Hi everyone,
I’m trying to get a fresh Passbolt installation up and running. The installation (from the official repo) completes fine, but during the web setup it always fails at the “Create GPG key” step with this error:
the data entered are not correct: the openpgp private key cannot be used to decrypt. please note that passbolt does not support openpgp key protected with a secret.
This happens to me on both Debian and Ubuntu (fresh installs, fully updated).
Environment
-
Provider/Location: Hetzner Cloud (Nuremberg / NBG), VM
-
OS: Debian/Ubuntu (current, minimal)
-
Time/NTP: NTP enabled and in sync (chrony/systemd-timesyncd)
-
Firewall: none configured (no iptables/nftables rules)
-
Install method: Official Passbolt repo, NGINX + PHP-FPM, MariaDB/MySQL (defaults)
What I’m seeing / how to reproduce
-
Fresh system, updates applied, hostname/FQDN set.
-
Install Passbolt per docs, start the browser setup.
-
At “Create GPG key” I fill in the required fields.
-
After submitting, I get the error above. Can’t proceed.
What I’ve already checked
-
System time is correct (NTP OK).
-
No reverse proxy in between.
-
No firewall/port blocking.
-
Same behavior on both Debian and Ubuntu.
-
Multiple clean installs, same result every time.
Questions for the community
-
Has anyone seen this specific message during the web setup?
-
Do I need to consider anything special for the server GPG key (e.g., no passphrase/“secret” on the key, key size/algorithm, UID format, etc.)?
-
Any known gotchas on Hetzner VMs (e.g., entropy/RNG) that could affect key handling?
-
Which logs would be most helpful to diagnose this?
Thanks in advance for any pointers! 
~ Leon
—
TL;DR: Fresh Passbolt install on a Hetzner VM (Debian/Ubuntu). Web setup fails at “Create GPG key” with “the openpgp private key cannot be used to decrypt … not support … key protected with a secret.” NTP OK, no firewall. Any ideas 