kmail and gpg support (decryption troubles)

evdvelde · 2005-12-23 10:59:40

I can sign mails, encrypt them and verify signatures, but I'm unable to decrypt messages. I get following error:

Encrypted message (decryption not possible)
Reason: Crypto plug-in "openpgp" could not decrypt the data.
Error: Bad passphrase

It seems to be related to a missing gpg-agent, but I cannot find it in the Arch packages. Is it packaged for Arch? Are there ways to proceed without gpg-agent? Other solutions?

Thanks in adv!

T-Dawg · 2005-12-23 13:17:01

did you import the user's public key? gpg --import /path/to/file/

I've had trouble encrypting messages back and forth using evolution and kmail, but if they were encrypted with gpg as an attachement, everything worked perfect.

LB06 · 2005-12-23 14:23:46

evdvelde wrote:

I can sign mails, encrypt them and verify signatures, but I'm unable to decrypt messages. I get following error:
Encrypted message (decryption not possible)
Reason: Crypto plug-in "openpgp" could not decrypt the data.
Error: Bad passphrase
It seems to be related to a missing gpg-agent, but I cannot find it in the Arch packages. Is it packaged for Arch? Are there ways to proceed without gpg-agent? Other solutions?
Thanks in adv!

Same problem here. I also get the message of a missing gpg-agent binary @ kgpg(kde) boot.

evdvelde · 2005-12-23 15:47:59

Penguin wrote:

did you import the user's public key? gpg --import /path/to/file/

The key is imported correctly and I can sign with it, but not decrypt...

Jacob · 2005-12-23 20:38:13

The problem here is that Arch uses gpg 1.4.2, to have the program "gpg-agent" we need gpg version 1.9 (which is a beta).

Programs like Sylpheed and Evolution can get away with using Seahorse until gpg 2.0 becomes stable. Seahorse seems to do more than kgpg (ATM)...

Even if there was a gpg 1.9 package made, I don't know if everything would "click". i.e. when I sign a message, I need to input my passphrase (very annoying as its 12 characters). gpg-agent is supposed to fix this, but I'd still have to edit it's config file to make it remember the password for a fixed amount of time, as the default is only 1 hour. Or, would kgpg be able to talk to kmail and give it the info it needs?

The whole things needs a bit of time to sort itself out.

Jacob

evdvelde · 2005-12-24 13:07:29

Jacob wrote:

The problem here is that Arch uses gpg 1.4.2, to have the program "gpg-agent" we need gpg version 1.9 (which is a beta).

Then why did it work with earlier kmail versions? What was different? I think it should be possible not to use the gpg-agent as it is only there to remember your passphrase for a while, decryption is done by the 'normal' gpg. However... I did not find the trick

Jacob · 2005-12-24 13:46:12

evdvelde wrote:

Jacob wrote:
The problem here is that Arch uses gpg 1.4.2, to have the program "gpg-agent" we need gpg version 1.9 (which is a beta).
Then why did it work with earlier kmail versions? What was different? I think it should be possible not to use the gpg-agent as it is only there to remember your passphrase for a while, decryption is done by the 'normal' gpg. However... I did not find the trick

I'll show you what's different, kmail changed... Look here:

http://www.linuxjournal.com/articles/lj … 7354f3.png

see the option "keep passphrase in memory", oh how I wish our newer/shiney-er versions had that option.

It seems that kmail doesn't have that option anymore, they might have offloaded it to kgpg (which makes more sense from a design perspective). But as a result we either need gpg 1.9 (for it's gpg-agent) then toggle that option "on" in kgpg's configuration settings (under GnuPG Settings-> "Use GnuPG agent") And pray it's all integrated and has worked out all the kinks.

Jacob

Jacob · 2005-12-24 14:30:29

well I've got a small update for you...

I did: "pacman -S gnupg2" and grabbed gpg 1.9

Then I ran: gpg --rebuild-keydb-caches

Created the file: ~/.gnupg/gpg-agent.conf and added the following to it:

pinentry-program /usr/bin/pinentry-qt
no-grab
default-cache-ttl 180000

Enabled gpg-agent in kgpg as mentioned in my last post.

Then restarted my system, and ran kgpg, then kmail.

Tested by signing a message to myself and as I sent it, a new dialog box popped up. It asked for my key, I gave it. It sent, then I sent myself another email. This time it didn't ask for the key, it was automatic!

Every reboot does require the user to re-enter the key. ;(

If there is only some way kwallet would give gpg-agent the key automatically.

Jacob

evdvelde · 2005-12-24 16:57:04

Thanks a lot Jacob for your quick and helpful response, it works for me now.

Arch Linux

#1 2005-12-23 10:59:40

kmail and gpg support (decryption troubles)

#2 2005-12-23 13:17:01

Re: kmail and gpg support (decryption troubles)

#3 2005-12-23 14:23:46

Re: kmail and gpg support (decryption troubles)

#4 2005-12-23 15:47:59

Re: kmail and gpg support (decryption troubles)

#5 2005-12-23 20:38:13

Re: kmail and gpg support (decryption troubles)

#6 2005-12-24 13:07:29

Re: kmail and gpg support (decryption troubles)

#7 2005-12-24 13:46:12

Re: kmail and gpg support (decryption troubles)

#8 2005-12-24 14:30:29

Re: kmail and gpg support (decryption troubles)

#9 2005-12-24 16:57:04

Re: kmail and gpg support (decryption troubles)

Board footer