Can decrypt without specifying key in command line but cannot re-encrypt

[zstern]

I am using age with sops.

age v1.1.1 & sops 3.7.3 on RHEL 7.9

I have my keys stored here: ~/.config/sops/age/keys.txt

I can execute sops <encrypted_file> and it will open up the decrypted version of the file in vim. Great. I can execute sops -d -i <encrypted_file> and it will decrypt the file.

But when I run sops -e -i <unencrypted_file> i get the error “config file not found and no keys provided through command line options”

so then if I do specify the key in the command line using -a agedjfjsk... it will encrypt them again and the decryption again works fine. I'm confused because if the decryption works without specifying a key and its able to find the correct key saved via configuration then why won't the encryption work?

I at one time may have naively ran sops --config thinking it would provide to me config information but it was to set a config location and I didn't pass a file in. Perhaps that did something to alter the encryption configuration. If so, how do i reset it back? Thanks.

[mmarston-origami]

I am having similar issues, any updates here?

[felixfontein]

Decryption works without the config file since the keys used are stored in the encrypted file. But if you want to encrypt a new file, SOPS doesn't magically know which keys you want to use, so you either have to provide a config file, or explicitly tell SOPS which keys to use.

[felixfontein]

(And sops --config does not modify anything, so there's nothing to reset.)