GnuPG 1.9.92 -- first findings

Patrick Brunschwig patrick at
Mon Oct 16 20:07:15 CEST 2006

Werner Koch wrote:
> On Mon, 16 Oct 2006 09:18, Patrick Brunschwig said:
>> * gpg2 reproducibly destroyed my keyring with the following sequence of
>> commands:
>> # gpg2 --charset utf8  --no-tty --status-fd 1 --logger-fd  1 \
>> --command-fd  0 --ask-cert-level --edit-key <0xKeyid> trust
>> # gpg2 --charset utf8  --batch --no-tty --status-fd 2 \
>> --with-fingerprint --fixed-list-mode --with-colons --list-keys
> I tried that suing a copy of my own key and answering 4, save.  No
> signs of a currupted keyring.  Did you used that on the command line
> or are these the invoctions from enigmail.  It would be good to see an
> lsof output then. 

I could reproduce it on the command line without Enigmail. I believe
it's related to my keyring; using just a subset of the keyring,
everything works fine. On the other hand I don't have the same issue
with gpg 1.4.5.

>> * gpg2 always uses pinentry instead of the passphrase-fd in the
>> following example:
>> # gpg2 --charset utf8  --passphrase-fd 0 --no-use-agent --no-tty \
>> --status-fd 1 --logger-fd 1 --command-fd 0 -u 0xD8A807C7CCEC227B \
>> --ask-cert-level --edit-key 9CD4D060D74A14F3 lsign
> I can't replicate this. --use-agent and --no-use-agent have no effect
> as the agent is always used unless --passphrase-fd is given.
> BTW, using passphrase-fd along with --command-fd is questionable
> because --passphrase-fd reads the passphrase once and right at startup
> whereas --command-fd ask for the passphrase as needed.

Indeed, I'll have to change it.

>> gpg2 --debug-all --recv-keys 0x810271D5
> Well, I can't find this key at all.  Using
>   gpg2 --keyserver hkp:// --recv-keys \
>     --no-permission-warning 0x5b0358a2
> works just fine.  (--no-permission-warnig is needed only in my test setup.)
>> gpg: no handler for keyserver scheme `hkp'
> What options did you set in your gpg.conf?  Also check that there is
> no gpg.conf-1.9*.  Build options?  Can you send me the config.log by
> PM?

Sure -- done.


More information about the Gnupg-devel mailing list