Reprepro export could not find signing key

Solution 1:

I had the same problem, and after much frustration finally tracked down what was going on.

The reprepro tool uses gpgme, which is based on gnupg2. A recent release of that changed how the secret key ring is handled: https://www.gnupg.org/faq/whats-new-in-2.1.html

gpg used to keep the public key pairs in two files: pubring.gpg and secring.gpg ... With GnuPG 2.1 this changed ... To ease the migration to the no-secring method, gpg detects the presence of a secring.gpg and converts the keys on-the-fly to the the key store of gpg-agent (this is the private-keys-v1.d directory below the GnuPG home directory (~/.gnupg)). This is done only once and an existing secring.gpg is then not anymore touched by gpg. This allows co-existence of older GnuPG versions with GnuPG 2.1. However, any change to the private keys using the new gpg will not show up when using pre-2.1 versions of GnuPG and vice versa.

Thus, if you create a new key with gpg, gpg2 won't see it, and vice versa.

Quick fix that worked for me:

gpg --export-secret-keys | gpg2 --import -

And if you need to go the other way, of course:

gpg2 --export-secret-keys | gpg --import -

Depending on your setup, you may also want/need to add --export-secret-subkeys

After doing the above, reprepro worked properly with my new key.

Solution 2:

For me the issue was that I generated keys as user and ran reprepro as root.

What happened was that keys that I generate "without sudo" are added to my local pubring.gpg. When I run sudo reprepro ... I run it as root and therefore it tries to find the key in root's pubring.gpg and obviously does not find one.

The solution was to run all gpg commands as root (eq. sudo -i and then gpg --gen-key). Make sure when you run sudo gpg --list-keys you see your desired keys and the line /root/.gnupg/pubring.gpg.

Hope that helps!