Re: gnupg on read-only filesystem
On Wed 2017-10-11 08:53:59 +0200, Fourhundred Thecat wrote: >> On 2017-10-10 15:48, Daniel Kahn Gillmor wrote: >> >> You could try the following: >> >> export GNUPGHOME=$(mktemp -d) >> gpg -d file.gpg >> rm -rf "$GNUPGHOME" > > thank you, that works. > > But it still starts the gpg-agent. > > How can I use gpg without the agent ? Modern GnuPG delegates passphrase caching and secret key management to the gpg-agent co-process. The gpg-agent process should disappear as soon as you remove the ephemeral home directory. Why do you care whether gpg is one process or two processes? --dkg signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg on read-only filesystem
> On 2017-10-10 15:48, Daniel Kahn Gillmor wrote: > > You could try the following: > > export GNUPGHOME=$(mktemp -d) > gpg -d file.gpg > rm -rf "$GNUPGHOME" thank you, that works. But it still starts the gpg-agent. How can I use gpg without the agent ? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg on read-only filesystem
On Tue 2017-10-10 10:51:16 +0200, Fourhundred Thecat wrote: > I am using gnupg 2.1.18-6 on Debian Stretch. Stretch currently ships 2.1.18-8~deb9u1. please update ;) > My root partition (/) is mounted read-only and I cannot use gpg as root, > because gpg wants to start gpg-agent and write to /root/.gnupg/ > > ie: > > gpg -d file.gpg > > gpg: error creating keybox '/root/.gnupg/pubring.kbx': Read-only file system > gpg: keyblock resource '/root/.gnupg/pubring.kbx': Read-only file system > gpg: can't connect to the agent: IPC connect call failed > gpg: problem with the agent: No agent running > gpg: decryption failed: No secret key > > With gpg version 1, I could use --lock-never and --no-use-agent and it > worked on read-only filesystem. > > How can I use gpg version 2 on read-only filesystem and without agent ? it looks like you're trying to decrypt a file. it also looks like you don't have any public keys stored on this machine. so maybe you're trying to decrypt a symmetrically-encrypted (password-protected) file? I'm assuming that you have a writeable filesystem somehwere (e.g. /tmp). You could try the following: export GNUPGHOME=$(mktemp -d) gpg -d file.gpg rm -rf "$GNUPGHOME" hth, --dkg signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gnupg on read-only filesystem
Hello, I am using gnupg 2.1.18-6 on Debian Stretch. My root partition (/) is mounted read-only and I cannot use gpg as root, because gpg wants to start gpg-agent and write to /root/.gnupg/ ie: gpg -d file.gpg gpg: error creating keybox '/root/.gnupg/pubring.kbx': Read-only file system gpg: keyblock resource '/root/.gnupg/pubring.kbx': Read-only file system gpg: can't connect to the agent: IPC connect call failed gpg: problem with the agent: No agent running gpg: decryption failed: No secret key With gpg version 1, I could use --lock-never and --no-use-agent and it worked on read-only filesystem. How can I use gpg version 2 on read-only filesystem and without agent ? thanks, ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users