Unable to decrypt with PGP on Yubikey #1952
Description
sops -v
sops 3.10.2 (latest)
gpg --version
gpg (GnuPG) 2.4.8
libgcrypt 1.11.2
Copyright (C) 2025 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
I have an OpenPGP key on my yubikey smart card, which I can use to decrypt. e.g. this works:
gpg -d foo.gpg
But when calling sops, an error occurs
sops -d bar
Output:
Failed to get the data key required to decrypt the SOPS file.
Group 0: FAILED
xxxx: FAILED
- | could not decrypt data key with PGP key:
| github.com/ProtonMail/go-crypto/openpgp error: could not
| load secring: open /Users/fzakfeld/.gnupg/pubring.gpg: no
| such file or directory; GnuPG binary error: failed to
| decrypt sops data key with pgp: gpg: encrypted with RSA key,
| ID xxxx
| gpg: using "xxxx" as
| default secret key for signing
| gpg: public key decryption failed: No secret key
| gpg: decryption failed: No secret key
How can I debug this further? Reading #189 it seems like gpg2 is supported and sops is trying out the gpg binary