There might be a set of different problems that occur.
Private key not imported
If you did not migrate the private keys to the new machine, obviously they cannot be used. gpg --export
only exports public keys, not private ones. Run gpg --export-secret-keys
in addition.
You can verify whether this is an issue by running gpg --list-secret-keys
(or the abbreviated version gpg -K
). Your key should be listed here.
After importing, also see the "trust" section of this answer.
GnuPG 2.1 does not find the keys
GnuPG 1 and 2 use secring.gpg
for storing private keys, GnuPG 2.1 moved them to pubring.gpg
. If you already installed GnuPG 2.1, make sure it also sees your private key. GnuPG 2 is usually installed as gpg2
: gpg2 --list-secret-keys
.
If gpg
lists the keys, but gpg2
does not, export them from GnuPG 1 and import to GnuPG 2.1:
gpg --export-secret-keys | gpg2 --import
After importing, also see the "trust" section of this answer.
Wrong key defined in the account's Enigmail configuration
You might have defined a fixed key in your account's Enigmail configuration. Open the account preferences, and choose "OpenPGP Security" for the respective account. Is there any fixed key configured?
Missing trust configuration
Enigmail by default only uses verified keys. For being able to verify keys, there must be a trust path from a valid key to that key.
Your own key is the trust source in the web of trust concept, and should have ultimate trust. On the command line, trust can be configured by running gpg --edit-key [key-id]
. Now, in the GnuPG edit key command prompt, run trust. The assistant will ask you what trust to provide, choose "ultimate". Finally,
save` the changes.
This can also be done using several graphical frontends for GnuPG, but there are too many to describe how to do this. Have a look whether you find some "trust" settings while editing your own key.