gpg4win: homedir option not passed on to gpg-agent

Peter C. Dietrich peter.c.dietrich at freenet.de
Thu Apr 19 11:56:06 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear members of the gnupg-users list,

I use gpg on Windows XP Sp3 via gpg4win 2.1.1-svn1694.

Context:
I try to follow the off-line primary key paradigm (to some extent), hence  
on the same computer there is one directory containing the keyring of my  
secret primary key. There is also another directory with the keyring of  
the corresponding secret subkeys for daily use. The latter one is set as  
the gpg home directory in the Windows registry as described in the GnuPG  
manual.

Specific Problem:
When I try to generate a revocation certificate for the primary key, I  
issue this command (I realize the secret-keyring option is not necessary  
here, it is only included to make clear the distinction between primary  
and subkey secret):

gpg2 --homedir path/to/primary/secret  --secret-keyring  
path/to/subkeys/secret  --gen-revoke PrimaryKeyID

This runs as expected until the point where I have to unlock the primary  
key and enter my passphrase. There the pinentry box does not pop up,  
instead I get "can't connect to the agent: IPC connect call failed" and  
the process is aborted.


Alternative Problem description:
I can reproduce the above problem just by creating a new keyring in a  
directory other than the gnupg-homedir:
gpg2 --homedir some/other/directory --gen-key. This also gives me the IPC  
connect failure, when, in fact, the pinentry dialog should have popped up.

When I start the gpg-agent directly by saying gpg-agent --daemon --homedir  
some/other/directory, I can complete the "gpg2 --homedir  
some/other/directory --gen-key" successfully, i.e. with passphrase entry  
in the pinentry box.
This leads me to believe, that the homedir option given to gpg2 is not  
passed on the gpg-agent. I don't know how exactly gpg2 calls gpg-agent  
(gpg-connect-agent, I suspect), and I don't know how to modify this call.

Would somebody, please, offer their help?

Kind regards,
Peter C. Dietrich

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBCAAGBQJPj+DhAAoJEDrApRGFmMwGpIEH/jmWrL3IEJE7YeoBV/YWFagE
tWJ59pkbmoKA3gp1kuwoTxiEyTNvAIZfhFP78k1kE+FUqRjgWecqTY9yRDbLdT47
zPXhmw46bg4uK4VMSko3lcSFqlbhalnmvPKV28rb7kBW8IsCAC4vPdknPWm6XEoa
4Q9hxkWC8mYde9bGdZUwYOmwhqj/QV4xgklzV3SpS0Y3Gel8pyK1ju+0EfqIHB+D
JS+EkXyjgd4743ie6BBjzWBimOGVknuQzyo3sMSVbrzhtu9zxcJZxBqgRoVv8aIl
FTOZSWoXdbVT0F/gbBEEUSZtXsKMj66RPF5dJbQcqigCYUc/MUSRqdfMKtN8Dbg=
=dgbR
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list