You are not logged in.
I'm trying to configure gpg/ggp-agent to make it usable without a GUI environment. By default, gpg-agent (which the new gpg requires) uses the default pinentry command (/usr/bin/pinentry), which is just a link /usr/bin/pinentry-gtk-2.
I've tried
eval `gpg-agent --daemon --pinentry-program /usr/bin/pinentry-curses`
but it never prompts me for a password:
# info about my key...
gpg: cancelled by user
gpg: skipped "Xyne.": Operation cancelled
gpg: signing failed: Operation cancelled
I've tried with and without exporting GPG_TTY=$(tty).
Is there a bug in pinentry-curses or am I doing something wrong?
I previously used "gpg --passphrase-df 0" in a couple of scripts, but that no longer works either (double-fun here: the GUI prompt pops up, but the command still waits for input on stdin, which it then ignores).
Last edited by Xyne (2012-03-28 20:02:10)
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Been a while since I've used it (at least prior to the recent updates), but gpg-agent gave me a curses pinentry application when I specified it in the config file.
The man page says it should work, so it could be a bug. Can't find any other examples though.
Have you tried knocking up a GUI in VB?
"...one cannot be angry when one looks at a penguin." - John Ruskin
"Life in general is a bit shit, and so too is the internet. And that's all there is." - scepticisle
Offline
Thanks for the reply.
I've tried setting it in the config too, but got the same result as the command-line option. (just double-checked)
I'm still working on the non-GUI GUI in VB.
I'm about to call it a bug and open a ticket.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Since I stopped using my server, I don't have any keys, or I'd try it again now. Sorry.
"...one cannot be angry when one looks at a penguin." - John Ruskin
"Life in general is a bit shit, and so too is the internet. And that's all there is." - scepticisle
Offline
If it makes any difference, I've tested this both on my local desktop and remote server via SSH with the following ~/.gnupg/gpg-agent.conf:
# Keyboard control
no-grab
# PIN entry program
pinentry-program /usr/bin/pinentry-curses
Did not set GPG_TTY on the server. I didn't try calling the option from the command line, though.
Scott
Offline
@firecat53
Did you mean that you got it working, or that it looks like a bug?
I've created a ticket for now: https://bugs.archlinux.org/task/29156
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
The problem is related to su. pinentry-curses works when gpg-agent is run as the login user, but not when su'ed into another account.
This is driving me crazy. Wtf did they completely disable support for the old-style CLI prompt? I'm sure they have their reasons, but relying on a chain of 2 applications instead of none just doesn't seem kiss, and displaying passphrase lengths also seems like a bad idea.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
I agree...I can see the security reasons for using a special 'passphrase collecting' program, but when it surprises me (and you) with new behavior....like how the !@#$ do I copy and paste my 25 character passphrase into this dialog box that won't let me paste into it and grabs the keyboard away??? <gooogling> Oh, you mean I need a new config file with 'no-grab' in it?? <sigh> ah well. </rant>
Hope you get it working!
Edit: Maybe this thread might shed some more light. Solution...create AUR package for gnupg 1.4?
Scott
Last edited by firecat53 (2012-03-28 22:44:52)
Offline
gpg-agent + pinentry-curses + su = bug
https://bugs.g10code.com/gnupg/issue1391
I've gone back to gpg1 for CLI-only usage:
https://aur.archlinux.org/packages.php?ID=58030
edit:
I also wrote a little gpg batch script that might be useful:
http://xyne.archlinux.ca/scripts/system … tch-script
Last edited by Xyne (2012-03-29 01:26:15)
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Thank you Xyne for the gpg1 package, saved my day
Offline
Just create a link between /usr/bin/pinentry and /usr/bin/pinentry-curses
Offline