gpg on Debian 9.3 isn't finding any private keys only public ones Under Debian 8 I created (presumably, then with gpg 1 or 2.0) and published my key secring.gpg to a keyserver, the file is still under the directory ~/.gnupg/. But now with gpg 2.1: gpg --list-secret-keys has no output and attempts to sign something gpg -s tmp.txt fail with gpg: no default secret key: secret key not available gpg: signing failed: secret key not available Did I botch somehow the upgrade from Debian 8 to 9? Should I have exported the secret key before upgrading and how can I import the "old" secret key into the "new" gpg? **update 2018-03-01:** The problem is simply that - somehow, sometime - my secring.gpg shrank to the size 0! :-/ Discovered it with the solution from Stephen Kitt, when trying to import gpg --import-secret-keys secring.gpg I got a message that my file contains no valid data.

GnuPG 2.1 no longer uses `~/.gnupg/secring.gpg`; instead, it uses separate files in ~/.gnupg/private-keys-v1.d`, with the help of its agent. There should have been an automatic migration at some point, however there are a number of scenarios where that misses some information (including the case where a private key is added using GnuPG 1 _after_ the 2.1 migration).

To resolve the issue, you should import your secret keyring:


gpg --import ~/.gnupg/secring.gpg


You’ll find more useful information in this handy GnuPG 2.1 migration guide, and in the release notes.

(I think it’s also worth mentioning that your secret keyring should never be exported to a public server, and that GnuPG itself will try to prevent you from doing so; thus you can’t rely on external sources of information as backups of your secret keys.)