD2A4E4979619C 2018-07-31 [S] [expires: 2020-12-19] $ gpg --card-status (...) Signature key ....: FA42 3AA0 6D8F E9ED 5D6C 5E42 A5F6 4FDE B981 CD8C created ....: 2018-07-31 03:29:09 Encryption key....: 0DE6 49DF 2778 E904 94B6 7952 9285 3D8C F7F6 543F created ....: 2009-07-09 23:20:40 Authentication key: 7C79 5E53 9968 8DDF 66F7 D620 49DD 2A4E 4979 619C created ....: 2018-07-31 03:31:16 General key info..: sub rsa4096/0xA5F64FDEB981CD8C 2018-07-31 Gunnar Eyal Wolf Iszaevich sec# rsa4096/0x673A03E4C1DB921F created: 2009-07-09 expires: 2020-12-19 ssb> rsa4096/0x92853D8CF7F6543F created: 2009-07-09 expires: 2020-12-19 card-no: 0006 05009847 ssb> rsa4096/0x80382A731F474556 created: 2018-07-31 expires: 2020-12-19 card-no: 0006 05009847 ssb> rsa4096/0xA5F64FDEB981CD8C created: 2018-07-31 expires: 2020-12-19 card-no: 0006 05009847 ssb> rsa4096/0x49DD2A4E4979619C created: 2018-07-31 expires: 2020-12-19 card-no: 0006 05009847
Until... One sad day, I discovered I could not decrypt documents sent to me anymore. While signing and encrypting do work:
$ date | gpg --encrypt --recipient 0x673A03E4C1DB921F --armor -----BEGIN PGP MESSAGE----- hQIMA4A4KnMfR0VWAQ/+J/Onblw3M/PwZ6ekhz3Ojnzf3pxlObLcNNNZMOlvUApK uOAAMQ/YF/cueUbxSZT8+Yt4HV8iijVvI1Y4AK7ELvcjxdBhvmfc5QBG22lEaKPh XNK+MUMv0xN4eIJh+uksZc6mdM6IZfvx1Io5RWiD6hABfQF7XyRwxF584PCqHMeq oiYg1VY6epIWtunSfVa+CpF7MZ3KSTcs2VJdsutVuGxeS+NS7JVCApiXig4qk4yk /Y/57RAy689vMNxu78noIP/mOnd7zV4DgRQ/l1iNaZnAMFgEeh1FtSJLH5odD7T0 KyfVTwdRHTJetedDjCIN+5bboNj4hIjjW4+l8KJP3aP/f8ppZuycHQ9mEf/YCuPn KPeo7YKLGYKlerPylfENokaG7SkNyvd6UV1TdZ5eilTGBiSZpNAdlaHP0uaICbPA Mpbn4COy52H2VTg/J/Wle1IyLPFJpGe87o/UEkylSoARMnhhtq5+Mm5mrL8k1Y5m GvKqd8q7y7Bche+l5o2QRTZpLSfwZZ28r9qTX8S0vh+NvBD14iVNReR+RRZuf9FU Qhgz3TzfSEwFngced24LmIXQNgtN/QBynRGJDgR0Kq9Su4/uv8VVt4N4I8wlU3qG NwpK44FBlHPSZ6UQga/Y3Pckbrn8+RoOuIyMC0ExtDpB6qawfbssR+2EfNmPeWjS WwHGJQ8PJ2fadWMJewhfXDVdio7LVZHqIUdJIasKB9Z3PCWoJUtrsEw0EHQxG3CZ SN2QlLPBwveFtK0HQW6ZS29gGq6Z9Kj2la64NCJMtnYSq4RDV2wGaRr027E= =bWqr -----END PGP MESSAGE----- $ date | gpg --clearsign gpg: using "C1DB921F" as default secret key for signing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Fri 22 Nov 2019 06:31:42 PM CST -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfHleU5lojd9m99YgSd0qTkl5YZwFAl3Yfe4ACgkQSd0qTkl5 YZyTqhAAhToJg5byHBK37S4ixLc8w6mJWLlLOVvmDUmiXD2EbZoHEyCaVXJNCR+O RveuDjfOpM/I4InrHaypGjzc7aO2yhcPnH+8adE6JBfakNdvk13XMynXggE3kqxL oe0ZEx7sLiJaw/LzSr70kHBAqN4wnzx14+nKSuWYqZIdjR8eko867edBPWDZZgEn nM+CSpd6XQbksf4BQR7S+/XmRKoeXuksPbmWC2uOsK9dMqGDhU91YY/j1eh3cMzq 4o/EOdc1grsfl4e8uV9z3nylOQP/PzXEp/fxXhU4lTVjVrjkBkOkDhO0DnGk8QD9 GQzdk3o6xt1gUxAGfthquRS/8ozdeL0lQ8CMaRGLRCiZKxO0kdtNkJ8QJNKxx/3M CM/qHUnWWzyU078ncx0RkvZdwD1fq8eGM2RsptPjdeBc5Wgz7wAI5MpaUQezMrdA /7rtJ7EnZL6WN33nwQjAC0MxoKSA073Fo8CqtBiqXkCtfp4x5x9FRpndgi7iKCNt gQibgCIGYS6R09Q/F6r2uDcX84+SXzRyfftbP56k/4dyByn1ei7EvOM9Yi3ToU0p qhAqLLqrG1omInTsQFGMgy/iRE7giT64YgKThdFNdT2DSNqoEkG581nabUoac8Hm EFqGUDPn3rkPEZq6KNRTXKlMEFj7SF5v95iHWuh8OU+nPEWF1sY= =2RSg -----END PGP SIGNATURE-----
trying to decrypt the message does not get me very far:
$ date | gpg --encrypt --recipient 0x673A03E4C1DB921F --armor | gpg --decrypt gpg: encrypted with 4096-bit RSA key, ID 0x80382A731F474556, created 2018-07-31 "Gunnar Eyal Wolf Iszaevich " gpg: public key decryption failed: Hardware problem gpg: decryption failed: No secret key
And although the message is quite clear (public key decryption failed: Hardware problem), I spent far too many attempts at putting things upside down, trying and trying and trying to fix the issue. But no: Hardware problem means hardware problem. My Yubikey is somehow dead.
But it seems that... Even if I was able to bring it back from the dead, I would be doomed anyway: The USB key where I kept the backup for the master key material refuses to be read. Of course, I also gave it several attempts... All failed ☹ And, of course, I had it on just a single media ☹ So even getting the Yubikey decryption back to life would only allow me to use my key until 2020-12-19.
So... What's left for me to do? I just generated a shiny new elliptic-curve key, and will as soon as possible migrate my Debian credentials to use it. Please note, I am not able to sign my new key with the old one, as only the master key has Certification ability. So, the next best thing is a migration statement. I am inlining it here for convenience; if you want to check it, you can either:
$ wget https://gwolf.org/files/transition_statement.asc -O - | gpg --verify
Or just run gpg --verify and paste as its input the following text:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I am Gunnar Wolf, and I am transitioning away from my rsa4096/0x673A03E4C1DB921F key, to ed25519/0x2404C9546E145360. The reason for this transition is two simultaneous cases(!) of broken hardware. My old key is still usable until its expiry date, but I am unable to use it for decryption; please use only my new key. If you have signed my old key, please consider signing the new one; this file is signed with both keys as a proof I do have control over them. Please note my old key is unable to certify the new one, so it is not yet signed. -={ Old key, which I am transitioning _away_ from }=- pub rsa4096/0x673A03E4C1DB921F 2009-07-09 [SC] [expires: 2020-12-19] Key fingerprint = AB41 C1C6 8AFD 668C A045 EBF8 673A 03E4 C1DB 921F uid [ultimate] Gunnar Eyal Wolf Iszaevich uid [ultimate] Gunnar Eyal Wolf Iszaevich uid [ultimate] Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) -={ New key, which I am transitioning to }=- pub ed25519/0x2404C9546E145360 2019-11-22 [SC] [expires: 2022-11-21] Key fingerprint = 4D14 0506 53A4 02D7 3687 049D 2404 C954 6E14 5360 uid [ unknown] Gunnar Wolf uid [ unknown] Gunnar Eyal Wolf Iszaevich uid [ unknown] Gunnar Wolf The new key has been uploaded to pool.sks-keyservers.net. If you decide to sign my new key, I'd prefer if you mail it to me via (i.e. using caff). Thank you very much, - Gunnar -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEfHleU5lojd9m99YgSd0qTkl5YZwFAl3YhWkACgkQSd0qTkl5 YZxc1A//fycReXF6pqHl+zsMs4YW5fdMBDDuglIblX3AH5Q+ZtYvUEcEjUqXpTp4 32B725nF3o+chRsMosbJ2wUh6m5zbSl4ET/gjw+9M2XmrmC5HgrKurRh/bDryvZ1 lPPJOD6rfH5JeIBEnyoVrTaAMO5g2UUd3UM27EemNfK0oGZhJwbV8pvhQxLdrHk+ VKXBGPFcX0AttkutuixF7ieS/DjaVIogKPhy7r6UNEFopnMcGZmmTdy8EOnePLNc ocHSHgVylErywx2zCaumC7nvc5nCeS+iStro2Cwpx1wcgdV0+RfX81Sz5v3g4IQA Zv9AuAPBEnSFlrAPUggeDVTfA4A7BSoHgYnIo/xcIWnkd7SMwL/XDSgW3v7lNCJy DvKhP9m0EM0KOOzzV8N3tyhvXNxW9fb0dmc+pUNI7qzXrzu0DVRiwrzRiCTnrOUQ uV9cM/FdL82IGe5lGO48FgCBEaluocMu3bh9qFOIuQukbEvRsdgknGfcaa1mWRxs YbBPYafFCTCRR410it2Ck4dRunHRLvYecTcFIvxUJ+lgrYSlRXIe4nfVmQ3lWosM mUM9DhCanIeeNk/Enzqf8qpKlLzpBnEpJPnRciNvuGfvXzWSeKBdah7t5TNoMfNz oWmCb2XbYmf8t7XFc9SNxWFaOTzt//w3Foo0DbBa9qtvuo4giRaIdQQBFggAHRYh BGCzCT2WEI5cuXFC7+L2O0NT9FmJBQJd2IVqAAoJEOL2O0NT9FmJXwMA/j8s6O85 phqdDmOjKcmpKoxBlCKpulkMvpzSpxxcmGMzAP49HE6yVsyxFYoCI50w3nASSqmt 5i/2Cv7TgtzOFXU1AA== =JxNv -----END PGP SIGNATURE-----
I will be soon meeting with two DDs, so in any case, this key will be in shape to enter our keyring. Thank you very much for following so far!
(...And yes — This time I made two separate offline media backups for my master key material :-Þ)