You are not logged in.
Hi,
Five days ago I began with my first Arch Linux installation on my local machine. The starting point for my Arch Linux installation was the official Arch Linux iso image ( 1GB size) copied to an USB stick.
So up to now I have installed 14 GB of software on my machine, consisting of Arch Linux software packages and currently three packages from the AUR.
My Desktop Environment is KDE Plasma 6.
By the way, this morning I applied for the currently last time the following command:
# pacman -Sy --needed archlinux-keyring && pacman -Su;-)
And now my problem, it has to do with GnuPG/gpg:
At a certain moment during the last days of installing and configuring my Arch Linux installation, it must have happened after the installation of Kleopatra, every time having logged into KDE I was asked to enter the passphrase for my public PGP key. I entered the passphrase, no problem.
Before that I had imported the secret key for my PGP key pair from an USB stick. I was asked by Kleopatra if it was really me who will now confirm that the secret key which I want to get imported by Kleopatra belongs to me. I clicked "Yes" or something like that. The line in Kleopatra representing my PGP key pair with my first and last name and the corresponding email address was labelled as "certified" in the "User ID" column.
All this worked fine with regard to gpg/gnupg, until I imported several public PGP keys from other persons and organizations into Kleopatra, of which I certified some, some of them not.
Having completed the import and certification of these public keys from third parties during one single Kleopatra session I rebooted my machine.
Having then logged into KDE again I again was asked to enter the passphrase for my PGP key pair, which I did, but from now on I got the following error messages displayed within small pop-up windows in the KDE GUI at this very moment. These error messages contain the following information:
KDE Wallet Service
System Notifications
Encryption error while attempting to save the wallet kdewallet. Error code is 53 (Unusable public key). Please fix your system configuration, then try again. This error may occur if you are not using a full trust GPG key. Please ensure you have the secret key for the key you are using.
And:
KDE Wallet: Failed to sync wallet kdewallet to disk. Error codes are: RC -7. SF Writing canceled by application. Please file a BUG report using this information to bugs.kde.org
Please note that KWalletManager is not installed on my machine.
I then tried to get my PGP key pair certified in Kleopatra and KPgp by again by importing the same secret key like the one I mentioned above, but I am still not able to get my key pair back into the "certified" status again.
As a quick and dirty workaround for this issue I just renamed the ~/.gnugp folder to ~/.gnugp_OLD and rebooted my machine.
From that moment on everything worked fine again, until I again imported public PGP keys from other persons and organizations into Kleopatra, of which I certified some, some of them not. From that moment on, having rebooted my machine the same error messages as mentioned above were and are still shown again in the GUI of KDE.
Having done some more research on gpg and so on I among other things found out that the KWatchGnuPG program can log detailed information about anything dealing with all gpg related processes and programs on my machine.
So this is the output of my last attempt to get my PGP key pair certified by Kleopatra by importing the secret key belonging to my key pair from an USB stick:
[...]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: command 'IMPORT_KEY' failed: File exists
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 -> ERR 67141667 File exists <GPG Agent>
5 - 2024-11-28 15:59:56 gpg[3002]: kid_not_found_cache: count=0 peak=0 flushes=0
5 - 2024-11-28 15:59:56 gpg[3002]: sig_cache: total=17 cached=15 good=15 bad=0
5 - 2024-11-28 15:59:56 gpg[3002]: objcache: keys=4/4/0 chains=379,1..1 buckets=383/20 attic=252
5 - 2024-11-28 15:59:56 gpg[3002]: objcache: uids=2/2/0 chains=105,1..1 buckets=107/20
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- SETKEYDESC Please+enter+the+passphrase+to+import+the+OpenPGP+secret+key:%0A%22<My first and last name>+<my email address>%22%0A2048-bit+RSA+key,+ID+<key ID>,%0Acreated+<date>+(main+key+ID+<key ID>).%0A
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 -> OK
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- IMPORT_KEY --timestamp=<timestamp> --unattended
5 - 2024-11-28 15:59:56 gpg[3002]: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
5 - 2024-11-28 15:59:56 outmix=0 getlvl1=0/0 getlvl2=0/0
5 - 2024-11-28 15:59:56 gpg[3002]: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
5 - 2024-11-28 15:59:56 gpg[3002]: secmem usage: 0/32768 bytes in 0 blocks
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 -> [[Confidential data not shown]]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- [[Confidential data not shown]]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- [[Confidential data not shown]]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- [[Confidential data not shown]]
[client at fd 5 disconnected]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: command 'IMPORT_KEY' failed: File exists
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 -> ERR 67141667 File exists <GPG Agent>
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_13 <- [eof]
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_12 -> RESTART
4 - 2024-11-28 15:59:56 gpg-agent[2209]: DBG: chan_12 <- OK
[client at fd 5 connected (local)]
[...]
Please note above the following information:
[...] command 'IMPORT_KEY' failed: File exists
What I can I do to resolve this issue? I could not find any solution. Or can I just remove the secret from my PGP key pair with the
gpg --delete-secret-key ...command, and then re-import my secret key into my PGP key pair again, without destroying the validity of my PGP key pair?
Regards,
The Analog Linux User from Earth :-D
Last edited by Analog Linux User (2024-11-30 14:28:20)
Offline
An update:
I have found a bug report at bugs.kde.org which at least partly refers to the error messages which I documented here in this thread.
It´ s bug report #353960 at bugs.kde.org:
https://bugs.kde.org/show_bug.cgi?id=353960
I did not read its content completely yet, but saw some solution proposals for the error message part "Unusable public key" somewhere within that bug report. They either do not work or are not applicable for my situation.
I will soon have a closer look at that bug report. It was opened in 2015 and is still in the status "assigned", the last entry in it has been created on 2024-07-27.
Update: I have now completely read KDE bug report #353960. The solution proposals in that bug report made by user "Andrey" from 2021-12-22 17:06:33 UTC either do not work or are not applicable for my situation.
I will now try to get the message text from the file knewwalletdialog.cpp displayed again to me, i. e possibly this text message:
No suitable keys for encryption found. To create a GPG key, you can
1) Open Kleopatra and follow Kleopatra's documentation at: https://docs.kde.org/stable5/en/kleopat … ewkey.html
2) Open Konsole and enter the command: gpg --full-gen-key, then follow the instructions.
Source: https://invent.kde.org/frameworks/kwall … equests/83
I wonder why this new text does not consider a second scenario, i. e. if someone like me loges the first time into a fresh Linux installation with KDE Plasma 6, and this person wants to implement his/her already existing PGP key pair into his/her fresh installation with KDE in connection with this kwalletd[5|6] service, and he/she then wants (and needs) to succesfully certify his/her PGP key pair in that fresh Linux installation with KDE.
Last edited by Analog Linux User (2024-11-29 12:24:25)
Offline
An update:
I could resolve this issue. This is what I did:
Kill the program gpg-agent:
$ ps -aux | grep gpg-agent
$ kill -15 <PID of gpg-agent>Rename the folder
$ ~/.gnupg/to
$ ~/.gnupg_OLDApply a reboot.
Having logged in, start Kleopatra.
The start window in Kleopatra will provide to you the possibility to import a PGP key.
Import your private key.
Apply a reboot.
Having logged into KDE, a window gets displayed on the Desktop with a message about a missing gpg.conf file.
Copy all *.conf files from the ~/.gnupg_OLD folder to the ~/.gnupg folder - except for the file common.conf (!)
Apply a reboot.
Import your public keys from other persons/organizations into Kleopatra and certify them or not.
Apply a reboot.
Having logged into KDE, you should now be able to successfully enter your passphrase for your PGP key pair into that pop-up window provided by the respective pinentry program, and your PGP key pair should now still be shown as "certified" in the Kleopatra GUI.
For more information about GnuPG, please refer to the GnuPG manual at
https://gnupg.org/documentation/manuals/gnupg/
And of course, the Arch Linux WIKI also provides useful and good information about GnuPG:
https://wiki.archlinux.org/title/GnuPG
Last edited by Analog Linux User (2024-12-02 04:07:34)
Offline