Re: can't read sent encrypted mail

2016-10-12 Thread Steve Schmerler 
On Oct 07 21:02 -0700, Kevin J. McCarthy wrote:
> On Sat, Oct 08, 2016 at 02:46:42AM +0200, Peter P. wrote:
[...]
> > How would I add my own key to the encryption in gpgme?
> 
> You could try adding an 'encrypt-to' setting in your ~/.gnupg/gpg.conf file.

Sorry for being late. I hit the same problem as Peter -- Debian's config
sets crypt_use_gpgme=yes in /etc/Muttrc.d/gpg.rc as of 1.7.x

I had the encrypt-to set in ~/.gnupg/gpg.conf before, which has the
downside that it will *always* encrypt with my key also outside of mutt,
where I might not want that. That's why I like the option of setting
--encrypt-to in gpg.rc using the classic interface -- restrict the
encrypt-to to mutt. Since gpgme is a gpg API, there seems to be no
gpgme.conf or such where one could set this option. Therefore, I'll use
the classic interface as long as it exists :)

best,
Steve

Re: can't read sent encrypted mail

2016-10-12 Thread Peter P. 
* Kevin J. McCarthy  [2016-10-08 06:07]:
> On Sat, Oct 08, 2016 at 02:46:42AM +0200, Peter P. wrote:
> > Interesting! man muttrc tells me that the default for crypt_use_gpgme is no.
> 
> Yes, but I believe they changed the system muttrc to enable it (likely
> in /etc/Muttrc.d/gpg.rc.  Your own muttrc is read afterwards and so can
> override that setting.
> 
> > Nevertheless when I
> > unset crypt_use_gpgme
> > or
> > set unset crypt_use_gpgme=no
> > the problem remains.
> 
> Which problem are you speaking of?  This will not magically allow you to
> read emails encrypted in the recent past using gpgme (that therefore
> were not also encrypted to you).  It should make emails sent henceforth
> be encrypted to you again.
> 
> > How could I debug this further?
> 
> Well, first I am assuming that this is a recent change in behavior, and
> that prior to the mutt upgrade in Debian you had no trouble reading your
> encrypted emails sent to others.
> 
> You might check that those older sent emails are still readable by you.
> 
> To make sure the option is off, type
>   :set ?crypt_use_gpgme
> and mutt should echo back 'crypt_use_gpgme is unset'
Amazing idea, thank you! It made me find out that I had another line of 
set crypt_use_gpgme=yes
sneaked into my local mutt_gpg.rc by the debian maintainers. Removing
that made mutt use its old pgp_ commands and the self-encryption works
again.
 
Thanks Kevin!
P

Re: can't read sent encrypted mail

2016-10-10 Thread Gabriel Philippe 
On Sat, Oct 8, 2016 at 1:28 AM, Kevin J. McCarthy  wrote:
> Add 'unset crypt_use_gpgme' to your muttrc, to start using your
> pgp_encrypt_sign_command again.

Mutt in Debian (ie Neomutt) also has a pgp_encrypt_self quadoption.

"Default: no
Encrypt the message to $pgp_sign_as too. (PGP only)"

-- 
Gabriel

Re: can't read sent encrypted mail

2016-10-07 Thread Kevin J. McCarthy 
On Sat, Oct 08, 2016 at 02:46:42AM +0200, Peter P. wrote:
> Interesting! man muttrc tells me that the default for crypt_use_gpgme is no.

Yes, but I believe they changed the system muttrc to enable it (likely
in /etc/Muttrc.d/gpg.rc.  Your own muttrc is read afterwards and so can
override that setting.

> Nevertheless when I
>   unset crypt_use_gpgme
> or
>   set unset crypt_use_gpgme=no
> the problem remains.

Which problem are you speaking of?  This will not magically allow you to
read emails encrypted in the recent past using gpgme (that therefore
were not also encrypted to you).  It should make emails sent henceforth
be encrypted to you again.

> How could I debug this further?

Well, first I am assuming that this is a recent change in behavior, and
that prior to the mutt upgrade in Debian you had no trouble reading your
encrypted emails sent to others.

You might check that those older sent emails are still readable by you.

To make sure the option is off, type
  :set ?crypt_use_gpgme
and mutt should echo back 'crypt_use_gpgme is unset'

Also note that this option needs to be (un)set in your muttrc and mutt
must to be restarted; you can't change it interactively to effect.

> Btw, is there any advantage of switching to gpgme?

The classic interface has some built-in size limits to the number of
recipients.  It also requires setting $pgp_use_gpg_agent appropriately
depending on if you are using gpg 1.4, 2.0, or 2.1.

However, the classic interface is better tested.  There's a lot of gpgme
code that I haven't looked at in detail, and there will likely be more
bugs that need to be shaken out of it.

> How would I add my own key to the encryption in gpgme?

You could try adding an 'encrypt-to' setting in your ~/.gnupg/gpg.conf file.

-- 
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA


signature.asc
Description: PGP signature

Re: can't read sent encrypted mail

2016-10-07 Thread Peter P. 
Hi Kevin,

* Kevin J. McCarthy  [2016-10-08 01:44]:
> On Fri, Oct 07, 2016 at 07:46:10PM +0200, Peter P. wrote:
> > Hi list,
> > 
> > I am having a strange problem with mutt (NeoMutt 1.7.0 on debian
> > testing) and gpg (GnuPG) 2.1.15
> 
> Debian switched to using GPGME by default.  GPGME does not look at the
> various $pgp_* commands, so your changes made in your muttrc are not
> taking effect.
> 
> Add 'unset crypt_use_gpgme' to your muttrc, to start using your
> pgp_encrypt_sign_command again.
Interesting! man muttrc tells me that the default for crypt_use_gpgme is no.

Nevertheless when I 
unset crypt_use_gpgme
or
set unset crypt_use_gpgme=no
the problem remains.

How could I debug this further?
Btw, is there any advantage of switching to gpgme? How would I add my
own key to the encryption in gpgme?

Thanks again!
Peter

Re: can't read sent encrypted mail

2016-10-07 Thread Kevin J. McCarthy 
On Fri, Oct 07, 2016 at 07:46:10PM +0200, Peter P. wrote:
> Hi list,
> 
> I am having a strange problem with mutt (NeoMutt 1.7.0 on debian
> testing) and gpg (GnuPG) 2.1.15

Debian switched to using GPGME by default.  GPGME does not look at the
various $pgp_* commands, so your changes made in your muttrc are not
taking effect.

Add 'unset crypt_use_gpgme' to your muttrc, to start using your
pgp_encrypt_sign_command again.

Unfortunately, emails you've already sent with gpgme enabled will not be
readable by you.

-- 
Kevin J. McCarthy
GPG Fingerprint: 8975 A9B3 3AA3 7910 385C  5308 ADEF 7684 8031 6BDA


signature.asc
Description: PGP signature

[SPAM?] Re: can't read sent encrypted mail

2016-10-07 Thread Peter P. 
Adding more information below.

* Peter P.  [2016-10-07 19:46]:
> Hi list,
> 
> I am having a strange problem with mutt (NeoMutt 1.7.0 on debian
> testing) and gpg (GnuPG) 2.1.15
> 
> Mail that I encrypt with someone else's key, and also with my own one,
> is unreadable by myself afterwards in my Sent folder. Mutt gives a
> rather short
>   Could not decrypt PGP message
> followed by 
>   Could not copy message
Messags that I encrypt to myself only are successfully decrypted.
Thanks, P

can't read sent encrypted mail

2016-10-07 Thread Peter P. 
Hi list,

I am having a strange problem with mutt (NeoMutt 1.7.0 on debian
testing) and gpg (GnuPG) 2.1.15

Mail that I encrypt with someone else's key, and also with my own one,
is unreadable by myself afterwards in my Sent folder. Mutt gives a
rather short
Could not decrypt PGP message
followed by 
Could not copy message

mutt -d 5 gives the following in .muttdebug
Entering pgp_encrypted handler
../../crypt-gpgme.c:2591: mutt_mktemp returns 
"/tmp/mutt-hostname-1000-26184-6735641325734396222".
Could not decrypt PGP message
which I can't make much sense of and which doesn't yield useful results
in a web search.

I have a .mutt/mutt_gpg.rc which has, amongst other lines
set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg
%?p?--passphrase-fd 0? --pi nentry-mode=loopback --batch --quiet
--no-verbose --textmode --output - --encrypt -- sign %?a?-u %a? --armor
--always-trust --encrypt-to 0xmyOwnKey -- -r %r -- %f"
and I sign/encrypt using my own key as well (--encrypt-to). 

PS: I discovered that there is an /etc/muttrc.d/ directory present on my
Debian system, which I was not aware of, and it holds an
/etc/muttrc.d/gpg.rc file. I wonder which one is given precedence?
Starting mutt with the -n flag (bypass system configuration file) does
not change the problematic behavior.

I am aware that debian switched to neomutt, and that gpg in mutt might
have switched to gpgme and its possible different configuration options. 
But how do I go about debugging all this? Any ideas are well appreciated!
Thank you for your help!
Peter