Re: Setting up a new laptop - importing keyrings
On Tuesday 13 January 2009 08:15:16 Anne Wilson wrote: > On Monday 12 January 2009 23:20:33 Todd Zullinger wrote: > > Anne Wilson wrote: > > > I'm setting up a new netbook, and have copied into the .gnupg folder > > > my keyrings and associated files from this laptop. Kgpg lists the > > > keys correctly, but all is not well. When I try to set keys for > > > signing and encryption I get the endless searching bar, as Chris > > > described a few days ago. > > > > I know nothing of Kpg, but perhaps we can determine whether the issue > > is with gpg or Kgpg and that might narrow down where to look. > > > > > I considered starting from an empty keyring and importing signatures > > > as they arrive in kmail, but I think the problem is that I don't > > > know how to get the secret key recognised. > > > > Are your secret keys listed by "gpg --list-secret-keys" ? > > Yes, they are. All CLI commands work fine. > > > If so, then > > the problem isn't with the keyrings. It could be with Kgpg or the > > gpg-agent setup (IIRC, that was what the problem a few days ago was). > > I think something is preventing communication between kmail and the > keyrings, but only in some circumstances. While I can't, in the Fedora > installations, set my key to encrypt mail, I can read the encrypted mail > that comes to me. > > I don't think that agent is the problem - it holds the passphrase for the > correct amount of time. This is the agent conf file: > > pinentry-program /usr/bin/pinentry-qt > no-grab > allow-mark-trusted > default-cache-ttl 3600 > # GPGConf disabled this option here at Fri 13 Jul 2007 10:47:33 IST > # log-file socket:///home/anne/.gnupg/log-socket > > ###+++--- GPGConf ---+++### > default-cache-ttl 3600 > allow-mark-trusted > debug-level basic > log-file socket:///home/anne/.gnupg/log-socket > ###+++--- GPGConf ---+++### Sun 11 Jan 2009 08:44:43 GMT > # GPGConf edited this configuration file. > # It will disable options before this marked block, but it will > # never change anything below these lines. > > It may be relevant to mention that on my Mandriva laptop I use keychain to > help with remote administration. There, when I open konsole for the first > time each morning, I'm asked for the passphrase. I always then see > > * Warning: can't find an...@kde.org; skipping > Identity added: /home/anne/.ssh/id_dsa (/home/anne/.ssh/id_dsa) > can't connect to `/home/anne/.gnupg/log-socket': Connection refused > > If this (the last line) isn't relevant to this particular problem I'll deal > with it in a separate thread later. It doesn't appear to stop anything > working. On that particular laptop everything works as expected except for > automatically importing keys for signed emails. > Are these log messages likely to be relevant? kdm: :0: PAM adding faulty module: /lib/security/pam_gnome_keyring.so: 5 Time(s) kdm: :0: PAM unable to dlopen(/lib/security/pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory: 5 Time(s) polkit-grant-helper: granted authorization for org.freedesktop.packagekit.package-install-untrusted to pid 9436 [uid=500] [auth=root]: 1 Time(s) Anne signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Setting up a new laptop - importing keyrings
On Monday 12 January 2009 23:20:33 Todd Zullinger wrote: > Anne Wilson wrote: > > I'm setting up a new netbook, and have copied into the .gnupg folder > > my keyrings and associated files from this laptop. Kgpg lists the > > keys correctly, but all is not well. When I try to set keys for > > signing and encryption I get the endless searching bar, as Chris > > described a few days ago. > > I know nothing of Kpg, but perhaps we can determine whether the issue > is with gpg or Kgpg and that might narrow down where to look. > > > I considered starting from an empty keyring and importing signatures > > as they arrive in kmail, but I think the problem is that I don't > > know how to get the secret key recognised. > > Are your secret keys listed by "gpg --list-secret-keys" ? Yes, they are. All CLI commands work fine. > If so, then > the problem isn't with the keyrings. It could be with Kgpg or the > gpg-agent setup (IIRC, that was what the problem a few days ago was). I think something is preventing communication between kmail and the keyrings, but only in some circumstances. While I can't, in the Fedora installations, set my key to encrypt mail, I can read the encrypted mail that comes to me. I don't think that agent is the problem - it holds the passphrase for the correct amount of time. This is the agent conf file: pinentry-program /usr/bin/pinentry-qt no-grab allow-mark-trusted default-cache-ttl 3600 # GPGConf disabled this option here at Fri 13 Jul 2007 10:47:33 IST # log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### default-cache-ttl 3600 allow-mark-trusted debug-level basic log-file socket:///home/anne/.gnupg/log-socket ###+++--- GPGConf ---+++### Sun 11 Jan 2009 08:44:43 GMT # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. It may be relevant to mention that on my Mandriva laptop I use keychain to help with remote administration. There, when I open konsole for the first time each morning, I'm asked for the passphrase. I always then see * Warning: can't find an...@kde.org; skipping Identity added: /home/anne/.ssh/id_dsa (/home/anne/.ssh/id_dsa) can't connect to `/home/anne/.gnupg/log-socket': Connection refused If this (the last line) isn't relevant to this particular problem I'll deal with it in a separate thread later. It doesn't appear to stop anything working. On that particular laptop everything works as expected except for automatically importing keys for signed emails. Anne signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Setting up a new laptop - importing keyrings
Anne Wilson wrote: > I'm setting up a new netbook, and have copied into the .gnupg folder > my keyrings and associated files from this laptop. Kgpg lists the > keys correctly, but all is not well. When I try to set keys for > signing and encryption I get the endless searching bar, as Chris > described a few days ago. I know nothing of Kpg, but perhaps we can determine whether the issue is with gpg or Kgpg and that might narrow down where to look. > I considered starting from an empty keyring and importing signatures > as they arrive in kmail, but I think the problem is that I don't > know how to get the secret key recognised. Are your secret keys listed by "gpg --list-secret-keys" ? If so, then the problem isn't with the keyrings. It could be with Kgpg or the gpg-agent setup (IIRC, that was what the problem a few days ago was). -- ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ A hen is only an egg's way of making another egg. -- Samuel Butler pgprRr9gvvrsb.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users