Downgrade gnupg

I need to downgrade Gnupg package in dnf to version 2.2.X. The output of dnf list --showduplicates gnupg2 show the oldest version is 2.3.4.2.

Are there any solution that allows me to replace Gnupg with 2.2.X version using dnf?

In default usage of dnf, you’ll have access to two versions:

  • the version with which the Fedora release was made (in the fedora repo)
  • the version in updates, if any

if these are both newer that what you need, you won’t be able to do it using only dnf. You could check the koji build system to see if this older version was built for the Fedora Linux release you are on, and if it was, you can download the build and install it manually (also using dnf):

https://koji.fedoraproject.org/koji/packageinfo?packageID=1940

Edit:

You can use the dnf versionlock plugin to prevent packages from being updated:

https://docs.fedoraproject.org/en-US/quick-docs/dnf/#sect-using-dnf-plugin

3 Likes

See the answer of Jakuje: fedora - Can I force dnf to install an old version of a package? - Unix & Linux Stack Exchange

Related: gnupg2 | Package Info | koji

I assume you have to use in future --exclude to avoid updates of the package. Be aware that this would also exclude security updates!

If you are lucky, the dependencies will fit by default.

1 Like

Thank you for the tip about koji, I didn’t know about that. Unfortunately there is not the version I need, and gnupg seems to be a package you would not want to mess manually, so I will just not use the software I wanted, which is Android Open Keychain because it can only decrypt what was encrypted with Gnupg 2.2.X

1 Like

Hrm, I use it on my Andriod too for Password Store and it seems to work fine with my files that are encrypted on my Fedora Linux machine with gnupg 2.3.6. I wasn’t aware that it only supports gnupg 2.2.x at all :smiley:

1 Like

According to the app developer and multiple users, Open Keychain return “error reading input data” when the files are encrypted with version 2.3.x. Did you do any special configuration on your desktop or on your phone’s Open Keychain app so that you don’t get this error when trying to see a password?

1 Like

Hrm, not that I can remember. Is the error related to encryption or related to the version that was used to generate the GPG key? My keys have been around for a while now, so they may have been created with an older version of GnuPG.

2 Likes

Anyway you gave me an idea. I will create the key in gpg 2.x and encrypt with gpg 3.x. I will post the results here just for your curiosity. Anyway, thank you for your information

1 Like

Hey Ankur, you solved my problem. I generated the key in gnupg 2.2 and now it works fine in Fedora. Thank you very much for your help!

Anyway be advised that if you ever wants to generate a new key, better do it on a distribution with slower upgrade. In my case, I could do it in Ubuntu.

1 Like