You are not logged in.

#1 2014-06-15 12:24:16

halogen
Member
Registered: 2014-06-12
Posts: 67

"The GNOME keyring manager hijacked the GnuPG agent"

I've run gpg from the command line and suddenly a dialog box appeared asking for my password: it even asked if I wanted to remember it.
Meanwhile, in my bash terminal gpg had this to say:

gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent.
gpg: WARNING: GnuPG will not work proberly - please configure that tool to not interfere with the GnuPG system!

Googling didn't help much, seems to be a new "feature"...

Any idea how can I configure the keyring manager to stay away when I'm working in bash?

Offline

#2 2014-06-15 14:53:23

twelveeighty
Member
From: Alberta, Canada
Registered: 2011-09-04
Posts: 1,140

Re: "The GNOME keyring manager hijacked the GnuPG agent"

Offline

#3 2014-07-02 20:09:11

AugustWest
Member
Registered: 2014-07-02
Posts: 1

Re: "The GNOME keyring manager hijacked the GnuPG agent"

These warnings seem to be a childish reaction from the GPG developer. Apparently in some situations gnome-keyring misbehaves when acting as a gpg-agent, but in my experience it works well and offers a nice advantage over gpg-agent, that being that it is tied in with pam and so it has the ability to unlock your keys when you login.

In general, the messages can be safely ignored. However, if you truly do want to switch away from using gnome-keyring as your gpg-agent, doing so can be tricky. It depends very much on the way your system is configured. You will need to both disable gpg in keyring and start gpg-agent. This can be a long journey to get everything configured properly. Google is your friend.

Offline

#4 2014-07-04 15:06:34

anatolik
Developer
Registered: 2012-09-27
Posts: 458

Re: "The GNOME keyring manager hijacked the GnuPG agent"

I had similar situation and decided to disable gnome-keyring's ssh and gpg agents. https://wiki.archlinux.org/index.php/GN … ing_daemon

The reason is that gnome keyring is active only when you have a GUI session active, thus it does not work for headless machines or when one SSH to the machine. It is just easier for me to use "default" agents.

PS The ssh-agent and gpg-agent is a mess from usability/configuration point of view (without those ugly environment variables). I wish there was a systemd friendly implementation of these agents.

PPS The latest gnupg use "use-standard-socket' config option by default, it means one does not need to start gpg-agent  and configure GPG_AGENT_INFO envvar manually. gpg will start agent for you transparently.


Read it before posting http://www.catb.org/esr/faqs/smart-questions.html
Ruby gems repository done right https://bbs.archlinux.org/viewtopic.php?id=182729
Fast initramfs generator with security in mind https://wiki.archlinux.org/index.php/Booster

Offline

Board footer

Powered by FluxBB