While using the password store software called pass and going through some default testing scenarios, like writing, storing, erasing, changing, and migrating to another host, I have come upon an interesting issue after migration of the store from one host to another. Decrypting the pass store worked fine. However adding new passwords on a new host spit following error:
gpg: RSP1SUP2LC3: There is no assurance this key belongs to the named user gpg: /dev/shm/pass.Aizith6PheeTi/paeN9-testo-steron.txt: encryption failed: Unusable public key GPG encryption failed. Would you like to try again? [y/N] y gpg: RSP1SUP2LC3: There is no assurance this key belongs to the named user gpg: /dev/shm/pass.Aizith6PheeTi/paeN9-testo-steron.txt: encryption failed: Unusable public key GPG encryption failed. Would you like to try again? [y/N] n
This has happened after migration of the key pair from one node to another node. The solution is simple, it is to set the trust level of the keys on the new node:
Do you really want to set this key to ultimate trust? (y/N) y
Quitting the GPG application works by pressing the q key, or simply write out quit:
After adding the try to the trust, now adding a new password to pass should be successful:
Some obvious remark at the end of this blog post, for these people only reading this and doing copy/paste without re-thinking their decision:
Only YOU can decide if a GPG key is trusted or not. So think thrice before doing it, in case of doubt the best decision is not to trust a GPG key at all.