Re: Setting up a new laptop - importing keyrings
On Monday 12 January 2009 23:20:33 Todd Zullinger wrote: Anne Wilson wrote: I'm setting up a new netbook, and have copied into the .gnupg folder my keyrings and associated files from this laptop. Kgpg lists the keys correctly, but all is not well. When I try to set keys for signing and encryption I get the endless searching bar, as Chris described a few days ago. I know nothing of Kpg, but perhaps we can determine whether the issue is with gpg or Kgpg and that might narrow down where to look. I considered starting from an empty keyring and importing signatures as they arrive in kmail, but I think the problem is that I don't know how to get the secret key recognised. Are your secret keys listed by gpg --list-secret-keys ? Yes, they are. All CLI commands work fine. If so, then the problem isn't with the keyrings. It could be with Kgpg or the gpg-agent setup (IIRC, that was what the problem a few days ago was). I think something is preventing communication between kmail and the keyrings, but only in some circumstances. While I can't, in the Fedora installations, set my key to encrypt mail, I can read the encrypted mail that comes to me. I don't think that agent is the problem - it holds the passphrase for the correct amount of time. This is the agent conf file: pinentry-program /usr/bin/pinentry-qt no-grab allow-mark-trusted default-cache-ttl 3600 # GPGConf disabled this option here at Fri 13 Jul 2007 10:47:33 IST # log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### default-cache-ttl 3600 allow-mark-trusted debug-level basic log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### Sun 11 Jan 2009 08:44:43 GMT # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. It may be relevant to mention that on my Mandriva laptop I use keychain to help with remote administration. There, when I open konsole for the first time each morning, I'm asked for the passphrase. I always then see * Warning: can't find an...@kde.org; skipping Identity added: /home/anne/.ssh/id_dsa (/home/anne/.ssh/id_dsa) can't connect to `/home/anne/.gnupg/log-socket': Connection refused If this (the last line) isn't relevant to this particular problem I'll deal with it in a separate thread later. It doesn't appear to stop anything working. On that particular laptop everything works as expected except for automatically importing keys for signed emails. Anne signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Setting up a new laptop - importing keyrings
On Tuesday 13 January 2009 08:15:16 Anne Wilson wrote: On Monday 12 January 2009 23:20:33 Todd Zullinger wrote: Anne Wilson wrote: I'm setting up a new netbook, and have copied into the .gnupg folder my keyrings and associated files from this laptop. Kgpg lists the keys correctly, but all is not well. When I try to set keys for signing and encryption I get the endless searching bar, as Chris described a few days ago. I know nothing of Kpg, but perhaps we can determine whether the issue is with gpg or Kgpg and that might narrow down where to look. I considered starting from an empty keyring and importing signatures as they arrive in kmail, but I think the problem is that I don't know how to get the secret key recognised. Are your secret keys listed by gpg --list-secret-keys ? Yes, they are. All CLI commands work fine. If so, then the problem isn't with the keyrings. It could be with Kgpg or the gpg-agent setup (IIRC, that was what the problem a few days ago was). I think something is preventing communication between kmail and the keyrings, but only in some circumstances. While I can't, in the Fedora installations, set my key to encrypt mail, I can read the encrypted mail that comes to me. I don't think that agent is the problem - it holds the passphrase for the correct amount of time. This is the agent conf file: pinentry-program /usr/bin/pinentry-qt no-grab allow-mark-trusted default-cache-ttl 3600 # GPGConf disabled this option here at Fri 13 Jul 2007 10:47:33 IST # log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### default-cache-ttl 3600 allow-mark-trusted debug-level basic log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### Sun 11 Jan 2009 08:44:43 GMT # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. It may be relevant to mention that on my Mandriva laptop I use keychain to help with remote administration. There, when I open konsole for the first time each morning, I'm asked for the passphrase. I always then see * Warning: can't find an...@kde.org; skipping Identity added: /home/anne/.ssh/id_dsa (/home/anne/.ssh/id_dsa) can't connect to `/home/anne/.gnupg/log-socket': Connection refused If this (the last line) isn't relevant to this particular problem I'll deal with it in a separate thread later. It doesn't appear to stop anything working. On that particular laptop everything works as expected except for automatically importing keys for signed emails. Are these log messages likely to be relevant? kdm: :0: PAM adding faulty module: /lib/security/pam_gnome_keyring.so: 5 Time(s) kdm: :0: PAM unable to dlopen(/lib/security/pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory: 5 Time(s) polkit-grant-helper: granted authorization for org.freedesktop.packagekit.package-install-untrusted to pid 9436 [uid=500] [auth=root]: 1 Time(s) Anne signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Setting up a new laptop - importing keyrings
I'm setting up a new netbook, and have copied into the .gnupg folder my keyrings and associated files from this laptop. Kgpg lists the keys correctly, but all is not well. When I try to set keys for signing and encryption I get the endless searching bar, as Chris described a few days ago. I considered starting from an empty keyring and importing signatures as they arrive in kmail, but I think the problem is that I don't know how to get the secret key recognised. I'm happy to delete everything and start again if there is a better way, but I need help to get this sorted. Thanks Anne signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Setting up a new laptop - importing keyrings
Anne Wilson wrote: I'm setting up a new netbook, and have copied into the .gnupg folder my keyrings and associated files from this laptop. Kgpg lists the keys correctly, but all is not well. When I try to set keys for signing and encryption I get the endless searching bar, as Chris described a few days ago. I know nothing of Kpg, but perhaps we can determine whether the issue is with gpg or Kgpg and that might narrow down where to look. I considered starting from an empty keyring and importing signatures as they arrive in kmail, but I think the problem is that I don't know how to get the secret key recognised. Are your secret keys listed by gpg --list-secret-keys ? If so, then the problem isn't with the keyrings. It could be with Kgpg or the gpg-agent setup (IIRC, that was what the problem a few days ago was). -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ A hen is only an egg's way of making another egg. -- Samuel Butler pgprRr9gvvrsb.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users