Linux pass - expired GPG key - how to set unlimited validity
When using the Pass password manager, you may find that the GPG key you use expires after you use it, and you can't add new passwords to your keychain. In the following sequence of commands we will demonstrate how to set the GPG key to unlimited validity. It should be noted that from a security point of view, this should not be done ....
user@server:~/xyz$
/home/user/.gnupg/pubring.kbx
-----------------------------
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
xxxxxxxxxxxxxxxxxxxx
uid [ expired] CC ZT
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
yyyyyyyyyyyyyyyyyyyyyy
uid [ expired] user
pub rsa4096 2019-11-19 [SC]
zzzzzzzzzzzz
uid [ultimate] pass-crash
sub rsa4096 2019-11-19 [E]
user@server:~/xyz$
gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
sec rsa3072/ccccccccc
created: 2018-09-07 expired: 2020-09-06 usage: SC
trust: ultimate validity: expired
ssb rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ expired] (1). user
gpg>
Changing expiration time for the primary key.
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N)
sec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ultimate] (1). user
gpg: WARNING: Your encryption subkey expires soon.
gpg: You may want to change its expiration date too.
gpg>
sec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb* rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ultimate] (1). user
gpg>
Changing expiration time for a subkey.
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N)
sec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb* rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expires: never usage: E
[ultimate] (1). user
gpg>
user@server:~/xyz$
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 3 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 3u
/home/user/.gnupg/pubring.kbx
-----------------------------
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
xxxxxxxxxxxxxxxxxxxx
uid [ expired] CC ZT
pub rsa3072 2018-09-07 [SC]
yyyyyyyyyyyyyyyyyyyyyy
uid [ultimate] user
sub rsa3072 2018-09-07 [E]
pub rsa4096 2019-11-19 [SC]
zzzzzzzzzzzz
uid [ultimate] pass-crash
sub rsa4096 2019-11-19 [E]
user@server:~/xyz$
gpg --list-keys/home/user/.gnupg/pubring.kbx
-----------------------------
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
xxxxxxxxxxxxxxxxxxxx
uid [ expired] CC ZT
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
yyyyyyyyyyyyyyyyyyyyyy
uid [ expired] user
pub rsa4096 2019-11-19 [SC]
zzzzzzzzzzzz
uid [ultimate] pass-crash
sub rsa4096 2019-11-19 [E]
user@server:~/xyz$
gpg --edit-key yyyyyyyyyyyyyyyyyyyyyygpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
sec rsa3072/ccccccccc
created: 2018-09-07 expired: 2020-09-06 usage: SC
trust: ultimate validity: expired
ssb rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ expired] (1). user
gpg>
expireChanging expiration time for the primary key.
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
0Key does not expire at all
Is this correct? (y/N)
ysec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ultimate] (1). user
gpg: WARNING: Your encryption subkey expires soon.
gpg: You may want to change its expiration date too.
gpg>
key 1sec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb* rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expired: 2020-09-06 usage: E
[ultimate] (1). user
gpg>
expireChanging expiration time for a subkey.
Please specify how long the key should be valid.
0 = key does not expire
Key is valid for? (0)
0Key does not expire at all
Is this correct? (y/N)
ysec rsa3072/ccccccccc
created: 2018-09-07 expires: never usage: SC
trust: ultimate validity: ultimate
ssb* rsa3072/qqqqqqqqqqqqq
created: 2018-09-07 expires: never usage: E
[ultimate] (1). user
gpg>
saveuser@server:~/xyz$
gpg --list-keysgpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 3 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 3u
/home/user/.gnupg/pubring.kbx
-----------------------------
pub rsa3072 2018-09-07 [SC] [expired: 2020-09-06]
xxxxxxxxxxxxxxxxxxxx
uid [ expired] CC ZT
pub rsa3072 2018-09-07 [SC]
yyyyyyyyyyyyyyyyyyyyyy
uid [ultimate] user
sub rsa3072 2018-09-07 [E]
pub rsa4096 2019-11-19 [SC]
zzzzzzzzzzzz
uid [ultimate] pass-crash
sub rsa4096 2019-11-19 [E]
