Please describe the problem.

Despite the very fast, much appreciated, and excellent response to my initial question here, I still can't get encryption working with subkeys.

I have a few different machines, each with its own subkey and each configured with the master key stripped out. I'm hoping to be able to encrypt and decrypt from the same special remotes with each of them.

The issue is that git-annex consistently tries to encrypt with the master key, which is not available, and so encryption and the initremote fail.

I'm submitting a bug report but I should say that I'm not sure this is the intended (or documented) way to use GPG subkeys and it may not be a git-annex concern. The Debian Wiki does say that it won't work but the password store project has implemented it.

Side note: this is not working in gcrypt either.

What steps will reproduce the problem?

I've tried the following in a few different combinations, with both short and long KEYIDs, and with or without the appended '!' that's supposed to tell gpg which key to use for encryption:
git annex initremote cloud type=S3 encryption=hybrid keyid=EFEFEFE port=80

In each case I get the same error:
gpg: decryption failed: No secret key
git-annex: user error (/usr/local/bin/gpg ["--quiet","--trust-model","always","--decrypt"] exited 2)

What version of git-annex are you using? On what operating system?

git-annex version: 6.20171109
OS X 10.10.5

Please provide any additional information below.

Have you had any luck using git-annex before? (Sometimes we get tired of reading bug reports all day and a lil' positive end note does wonders)

I love git annex. Thank you for your work on it.

Yeah, so I had that working before but then I tightened the code to determine what is a forced subkey and broke it.

[Fixed now; use a "!" at the end to force subkey use:

joey@darkstar:~/tmp/a>git annex initremote testing type=directory directory=../d encryption=hybrid keyid='A4FEC0B5F031BA70!'
initremote testing (encryption setup) gpg: A4FEC0B5F031BA70!: skipped: Unusable public key
gpg: [stdin]: encryption failed: Unusable public key

It failed to use that subkey because it is a sign-only key, and git-annex needs to encrypt, but that certainly shows I got git-annex to use the subkey..

I made an encrypt-only subkey, and git-annex is able to use it, and it fully works as far as I can tell.

done --Joey