Re: [Enigmail] New enigmail tries to decrypt with outdated, disabled key
On 09/02/2015 11:24 PM, Patrick Brunschwig wrote: > I doubt gpg2 is correctly set up on your PC, since you're not prompted for a > password. > > Please follow this guide to ensure it's working properly: > https://enigmail.net/support/gnupg2_issues.php > > Patrick Hmm. gpg2 was set up automatically however Ubuntu 14.04 does it. It seems to work manually. And it turns out that Engimail *is* trying the right key but fails. Here is what the log says about that: [GNUPG:] NEED_PASSPHRASE 6F87153B238909D7 1 0 gpg: problem with the agent: No pinentry [GNUPG:] ERROR get_passphrase 85 [GNUPG:] MISSING_PASSPHRASE gpg: encrypted with 4096-bit RSA key, ID , created 2014-03-24 "" gpg: public key decryption failed: Operation cancelled [GNUPG:] ERROR pkdecrypt_failed 99 [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED gpg: decryption failed: No secret key [GNUPG:] END_DECRYPTION Thanks for the link to the guide. It mentions the GnuPG 2.x requires an agent to handle the passphrases. I did change the settings on the agent a year or so ago because it was preventing SSH use by loading in all the ssh keys it could find, rather than the ones I would tell it to find, and then using them out of order causing the remote service to lock me out. If I have to choose between graphical use of SSH and Engimail, I must have the latter. So, the next step is for me to find the changes I did to the agent configuration and undo them, and see if that helps. Regards, Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] New enigmail tries to decrypt with outdated, disabled key
On 09/03/2015 10:02 AM, Lars Noodén wrote: > On 09/02/2015 11:24 PM, Patrick Brunschwig wrote: ... >> Please follow this guide to ensure it's working properly: >> https://enigmail.net/support/gnupg2_issues.php ... > Thanks for the link to the guide. It mentions the GnuPG 2.x requires an > agent to handle the passphrases. ... That led to the solution. Thanks again to all who answered or thought about it. It turns out the problem was in ~/.gnupg/gpg-agent.conf When this account lived on another machine, I had been dual booting with OS X and Ubuntu 14.04 The settings in gpg-agent.conf were for OS X and the earlier versions of Engimail on Ubuntu were fine with that. The contents were: default-cache-ttl 300 max-cache-ttl 99pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac It was probably that last line causing the problem. Simply moving the file away solved the current problem. If I go back to dual booting (unlikely) in the future, I will have to solve anpther problem. Regards Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] New enigmail archives/signs with outdated, disabled key
On 09/02/2015 09:09 PM, Ludwig Hügelschäfer wrote: > On 02.09.15 19:56, Lars Noodén wrote: >> >> I can encrypt and send to another machine and decrypt there using the >> same ~/.gnupg contents. >> >> I also went through the Enigmail setup wizard again to reset the key and >> it still shows the right key but when I try to decrypt, Enigmail still >> looks for the wrong key. > > The key to decrypt is always selected automatically. The key-Id of the > receiver(s) is/are embedded in the message. You cannot decrypt a given > message with another (newer) key. What makes you think it Enigmail looks > for the wrong key? Please give us the exact error message. The error message between the message body and the headers is : Enigmail Error - decryption failed; click on 'Details' button for more information. When I click on Details and choose View Key Properties I get shown Primary User ID, Key ID, and Fingerprint which are for the wrong key. If I try to sign an outgoing message, I get this: Key 0x not found or not valid. The (sub-)key might have expired. If I go into Engimail -> Key Management -> Key properties for that key, it shows that the key is valid and expires next year. > Do you have any additional settings like "encrypt-to" in your gpg.conf file? > > Ludwig gpg.conf is stock, I haven't changed it. Here are the active lines: $ egrep -v "^#|^$" gpg.conf keyserver hkp://subkeys.pgp.net use-agent default-key FE35B305 comment GPGTools - http://gpgtools.org Regards, Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] New enigmail archives/signs with outdated, disabled key
With the most recent upgrade of Enigmail on Ubuntu 14.04 LTS, $ apt-cache policy enigmail enigmail: Installed: 2:1.8.2-0ubuntu0.14.04.1 ... my previous settings are lost and it is not using the key it used to use. Instead of using the active OpenPGP key it is using one of my archived, disabled keys. How do I change Enigmail to resume using the right key? How do I temporarily point it at the outdated key so I can at least decrypt incoming messages which have been erroneously encrypted using the outdated key? Regards, Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] From Circumvention
On 07.03.2015 21:45, Rainer Blome wrote: ... Looking at the headers, the character encoding strikes me as a potential leak, as some values, such as charset=windows-1252, hint at the probable OS used. Either Thunderbird or Enigmail often set my replies to windows-1252 instead of normal UTF-8 despite using GNU/Linux. I'm not sure which component is responsible and cannot trigger it on demand though. Regards, Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Medium Term Plan for Dropping GnuPG 1.4.x Support
On 04.02.2015 20:07, Alexander Buchner wrote: On 04.02.2015 19:00, Bob Williams wrote: I'd be surprised if Ubuntu gives you GnuPG 1.4. What is the output of gpg --version? I have a Ubuntu 14.10 system: @@@:~$ gpg --version gpg (GnuPG) 1.4.16 ... Ubuntu 14.10 will expire soon anyway. The non-LTS release now have only a 9-month life cycle. Coming up, 15.04 will have GnuPG version 1.4.18, which is still 1.4.x The current LTS desktops, 12.04 and 14.04, use 1.4.11 and 1.4.16. They will be around until 2017 and 2019. A search of backports for 14.04 LTS shows nothing in regards to GnuPG. Regards, /Lars ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Encryption dropping from draft messages
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/15/2013 05:39 PM, Patrick Brunschwig wrote: On 14.09.13 14:15, Max Maass wrote: On 09/14/2013 01:56 PM, Lars Noodén wrote: Hi, I notice that if a message draft is started encrypted and then postponed, it becomes unencrypted when the message is continued. The box becomes unchecked in the Encrypt Message checkbox under the OpenPGP menu. Then, unless encryption is re-specified right away, the draft seems to get saved unencrypted in the drafts folder. This save is automatic after a few minutes, so there is only a short window to manually restore the missing encryption. That exposes the contents of the message if no action is taken. This happens every time a message is started, postponed and then resumed. The steps to reproduce it are as follows: 1. start a message with encryption 2. save it and then postpone it, closing the message 3. find the unfinished message in the appropriate drafts folder and resume editing 4. either wait for the message to be saved (unencrypted) or repeat steps 2 and 3. The message will go from being encrypted to being unencrypted every time. I can confirm this behaviour on Linux x64 with latest (non-beta) Enigmail and Thunderbird 17.0.8 (latest from ubuntu repositories). Never noticed it before, but this is a big information leak. Is my understanding correct that you only get this behavior if the draft message is _not_ shown before you continue editing it, e.g. if the preview pane is off? -Patrick It seems to happen even with the preview pane open at the bottom of the window. Try closing and opening the message again. It will go to plain text if encryption is not manually reselected again each time. (I'm not sure of the names. The preview pane is the pane at the bottom of the window under the pane with the list of message subjects, right? ) /Lars -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlI1x8gACgkQfz2bZ9qH75ppnACfTmJZJutxSLn1Nm9qY9Ap9gm+ sxQAnRoFRgQ0w+VHCCbUlCmpSGjxAPBT =v2N7 -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Encryption dropping from draft messages
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/15/2013 05:46 PM, Patrick Brunschwig wrote: On 15.09.13 16:44, Lars Noodén wrote: On 09/15/2013 05:39 PM, Patrick Brunschwig wrote: On 14.09.13 14:15, Max Maass wrote: On 09/14/2013 01:56 PM, Lars Noodén wrote: Hi, I notice that if a message draft is started encrypted and then postponed, it becomes unencrypted when the message is continued. The box becomes unchecked in the Encrypt Message checkbox under the OpenPGP menu. Then, unless encryption is re-specified right away, the draft seems to get saved unencrypted in the drafts folder. This save is automatic after a few minutes, so there is only a short window to manually restore the missing encryption. That exposes the contents of the message if no action is taken. This happens every time a message is started, postponed and then resumed. The steps to reproduce it are as follows: 1. start a message with encryption 2. save it and then postpone it, closing the message 3. find the unfinished message in the appropriate drafts folder and resume editing 4. either wait for the message to be saved (unencrypted) or repeat steps 2 and 3. The message will go from being encrypted to being unencrypted every time. I can confirm this behaviour on Linux x64 with latest (non-beta) Enigmail and Thunderbird 17.0.8 (latest from ubuntu repositories). Never noticed it before, but this is a big information leak. Is my understanding correct that you only get this behavior if the draft message is _not_ shown before you continue editing it, e.g. if the preview pane is off? -Patrick It seems to happen even with the preview pane open at the bottom of the window. Try closing and opening the message again. It will go to plain text if encryption is not manually reselected again each time. (I'm not sure of the names. The preview pane is the pane at the bottom of the window under the pane with the list of message subjects, right? ) Is the draft message encrypted at all? -Patrick When you first close the draft message, you are given the option to encrypt the message before saving. If you choose Encrypt Message, it gets encrypted that first time. But then if you open it, the encryption goes away and any subsequent saves are unencrypted unless it is manually reselected. I'm also noticing some problems were the content of the body of the draft disappears, but that's a separate issue I think. /Lars -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlI1ymsACgkQfz2bZ9qH75qrQwCfYRNHeiCnOedWi43O6VJfvKVA ZzgAn0M9EU0YJory+jYtdsotqLzyez0y =zsGk -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] Encryption dropping from draft messages
Hi, I notice that if a message draft is started encrypted and then postponed, it becomes unencrypted when the message is continued. The box becomes unchecked in the Encrypt Message checkbox under the OpenPGP menu. Then, unless encryption is re-specified right away, the draft seems to get saved unencrypted in the drafts folder. This save is automatic after a few minutes, so there is only a short window to manually restore the missing encryption. That exposes the contents of the message if no action is taken. This happens every time a message is started, postponed and then resumed. The steps to reproduce it are as follows: 1. start a message with encryption 2. save it and then postpone it, closing the message 3. find the unfinished message in the appropriate drafts folder and resume editing 4. either wait for the message to be saved (unencrypted) or repeat steps 2 and 3. The message will go from being encrypted to being unencrypted every time. I've checked in the list of common problems and do not find this listed. https://www.enigmail.net/support/troubles.php I've looked at some of the existing bug reports and can't find anything quite like this: https://sourceforge.net/p/enigmail/bugs/search/?q=unencrypted Is this something that should be added to the list of bugs? Regards, /Lars ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net