Re: pinentry problems
On Tue 2018-04-17 00:04:11 +0200, Paul H. Hentze wrote: >> gpg: WARNING: unsafe permissions on homedir '/home/giraffenhorde/.gnupg' > > So I fixed that with > >> chown -R "$USER:$(id -gn)" ~/.gnupg >> chmod 700 ~/.gnupg >> chmod 600 ~/.gnupg/* > > from here: https://superuser.com/a/954639 this doesn't look right to me. in particular, it's going to remove the "execute/traverse" permission on ~/.gnupg/private-keys-v1.d/, which means that gpg-agent isn't going to be able to get a list of all available secret keys. Probably, you want to do the following (as your normal user account): find ~/.gnupg -type d -exec chown 0700 '{}' ';' find ~/.gnupg -type f -exec chown 0600 '{}' ';' if you do that, then you should be able to see some files whose names end in ".key" in ~/.gnupg/private-keys-v1.d/, like so: ls -l ~/.gnupg/private-keys-v1.d/*.key if that's the case, then i recommend you ask your running gpg-agent to shut down because it's probably confused: gpgconf --kill gpg-agent a new gpg-agent should start up again afterward as soon as you need it. you can also try to see which secret keys are available like this: gpg --with-keygrip --list-secret-keys You should see that the keygrips listed match the files found in the "ls" output above. If that doesn't work for you, please report back and we'll try to debug further :) --dkg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
pinentry problems
Hey folks, I'm kinda stuck here with a problem with pinentry and could use some help. I described the hole problem in detail here: https://sourceforge.net/p/enigmail/forum/support/thread/eedabe49/ For all who don't like links, I will copy it down below. Patrick Brunschwig already asked some questions and I tried some more stuff, which is all documented under the link above, but nothing helped. Has anybody any idea what to do? Best wishes Paul - - - - - - - - - - - - - - - Hi folks, I'm having some problems with GPG right know and hope you can help me. Debian 9, Thunderbird 52.7.0 (64-bit), Enigmail 2.0.2, GnuPG 2.1.18 I had a harddrive crash recently and had to set up the whole system from scratch. Because I couldn't do it properly I saved the .gnupg folder und now copied the whole thing to my new system at the same place. Since then, I can't use Mailencryption. I started with the faq page: https://www.enigmail.net/index.php/en/faq?view=topic=14#faqLink_2 Under 'How to analyze' I tried debugging and get > parseErrorOutputWith: status message: > gpg: WARNING: unsafe permissions on homedir '/home/giraffenhorde/.gnupg' So I fixed that with > chown -R "$USER:$(id -gn)" ~/.gnupg > chmod 700 ~/.gnupg > chmod 600 ~/.gnupg/* from here: https://superuser.com/a/954639 Now my secret keys are all gone. gpg --list-secret-keys gives no output and in enigmail this doesn't work either. When I want to put them in enigmail again, the system can't see them. I tried gpg --gen-key and got even more > gpg: agent_genkey failed: Kein Pinentry > Key generation failed: Kein Pinentry I went back to the enigmail Troubleshooting advises above under 'How to fix it' and tried further, so 1. is good 2. is good, I made this symlink thing, didn't help 3. is good, in my case it's pinentry-program /usr/bin/pinentry-qt4 4. is good, the gnupg versions are matching 5. I don't need this one, because 4 was good they say 6. here is where I get ERR 67108949 Kein Pinentry 7. when I type in killall gpg-agent gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh I get > gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh > gpg-agent[9469]: WARNING: "--use-standard-socket" is an obsolete option - it has no effect > gpg-agent[9469]: enabled debug flags: cache ipc > gpg-agent[9469]: DBG: chan_4 <- OK Pleased to meet you, process 9469 > gpg-agent[9469]: DBG: chan_4 -> BYE > gpg-agent: a gpg-agent is already running - not starting a new one > gpg-agent: secmem usage: 0/65536 bytes in 0 blocks I tried it without all unnecessary code above: gpg-agent --debug-level expert /bin/sh and I get > gpg-agent[9477]: enabled debug flags: cache ipc > gpg-agent[9477]: DBG: chan_3 <- OK Pleased to meet you, process 9477 > gpg-agent[9477]: gpg-agent running and available > gpg-agent[9477]: DBG: chan_3 -> BYE > gpg-agent[9477]: secmem usage: 0/65536 bytes in 0 blocks So this debugging doesn't work somehow and there is no other terminal window which opens as they say. Have you got any idea what to do? I could really use some help. Thanks in advance. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: test
Error: Test failure: Testing protocol disengaged. On Mon, Apr 16, 2018 at 9:10 AM, Paul H. Hentzewrote: > test > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
test
test ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgme_op_verify regression with gnupg 2.2.6?
On Mon, 16 Apr 2018 11:44, thomas.jaro...@intra2net.com said: > I'm wondering how to prevent other people from running into this issue. I wondered whether I should send out a notice to the announce list but I doubt that those with problems will read it. I will add a pointer to the NEWS entry at gnupg.org with the patch because I assume that will fast show up in searches. Given that 1.11.0 is close to a release we decided this morning not to release a 1.10.1. GnuPG 2.2.6 is new enough so that it will be used only be folks who would also built GPGME from source and thus either the patch or the forthcoming 1.11.0 should be okay. > Could gnupg 2.2.7 detect if gpgme is installed at all and if it is, > make sure it's at least version 1.10.1 / 1.11.0? :-) - No. Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgphImc4wzd3S.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgme_op_verify regression with gnupg 2.2.6?
Hello Werner, On Friday, 13 April 2018 12:16:22 CEST Werner Koch wrote: > On Thu, 12 Apr 2018 15:26, w...@gnupg.org said: > > Please stay tuned for a GPGME fix. I hope that you can test it too. > > I pushed a fix as weel as a new test to the master branch. I may also > release a 1.10.1 to fix this. The attached pacth should apply to 1.10.0 > and maybe also to 1.9. all tests pass fine with the additional fix for gpgme. Thanks! I'm wondering how to prevent other people from running into this issue. Could gnupg 2.2.7 detect if gpgme is installed at all and if it is, make sure it's at least version 1.10.1 / 1.11.0? Cheers, Thomas ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users